1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * this file contains the functions relating to link management. A "link"
22 * is a connection between this device and another device. Only ACL links
23 * are managed.
24 *
25 ******************************************************************************/
26
27 #include <base/logging.h>
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <string.h>
31
32 #include "bt_common.h"
33 #include "bt_types.h"
34 #include "bt_utils.h"
35 #include "btm_api.h"
36 #include "btm_int.h"
37 #include "btu.h"
38 #include "device/include/controller.h"
39 #include "hcimsgs.h"
40 #include "l2c_api.h"
41 #include "l2c_int.h"
42 #include "l2cdefs.h"
43 #include "osi/include/osi.h"
44
45 static bool l2c_link_send_to_lower(tL2C_LCB* p_lcb, BT_HDR* p_buf,
46 tL2C_TX_COMPLETE_CB_INFO* p_cbi);
47
48 /*******************************************************************************
49 *
50 * Function l2c_link_hci_conn_req
51 *
52 * Description This function is called when an HCI Connection Request
53 * event is received.
54 *
55 * Returns true, if accept conn
56 *
57 ******************************************************************************/
l2c_link_hci_conn_req(const RawAddress & bd_addr)58 bool l2c_link_hci_conn_req(const RawAddress& bd_addr) {
59 tL2C_LCB* p_lcb;
60 tL2C_LCB* p_lcb_cur;
61 int xx;
62 bool no_links;
63
64 /* See if we have a link control block for the remote device */
65 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
66
67 /* If we don't have one, create one and accept the connection. */
68 if (!p_lcb) {
69 p_lcb = l2cu_allocate_lcb(bd_addr, false, BT_TRANSPORT_BR_EDR);
70 if (!p_lcb) {
71 btsnd_hcic_reject_conn(bd_addr, HCI_ERR_HOST_REJECT_RESOURCES);
72 L2CAP_TRACE_ERROR("L2CAP failed to allocate LCB");
73 return false;
74 }
75
76 no_links = true;
77
78 /* If we already have connection, accept as a master */
79 for (xx = 0, p_lcb_cur = &l2cb.lcb_pool[0]; xx < MAX_L2CAP_LINKS;
80 xx++, p_lcb_cur++) {
81 if (p_lcb_cur == p_lcb) continue;
82
83 if (p_lcb_cur->in_use) {
84 no_links = false;
85 p_lcb->link_role = HCI_ROLE_MASTER;
86 break;
87 }
88 }
89
90 if (no_links) {
91 if (!btm_dev_support_switch(bd_addr))
92 p_lcb->link_role = HCI_ROLE_SLAVE;
93 else
94 p_lcb->link_role = l2cu_get_conn_role(p_lcb);
95 }
96
97 /* Tell the other side we accept the connection */
98 btsnd_hcic_accept_conn(bd_addr, p_lcb->link_role);
99
100 p_lcb->link_state = LST_CONNECTING;
101
102 /* Start a timer waiting for connect complete */
103 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, L2CAP_LINK_CONNECT_TIMEOUT_MS,
104 l2c_lcb_timer_timeout, p_lcb);
105 return (true);
106 }
107
108 /* We already had a link control block to the guy. Check what state it is in
109 */
110 if ((p_lcb->link_state == LST_CONNECTING) ||
111 (p_lcb->link_state == LST_CONNECT_HOLDING)) {
112 /* Connection collision. Accept the connection anyways. */
113
114 if (!btm_dev_support_switch(bd_addr))
115 p_lcb->link_role = HCI_ROLE_SLAVE;
116 else
117 p_lcb->link_role = l2cu_get_conn_role(p_lcb);
118
119 btsnd_hcic_accept_conn(bd_addr, p_lcb->link_role);
120
121 p_lcb->link_state = LST_CONNECTING;
122 return (true);
123 } else if (p_lcb->link_state == LST_DISCONNECTING) {
124 /* In disconnecting state, reject the connection. */
125 btsnd_hcic_reject_conn(bd_addr, HCI_ERR_HOST_REJECT_DEVICE);
126 } else {
127 L2CAP_TRACE_ERROR(
128 "L2CAP got conn_req while connected (state:%d). Reject it",
129 p_lcb->link_state);
130 /* Reject the connection with ACL Connection Already exist reason */
131 btsnd_hcic_reject_conn(bd_addr, HCI_ERR_CONNECTION_EXISTS);
132 }
133 return (false);
134 }
135
136 /*******************************************************************************
137 *
138 * Function l2c_link_hci_conn_comp
139 *
140 * Description This function is called when an HCI Connection Complete
141 * event is received.
142 *
143 * Returns void
144 *
145 ******************************************************************************/
l2c_link_hci_conn_comp(uint8_t status,uint16_t handle,const RawAddress & p_bda)146 bool l2c_link_hci_conn_comp(uint8_t status, uint16_t handle,
147 const RawAddress& p_bda) {
148 tL2C_CONN_INFO ci;
149 tL2C_LCB* p_lcb;
150 tL2C_CCB* p_ccb;
151 tBTM_SEC_DEV_REC* p_dev_info = NULL;
152
153 btm_acl_update_busy_level(BTM_BLI_PAGE_DONE_EVT);
154
155 /* Save the parameters */
156 ci.status = status;
157 ci.bd_addr = p_bda;
158
159 /* See if we have a link control block for the remote device */
160 p_lcb = l2cu_find_lcb_by_bd_addr(ci.bd_addr, BT_TRANSPORT_BR_EDR);
161
162 /* If we don't have one, this is an error */
163 if (!p_lcb) {
164 L2CAP_TRACE_WARNING("L2CAP got conn_comp for unknown BD_ADDR");
165 return (false);
166 }
167
168 if (p_lcb->link_state != LST_CONNECTING) {
169 L2CAP_TRACE_ERROR("L2CAP got conn_comp in bad state: %d status: 0x%d",
170 p_lcb->link_state, status);
171
172 if (status != HCI_SUCCESS) l2c_link_hci_disc_comp(p_lcb->handle, status);
173
174 return (false);
175 }
176
177 /* Save the handle */
178 p_lcb->handle = handle;
179
180 if (ci.status == HCI_SUCCESS) {
181 /* Connected OK. Change state to connected */
182 p_lcb->link_state = LST_CONNECTED;
183
184 /* Get the peer information if the l2cap flow-control/rtrans is supported */
185 l2cu_send_peer_info_req(p_lcb, L2CAP_EXTENDED_FEATURES_INFO_TYPE);
186
187 /* Tell BTM Acl management about the link */
188 p_dev_info = btm_find_dev(p_bda);
189 if (p_dev_info != NULL)
190 btm_acl_created(ci.bd_addr, p_dev_info->dev_class,
191 p_dev_info->sec_bd_name, handle, p_lcb->link_role,
192 BT_TRANSPORT_BR_EDR);
193 else
194 btm_acl_created(ci.bd_addr, NULL, NULL, handle, p_lcb->link_role,
195 BT_TRANSPORT_BR_EDR);
196
197 BTM_SetLinkSuperTout(ci.bd_addr, btm_cb.btm_def_link_super_tout);
198
199 /* If dedicated bonding do not process any further */
200 if (p_lcb->is_bonding) {
201 if (l2cu_start_post_bond_timer(handle)) return (true);
202 }
203
204 /* Update the timeouts in the hold queue */
205 l2c_process_held_packets(false);
206
207 alarm_cancel(p_lcb->l2c_lcb_timer);
208
209 /* For all channels, send the event through their FSMs */
210 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;
211 p_ccb = p_ccb->p_next_ccb) {
212 l2c_csm_execute(p_ccb, L2CEVT_LP_CONNECT_CFM, &ci);
213 }
214
215 if (p_lcb->p_echo_rsp_cb) {
216 l2cu_send_peer_echo_req(p_lcb, NULL, 0);
217 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, L2CAP_ECHO_RSP_TIMEOUT_MS,
218 l2c_lcb_timer_timeout, p_lcb);
219 } else if (!p_lcb->ccb_queue.p_first_ccb) {
220 period_ms_t timeout_ms = L2CAP_LINK_STARTUP_TOUT * 1000;
221 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, timeout_ms,
222 l2c_lcb_timer_timeout, p_lcb);
223 }
224 }
225 /* Max number of acl connections. */
226 /* If there's an lcb disconnecting set this one to holding */
227 else if ((ci.status == HCI_ERR_MAX_NUM_OF_CONNECTIONS) &&
228 l2cu_lcb_disconnecting()) {
229 p_lcb->link_state = LST_CONNECT_HOLDING;
230 p_lcb->handle = HCI_INVALID_HANDLE;
231 } else {
232 /* Just in case app decides to try again in the callback context */
233 p_lcb->link_state = LST_DISCONNECTING;
234
235 /* Connection failed. For all channels, send the event through */
236 /* their FSMs. The CCBs should remove themselves from the LCB */
237 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;) {
238 tL2C_CCB* pn = p_ccb->p_next_ccb;
239
240 l2c_csm_execute(p_ccb, L2CEVT_LP_CONNECT_CFM_NEG, &ci);
241
242 p_ccb = pn;
243 }
244
245 p_lcb->disc_reason = status;
246 /* Release the LCB */
247 if (p_lcb->ccb_queue.p_first_ccb == NULL)
248 l2cu_release_lcb(p_lcb);
249 else /* there are any CCBs remaining */
250 {
251 if (ci.status == HCI_ERR_CONNECTION_EXISTS) {
252 /* we are in collision situation, wait for connecttion request from
253 * controller */
254 p_lcb->link_state = LST_CONNECTING;
255 } else {
256 l2cu_create_conn(p_lcb, BT_TRANSPORT_BR_EDR);
257 }
258 }
259 }
260 return (true);
261 }
262
263 /*******************************************************************************
264 *
265 * Function l2c_link_sec_comp
266 *
267 * Description This function is called when required security procedures
268 * are completed.
269 *
270 * Returns void
271 *
272 ******************************************************************************/
l2c_link_sec_comp(const RawAddress * p_bda,UNUSED_ATTR tBT_TRANSPORT transport,void * p_ref_data,uint8_t status)273 void l2c_link_sec_comp(const RawAddress* p_bda,
274 UNUSED_ATTR tBT_TRANSPORT transport, void* p_ref_data,
275 uint8_t status) {
276 l2c_link_sec_comp2(*p_bda, transport, p_ref_data, status);
277 }
278
l2c_link_sec_comp2(const RawAddress & p_bda,UNUSED_ATTR tBT_TRANSPORT transport,void * p_ref_data,uint8_t status)279 void l2c_link_sec_comp2(const RawAddress& p_bda,
280 UNUSED_ATTR tBT_TRANSPORT transport, void* p_ref_data,
281 uint8_t status) {
282 tL2C_CONN_INFO ci;
283 tL2C_LCB* p_lcb;
284 tL2C_CCB* p_ccb;
285 tL2C_CCB* p_next_ccb;
286 uint8_t event;
287
288 L2CAP_TRACE_DEBUG("l2c_link_sec_comp: %d, 0x%x", status, p_ref_data);
289
290 if (status == BTM_SUCCESS_NO_SECURITY) status = BTM_SUCCESS;
291
292 /* Save the parameters */
293 ci.status = status;
294 ci.bd_addr = p_bda;
295
296 p_lcb = l2cu_find_lcb_by_bd_addr(p_bda, transport);
297
298 /* If we don't have one, this is an error */
299 if (!p_lcb) {
300 L2CAP_TRACE_WARNING("L2CAP got sec_comp for unknown BD_ADDR");
301 return;
302 }
303
304 /* Match p_ccb with p_ref_data returned by sec manager */
305 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_next_ccb) {
306 p_next_ccb = p_ccb->p_next_ccb;
307
308 if (p_ccb == p_ref_data) {
309 switch (status) {
310 case BTM_SUCCESS:
311 event = L2CEVT_SEC_COMP;
312 break;
313
314 case BTM_DELAY_CHECK:
315 /* start a timer - encryption change not received before L2CAP connect
316 * req */
317 alarm_set_on_mloop(p_ccb->l2c_ccb_timer,
318 L2CAP_DELAY_CHECK_SM4_TIMEOUT_MS,
319 l2c_ccb_timer_timeout, p_ccb);
320 return;
321
322 default:
323 event = L2CEVT_SEC_COMP_NEG;
324 }
325 l2c_csm_execute(p_ccb, event, &ci);
326 break;
327 }
328 }
329 }
330
331 /*******************************************************************************
332 *
333 * Function l2c_link_hci_disc_comp
334 *
335 * Description This function is called when an HCI Disconnect Complete
336 * event is received.
337 *
338 * Returns true if the link is known about, else false
339 *
340 ******************************************************************************/
l2c_link_hci_disc_comp(uint16_t handle,uint8_t reason)341 bool l2c_link_hci_disc_comp(uint16_t handle, uint8_t reason) {
342 tL2C_LCB* p_lcb;
343 tL2C_CCB* p_ccb;
344 bool status = true;
345 bool lcb_is_free = true;
346 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
347
348 /* See if we have a link control block for the connection */
349 p_lcb = l2cu_find_lcb_by_handle(handle);
350
351 /* If we don't have one, maybe an SCO link. Send to MM */
352 if (!p_lcb) {
353 status = false;
354 } else {
355 /* There can be a case when we rejected PIN code authentication */
356 /* otherwise save a new reason */
357 if (btm_cb.acl_disc_reason != HCI_ERR_HOST_REJECT_SECURITY)
358 btm_cb.acl_disc_reason = reason;
359
360 p_lcb->disc_reason = btm_cb.acl_disc_reason;
361
362 /* Just in case app decides to try again in the callback context */
363 p_lcb->link_state = LST_DISCONNECTING;
364
365 /* Check for BLE and handle that differently */
366 if (p_lcb->transport == BT_TRANSPORT_LE)
367 btm_ble_update_link_topology_mask(p_lcb->link_role, false);
368 /* Link is disconnected. For all channels, send the event through */
369 /* their FSMs. The CCBs should remove themselves from the LCB */
370 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;) {
371 tL2C_CCB* pn = p_ccb->p_next_ccb;
372
373 /* Keep connect pending control block (if exists)
374 * Possible Race condition when a reconnect occurs
375 * on the channel during a disconnect of link. This
376 * ccb will be automatically retried after link disconnect
377 * arrives
378 */
379 if (p_ccb != p_lcb->p_pending_ccb) {
380 l2c_csm_execute(p_ccb, L2CEVT_LP_DISCONNECT_IND, &reason);
381 }
382 p_ccb = pn;
383 }
384
385 #if (BTM_SCO_INCLUDED == TRUE)
386 if (p_lcb->transport == BT_TRANSPORT_BR_EDR)
387 /* Tell SCO management to drop any SCOs on this ACL */
388 btm_sco_acl_removed(&p_lcb->remote_bd_addr);
389 #endif
390
391 /* If waiting for disconnect and reconnect is pending start the reconnect
392 now
393 race condition where layer above issued connect request on link that was
394 disconnecting
395 */
396 if (p_lcb->ccb_queue.p_first_ccb != NULL || p_lcb->p_pending_ccb) {
397 L2CAP_TRACE_DEBUG(
398 "l2c_link_hci_disc_comp: Restarting pending ACL request");
399 transport = p_lcb->transport;
400 /* for LE link, always drop and re-open to ensure to get LE remote feature
401 */
402 if (p_lcb->transport == BT_TRANSPORT_LE) {
403 l2cb.is_ble_connecting = false;
404 btm_acl_removed(p_lcb->remote_bd_addr, p_lcb->transport);
405 /* Release any held buffers */
406 BT_HDR* p_buf;
407 while (!list_is_empty(p_lcb->link_xmit_data_q)) {
408 p_buf = static_cast<BT_HDR*>(list_front(p_lcb->link_xmit_data_q));
409 list_remove(p_lcb->link_xmit_data_q, p_buf);
410 osi_free(p_buf);
411 }
412 } else {
413 #if (L2CAP_NUM_FIXED_CHNLS > 0)
414 /* If we are going to re-use the LCB without dropping it, release all
415 fixed channels
416 here */
417 int xx;
418 for (xx = 0; xx < L2CAP_NUM_FIXED_CHNLS; xx++) {
419 if (p_lcb->p_fixed_ccbs[xx] &&
420 p_lcb->p_fixed_ccbs[xx] != p_lcb->p_pending_ccb) {
421 (*l2cb.fixed_reg[xx].pL2CA_FixedConn_Cb)(
422 xx + L2CAP_FIRST_FIXED_CHNL, p_lcb->remote_bd_addr, false,
423 p_lcb->disc_reason, p_lcb->transport);
424 if (p_lcb->p_fixed_ccbs[xx] == NULL) {
425 L2CAP_TRACE_ERROR(
426 "%s: unexpected p_fixed_ccbs[%d] is NULL remote_bd_addr = %s "
427 "p_lcb = %p in_use = %d link_state = %d handle = %d "
428 "link_role = %d is_bonding = %d disc_reason = %d transport = "
429 "%d",
430 __func__, xx, p_lcb->remote_bd_addr.ToString().c_str(), p_lcb,
431 p_lcb->in_use, p_lcb->link_state, p_lcb->handle,
432 p_lcb->link_role, p_lcb->is_bonding, p_lcb->disc_reason,
433 p_lcb->transport);
434 }
435 CHECK(p_lcb->p_fixed_ccbs[xx] != NULL);
436 l2cu_release_ccb(p_lcb->p_fixed_ccbs[xx]);
437
438 p_lcb->p_fixed_ccbs[xx] = NULL;
439 }
440 }
441 #endif
442 }
443 if (l2cu_create_conn(p_lcb, transport))
444 lcb_is_free = false; /* still using this lcb */
445 }
446
447 p_lcb->p_pending_ccb = NULL;
448
449 /* Release the LCB */
450 if (lcb_is_free) l2cu_release_lcb(p_lcb);
451 }
452
453 /* Now that we have a free acl connection, see if any lcbs are pending */
454 if (lcb_is_free &&
455 ((p_lcb = l2cu_find_lcb_by_state(LST_CONNECT_HOLDING)) != NULL)) {
456 /* we found one-- create a connection */
457 l2cu_create_conn(p_lcb, BT_TRANSPORT_BR_EDR);
458 }
459
460 return status;
461 }
462
463 /*******************************************************************************
464 *
465 * Function l2c_link_hci_qos_violation
466 *
467 * Description This function is called when an HCI QOS Violation
468 * event is received.
469 *
470 * Returns true if the link is known about, else false
471 *
472 ******************************************************************************/
l2c_link_hci_qos_violation(uint16_t handle)473 bool l2c_link_hci_qos_violation(uint16_t handle) {
474 tL2C_LCB* p_lcb;
475 tL2C_CCB* p_ccb;
476
477 /* See if we have a link control block for the connection */
478 p_lcb = l2cu_find_lcb_by_handle(handle);
479
480 /* If we don't have one, maybe an SCO link. */
481 if (!p_lcb) return (false);
482
483 /* For all channels, tell the upper layer about it */
484 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb) {
485 if (p_ccb->p_rcb->api.pL2CA_QoSViolationInd_Cb)
486 l2c_csm_execute(p_ccb, L2CEVT_LP_QOS_VIOLATION_IND, NULL);
487 }
488
489 return (true);
490 }
491
492 /*******************************************************************************
493 *
494 * Function l2c_link_timeout
495 *
496 * Description This function is called when a link timer expires
497 *
498 * Returns void
499 *
500 ******************************************************************************/
l2c_link_timeout(tL2C_LCB * p_lcb)501 void l2c_link_timeout(tL2C_LCB* p_lcb) {
502 tL2C_CCB* p_ccb;
503 tBTM_STATUS rc;
504
505 L2CAP_TRACE_EVENT(
506 "L2CAP - l2c_link_timeout() link state %d first CCB %p is_bonding:%d",
507 p_lcb->link_state, p_lcb->ccb_queue.p_first_ccb, p_lcb->is_bonding);
508
509 /* If link was connecting or disconnecting, clear all channels and drop the
510 * LCB */
511 if ((p_lcb->link_state == LST_CONNECTING_WAIT_SWITCH) ||
512 (p_lcb->link_state == LST_CONNECTING) ||
513 (p_lcb->link_state == LST_CONNECT_HOLDING) ||
514 (p_lcb->link_state == LST_DISCONNECTING)) {
515 p_lcb->p_pending_ccb = NULL;
516
517 /* For all channels, send a disconnect indication event through */
518 /* their FSMs. The CCBs should remove themselves from the LCB */
519 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;) {
520 tL2C_CCB* pn = p_ccb->p_next_ccb;
521
522 l2c_csm_execute(p_ccb, L2CEVT_LP_DISCONNECT_IND, NULL);
523
524 p_ccb = pn;
525 }
526 if (p_lcb->link_state == LST_CONNECTING && l2cb.is_ble_connecting == true) {
527 L2CA_CancelBleConnectReq(l2cb.ble_connecting_bda);
528 }
529 /* Release the LCB */
530 l2cu_release_lcb(p_lcb);
531 }
532
533 /* If link is connected, check for inactivity timeout */
534 if (p_lcb->link_state == LST_CONNECTED) {
535 /* Check for ping outstanding */
536 if (p_lcb->p_echo_rsp_cb) {
537 tL2CA_ECHO_RSP_CB* p_cb = p_lcb->p_echo_rsp_cb;
538
539 /* Zero out the callback in case app immediately calls us again */
540 p_lcb->p_echo_rsp_cb = NULL;
541
542 (*p_cb)(L2CAP_PING_RESULT_NO_RESP);
543
544 L2CAP_TRACE_WARNING("L2CAP - ping timeout");
545
546 /* For all channels, send a disconnect indication event through */
547 /* their FSMs. The CCBs should remove themselves from the LCB */
548 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;) {
549 tL2C_CCB* pn = p_ccb->p_next_ccb;
550
551 l2c_csm_execute(p_ccb, L2CEVT_LP_DISCONNECT_IND, NULL);
552
553 p_ccb = pn;
554 }
555 }
556
557 /* If no channels in use, drop the link. */
558 if (!p_lcb->ccb_queue.p_first_ccb) {
559 period_ms_t timeout_ms;
560 bool start_timeout = true;
561
562 rc = btm_sec_disconnect(p_lcb->handle, HCI_ERR_PEER_USER);
563
564 if (rc == BTM_CMD_STORED) {
565 /* Security Manager will take care of disconnecting, state will be
566 * updated at that time */
567 start_timeout = false;
568 } else if (rc == BTM_CMD_STARTED) {
569 p_lcb->link_state = LST_DISCONNECTING;
570 timeout_ms = L2CAP_LINK_DISCONNECT_TIMEOUT_MS;
571 } else if (rc == BTM_SUCCESS) {
572 l2cu_process_fixed_disc_cback(p_lcb);
573 /* BTM SEC will make sure that link is release (probably after pairing
574 * is done) */
575 p_lcb->link_state = LST_DISCONNECTING;
576 start_timeout = false;
577 } else if (rc == BTM_BUSY) {
578 /* BTM is still executing security process. Let lcb stay as connected */
579 start_timeout = false;
580 } else if (p_lcb->is_bonding) {
581 btsnd_hcic_disconnect(p_lcb->handle, HCI_ERR_PEER_USER);
582 l2cu_process_fixed_disc_cback(p_lcb);
583 p_lcb->link_state = LST_DISCONNECTING;
584 timeout_ms = L2CAP_LINK_DISCONNECT_TIMEOUT_MS;
585 } else {
586 /* probably no buffer to send disconnect */
587 timeout_ms = BT_1SEC_TIMEOUT_MS;
588 }
589
590 if (start_timeout) {
591 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, timeout_ms,
592 l2c_lcb_timer_timeout, p_lcb);
593 }
594 } else {
595 /* Check in case we were flow controlled */
596 l2c_link_check_send_pkts(p_lcb, NULL, NULL);
597 }
598 }
599 }
600
601 /*******************************************************************************
602 *
603 * Function l2c_info_resp_timer_timeout
604 *
605 * Description This function is called when an info request times out
606 *
607 * Returns void
608 *
609 ******************************************************************************/
l2c_info_resp_timer_timeout(void * data)610 void l2c_info_resp_timer_timeout(void* data) {
611 tL2C_LCB* p_lcb = (tL2C_LCB*)data;
612 tL2C_CCB* p_ccb;
613 tL2C_CONN_INFO ci;
614
615 /* If we timed out waiting for info response, just continue using basic if
616 * allowed */
617 if (p_lcb->w4_info_rsp) {
618 /* If waiting for security complete, restart the info response timer */
619 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;
620 p_ccb = p_ccb->p_next_ccb) {
621 if ((p_ccb->chnl_state == CST_ORIG_W4_SEC_COMP) ||
622 (p_ccb->chnl_state == CST_TERM_W4_SEC_COMP)) {
623 alarm_set_on_mloop(p_lcb->info_resp_timer,
624 L2CAP_WAIT_INFO_RSP_TIMEOUT_MS,
625 l2c_info_resp_timer_timeout, p_lcb);
626 return;
627 }
628 }
629
630 p_lcb->w4_info_rsp = false;
631
632 /* If link is in process of being brought up */
633 if ((p_lcb->link_state != LST_DISCONNECTED) &&
634 (p_lcb->link_state != LST_DISCONNECTING)) {
635 /* Notify active channels that peer info is finished */
636 if (p_lcb->ccb_queue.p_first_ccb) {
637 ci.status = HCI_SUCCESS;
638 ci.bd_addr = p_lcb->remote_bd_addr;
639
640 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;
641 p_ccb = p_ccb->p_next_ccb) {
642 l2c_csm_execute(p_ccb, L2CEVT_L2CAP_INFO_RSP, &ci);
643 }
644 }
645 }
646 }
647 }
648
649 /*******************************************************************************
650 *
651 * Function l2c_link_adjust_allocation
652 *
653 * Description This function is called when a link is created or removed
654 * to calculate the amount of packets each link may send to
655 * the HCI without an ack coming back.
656 *
657 * Currently, this is a simple allocation, dividing the
658 * number of Controller Packets by the number of links. In
659 * the future, QOS configuration should be examined.
660 *
661 * Returns void
662 *
663 ******************************************************************************/
l2c_link_adjust_allocation(void)664 void l2c_link_adjust_allocation(void) {
665 uint16_t qq, yy, qq_remainder;
666 tL2C_LCB* p_lcb;
667 uint16_t hi_quota, low_quota;
668 uint16_t num_lowpri_links = 0;
669 uint16_t num_hipri_links = 0;
670 uint16_t controller_xmit_quota = l2cb.num_lm_acl_bufs;
671 uint16_t high_pri_link_quota = L2CAP_HIGH_PRI_MIN_XMIT_QUOTA_A;
672
673 /* If no links active, reset buffer quotas and controller buffers */
674 if (l2cb.num_links_active == 0) {
675 l2cb.controller_xmit_window = l2cb.num_lm_acl_bufs;
676 l2cb.round_robin_quota = l2cb.round_robin_unacked = 0;
677 return;
678 }
679
680 /* First, count the links */
681 for (yy = 0, p_lcb = &l2cb.lcb_pool[0]; yy < MAX_L2CAP_LINKS; yy++, p_lcb++) {
682 if (p_lcb->in_use) {
683 if (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH)
684 num_hipri_links++;
685 else
686 num_lowpri_links++;
687 }
688 }
689
690 /* now adjust high priority link quota */
691 low_quota = num_lowpri_links ? 1 : 0;
692 while ((num_hipri_links * high_pri_link_quota + low_quota) >
693 controller_xmit_quota)
694 high_pri_link_quota--;
695
696 /* Work out the xmit quota and buffer quota high and low priorities */
697 hi_quota = num_hipri_links * high_pri_link_quota;
698 low_quota =
699 (hi_quota < controller_xmit_quota) ? controller_xmit_quota - hi_quota : 1;
700
701 /* Work out and save the HCI xmit quota for each low priority link */
702
703 /* If each low priority link cannot have at least one buffer */
704 if (num_lowpri_links > low_quota) {
705 l2cb.round_robin_quota = low_quota;
706 qq = qq_remainder = 1;
707 }
708 /* If each low priority link can have at least one buffer */
709 else if (num_lowpri_links > 0) {
710 l2cb.round_robin_quota = 0;
711 l2cb.round_robin_unacked = 0;
712 qq = low_quota / num_lowpri_links;
713 qq_remainder = low_quota % num_lowpri_links;
714 }
715 /* If no low priority link */
716 else {
717 l2cb.round_robin_quota = 0;
718 l2cb.round_robin_unacked = 0;
719 qq = qq_remainder = 1;
720 }
721
722 L2CAP_TRACE_EVENT(
723 "l2c_link_adjust_allocation num_hipri: %u num_lowpri: %u low_quota: "
724 "%u round_robin_quota: %u qq: %u",
725 num_hipri_links, num_lowpri_links, low_quota, l2cb.round_robin_quota, qq);
726
727 /* Now, assign the quotas to each link */
728 for (yy = 0, p_lcb = &l2cb.lcb_pool[0]; yy < MAX_L2CAP_LINKS; yy++, p_lcb++) {
729 if (p_lcb->in_use) {
730 if (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH) {
731 p_lcb->link_xmit_quota = high_pri_link_quota;
732 } else {
733 /* Safety check in case we switched to round-robin with something
734 * outstanding */
735 /* if sent_not_acked is added into round_robin_unacked then don't add it
736 * again */
737 /* l2cap keeps updating sent_not_acked for exiting from round robin */
738 if ((p_lcb->link_xmit_quota > 0) && (qq == 0))
739 l2cb.round_robin_unacked += p_lcb->sent_not_acked;
740
741 p_lcb->link_xmit_quota = qq;
742 if (qq_remainder > 0) {
743 p_lcb->link_xmit_quota++;
744 qq_remainder--;
745 }
746 }
747
748 L2CAP_TRACE_EVENT(
749 "l2c_link_adjust_allocation LCB %d Priority: %d XmitQuota: %d", yy,
750 p_lcb->acl_priority, p_lcb->link_xmit_quota);
751
752 L2CAP_TRACE_EVENT(" SentNotAcked: %d RRUnacked: %d",
753 p_lcb->sent_not_acked, l2cb.round_robin_unacked);
754
755 /* There is a special case where we have readjusted the link quotas and */
756 /* this link may have sent anything but some other link sent packets so */
757 /* so we may need a timer to kick off this link's transmissions. */
758 if ((p_lcb->link_state == LST_CONNECTED) &&
759 (!list_is_empty(p_lcb->link_xmit_data_q)) &&
760 (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) {
761 alarm_set_on_mloop(p_lcb->l2c_lcb_timer,
762 L2CAP_LINK_FLOW_CONTROL_TIMEOUT_MS,
763 l2c_lcb_timer_timeout, p_lcb);
764 }
765 }
766 }
767 }
768
769 /*******************************************************************************
770 *
771 * Function l2c_link_adjust_chnl_allocation
772 *
773 * Description This function is called to calculate the amount of packets
774 * each non-F&EC channel may have outstanding.
775 *
776 * Currently, this is a simple allocation, dividing the number
777 * of packets allocated to the link by the number of channels.
778 * In the future, QOS configuration should be examined.
779 *
780 * Returns void
781 *
782 ******************************************************************************/
l2c_link_adjust_chnl_allocation(void)783 void l2c_link_adjust_chnl_allocation(void) {
784 uint8_t xx;
785
786 L2CAP_TRACE_DEBUG("%s", __func__);
787
788 /* assign buffer quota to each channel based on its data rate requirement */
789 for (xx = 0; xx < MAX_L2CAP_CHANNELS; xx++) {
790 tL2C_CCB* p_ccb = l2cb.ccb_pool + xx;
791
792 if (!p_ccb->in_use) continue;
793
794 tL2CAP_CHNL_DATA_RATE data_rate = p_ccb->tx_data_rate + p_ccb->rx_data_rate;
795 p_ccb->buff_quota = L2CAP_CBB_DEFAULT_DATA_RATE_BUFF_QUOTA * data_rate;
796 L2CAP_TRACE_EVENT(
797 "CID:0x%04x FCR Mode:%u Priority:%u TxDataRate:%u RxDataRate:%u "
798 "Quota:%u",
799 p_ccb->local_cid, p_ccb->peer_cfg.fcr.mode, p_ccb->ccb_priority,
800 p_ccb->tx_data_rate, p_ccb->rx_data_rate, p_ccb->buff_quota);
801
802 /* quota may be change so check congestion */
803 l2cu_check_channel_congestion(p_ccb);
804 }
805 }
806
807 /*******************************************************************************
808 *
809 * Function l2c_link_processs_num_bufs
810 *
811 * Description This function is called when a "controller buffer size"
812 * event is first received from the controller. It updates
813 * the L2CAP values.
814 *
815 * Returns void
816 *
817 ******************************************************************************/
l2c_link_processs_num_bufs(uint16_t num_lm_acl_bufs)818 void l2c_link_processs_num_bufs(uint16_t num_lm_acl_bufs) {
819 l2cb.num_lm_acl_bufs = l2cb.controller_xmit_window = num_lm_acl_bufs;
820 }
821
822 /*******************************************************************************
823 *
824 * Function l2c_link_pkts_rcvd
825 *
826 * Description This function is called from the HCI transport when it is
827 * time to send a "Host ready for packets" command. This is
828 * only when host to controller flow control is used. It fills
829 * in the arrays of numbers of packets and handles.
830 *
831 * Returns count of number of entries filled in
832 *
833 ******************************************************************************/
l2c_link_pkts_rcvd(UNUSED_ATTR uint16_t * num_pkts,UNUSED_ATTR uint16_t * handles)834 uint8_t l2c_link_pkts_rcvd(UNUSED_ATTR uint16_t* num_pkts,
835 UNUSED_ATTR uint16_t* handles) {
836 uint8_t num_found = 0;
837
838 return (num_found);
839 }
840
841 /*******************************************************************************
842 *
843 * Function l2c_link_role_changed
844 *
845 * Description This function is called whan a link's master/slave role
846 * change event is received. It simply updates the link control
847 * block.
848 *
849 * Returns void
850 *
851 ******************************************************************************/
l2c_link_role_changed(const RawAddress * bd_addr,uint8_t new_role,uint8_t hci_status)852 void l2c_link_role_changed(const RawAddress* bd_addr, uint8_t new_role,
853 uint8_t hci_status) {
854 tL2C_LCB* p_lcb;
855 int xx;
856
857 /* Make sure not called from HCI Command Status (bd_addr and new_role are
858 * invalid) */
859 if (bd_addr) {
860 /* If here came form hci role change event */
861 p_lcb = l2cu_find_lcb_by_bd_addr(*bd_addr, BT_TRANSPORT_BR_EDR);
862 if (p_lcb) {
863 p_lcb->link_role = new_role;
864
865 /* Reset high priority link if needed */
866 if (hci_status == HCI_SUCCESS)
867 l2cu_set_acl_priority(*bd_addr, p_lcb->acl_priority, true);
868 }
869 }
870
871 /* Check if any LCB was waiting for switch to be completed */
872 for (xx = 0, p_lcb = &l2cb.lcb_pool[0]; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
873 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTING_WAIT_SWITCH)) {
874 l2cu_create_conn_after_switch(p_lcb);
875 }
876 }
877 }
878
879 /*******************************************************************************
880 *
881 * Function l2c_pin_code_request
882 *
883 * Description This function is called whan a pin-code request is received
884 * on a connection. If there are no channels active yet on the
885 * link, it extends the link first connection timer. Make sure
886 * that inactivity timer is not extended if PIN code happens
887 * to be after last ccb released.
888 *
889 * Returns void
890 *
891 ******************************************************************************/
l2c_pin_code_request(const RawAddress & bd_addr)892 void l2c_pin_code_request(const RawAddress& bd_addr) {
893 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
894
895 if ((p_lcb) && (!p_lcb->ccb_queue.p_first_ccb)) {
896 alarm_set_on_mloop(p_lcb->l2c_lcb_timer, L2CAP_LINK_CONNECT_EXT_TIMEOUT_MS,
897 l2c_lcb_timer_timeout, p_lcb);
898 }
899 }
900
901 #if (L2CAP_WAKE_PARKED_LINK == TRUE)
902 /*******************************************************************************
903 *
904 * Function l2c_link_check_power_mode
905 *
906 * Description This function is called to check power mode.
907 *
908 * Returns true if link is going to be active from park
909 * false if nothing to send or not in park mode
910 *
911 ******************************************************************************/
l2c_link_check_power_mode(tL2C_LCB * p_lcb)912 bool l2c_link_check_power_mode(tL2C_LCB* p_lcb) {
913 tBTM_PM_MODE mode;
914 tL2C_CCB* p_ccb;
915 bool need_to_active = false;
916
917 /*
918 * We only switch park to active only if we have unsent packets
919 */
920 if (list_is_empty(p_lcb->link_xmit_data_q)) {
921 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb;
922 p_ccb = p_ccb->p_next_ccb) {
923 if (!fixed_queue_is_empty(p_ccb->xmit_hold_q)) {
924 need_to_active = true;
925 break;
926 }
927 }
928 } else
929 need_to_active = true;
930
931 /* if we have packets to send */
932 if (need_to_active) {
933 /* check power mode */
934 if (BTM_ReadPowerMode(p_lcb->remote_bd_addr, &mode) == BTM_SUCCESS) {
935 if (mode == BTM_PM_STS_PENDING) {
936 L2CAP_TRACE_DEBUG("LCB(0x%x) is in PM pending state", p_lcb->handle);
937
938 return true;
939 }
940 }
941 }
942 return false;
943 }
944 #endif /* L2CAP_WAKE_PARKED_LINK == TRUE) */
945
946 /*******************************************************************************
947 *
948 * Function l2c_link_check_send_pkts
949 *
950 * Description This function is called to check if it can send packets
951 * to the Host Controller. It may be passed the address of
952 * a packet to send.
953 *
954 * Returns void
955 *
956 ******************************************************************************/
l2c_link_check_send_pkts(tL2C_LCB * p_lcb,tL2C_CCB * p_ccb,BT_HDR * p_buf)957 void l2c_link_check_send_pkts(tL2C_LCB* p_lcb, tL2C_CCB* p_ccb, BT_HDR* p_buf) {
958 int xx;
959 bool single_write = false;
960
961 /* Save the channel ID for faster counting */
962 if (p_buf) {
963 if (p_ccb != NULL) {
964 p_buf->event = p_ccb->local_cid;
965 single_write = true;
966 } else
967 p_buf->event = 0;
968
969 p_buf->layer_specific = 0;
970 list_append(p_lcb->link_xmit_data_q, p_buf);
971
972 if (p_lcb->link_xmit_quota == 0) {
973 if (p_lcb->transport == BT_TRANSPORT_LE)
974 l2cb.ble_check_round_robin = true;
975 else
976 l2cb.check_round_robin = true;
977 }
978 }
979
980 /* If this is called from uncongested callback context break recursive
981 *calling.
982 ** This LCB will be served when receiving number of completed packet event.
983 */
984 if (l2cb.is_cong_cback_context) return;
985
986 /* If we are in a scenario where there are not enough buffers for each link to
987 ** have at least 1, then do a round-robin for all the LCBs
988 */
989 if ((p_lcb == NULL) || (p_lcb->link_xmit_quota == 0)) {
990 if (p_lcb == NULL)
991 p_lcb = l2cb.lcb_pool;
992 else if (!single_write)
993 p_lcb++;
994
995 /* Loop through, starting at the next */
996 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
997 /* Check for wraparound */
998 if (p_lcb == &l2cb.lcb_pool[MAX_L2CAP_LINKS]) p_lcb = &l2cb.lcb_pool[0];
999
1000 /* If controller window is full, nothing to do */
1001 if (((l2cb.controller_xmit_window == 0 ||
1002 (l2cb.round_robin_unacked >= l2cb.round_robin_quota)) &&
1003 (p_lcb->transport == BT_TRANSPORT_BR_EDR)) ||
1004 (p_lcb->transport == BT_TRANSPORT_LE &&
1005 (l2cb.ble_round_robin_unacked >= l2cb.ble_round_robin_quota ||
1006 l2cb.controller_le_xmit_window == 0)))
1007 continue;
1008
1009 if ((!p_lcb->in_use) || (p_lcb->partial_segment_being_sent) ||
1010 (p_lcb->link_state != LST_CONNECTED) ||
1011 (p_lcb->link_xmit_quota != 0) || (L2C_LINK_CHECK_POWER_MODE(p_lcb)))
1012 continue;
1013
1014 /* See if we can send anything from the Link Queue */
1015 if (!list_is_empty(p_lcb->link_xmit_data_q)) {
1016 p_buf = (BT_HDR*)list_front(p_lcb->link_xmit_data_q);
1017 list_remove(p_lcb->link_xmit_data_q, p_buf);
1018 l2c_link_send_to_lower(p_lcb, p_buf, NULL);
1019 } else if (single_write) {
1020 /* If only doing one write, break out */
1021 break;
1022 }
1023 /* If nothing on the link queue, check the channel queue */
1024 else {
1025 tL2C_TX_COMPLETE_CB_INFO cbi;
1026 p_buf = l2cu_get_next_buffer_to_send(p_lcb, &cbi);
1027 if (p_buf != NULL) {
1028 l2c_link_send_to_lower(p_lcb, p_buf, &cbi);
1029 }
1030 }
1031 }
1032
1033 /* If we finished without using up our quota, no need for a safety check */
1034 if ((l2cb.controller_xmit_window > 0) &&
1035 (l2cb.round_robin_unacked < l2cb.round_robin_quota) &&
1036 (p_lcb->transport == BT_TRANSPORT_BR_EDR))
1037 l2cb.check_round_robin = false;
1038
1039 if ((l2cb.controller_le_xmit_window > 0) &&
1040 (l2cb.ble_round_robin_unacked < l2cb.ble_round_robin_quota) &&
1041 (p_lcb->transport == BT_TRANSPORT_LE))
1042 l2cb.ble_check_round_robin = false;
1043 } else /* if this is not round-robin service */
1044 {
1045 /* If a partial segment is being sent, can't send anything else */
1046 if ((p_lcb->partial_segment_being_sent) ||
1047 (p_lcb->link_state != LST_CONNECTED) ||
1048 (L2C_LINK_CHECK_POWER_MODE(p_lcb)))
1049 return;
1050
1051 /* See if we can send anything from the link queue */
1052 while (((l2cb.controller_xmit_window != 0 &&
1053 (p_lcb->transport == BT_TRANSPORT_BR_EDR)) ||
1054 (l2cb.controller_le_xmit_window != 0 &&
1055 (p_lcb->transport == BT_TRANSPORT_LE))) &&
1056 (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) {
1057 if (list_is_empty(p_lcb->link_xmit_data_q)) break;
1058
1059 p_buf = (BT_HDR*)list_front(p_lcb->link_xmit_data_q);
1060 list_remove(p_lcb->link_xmit_data_q, p_buf);
1061 if (!l2c_link_send_to_lower(p_lcb, p_buf, NULL)) break;
1062 }
1063
1064 if (!single_write) {
1065 /* See if we can send anything for any channel */
1066 while (((l2cb.controller_xmit_window != 0 &&
1067 (p_lcb->transport == BT_TRANSPORT_BR_EDR)) ||
1068 (l2cb.controller_le_xmit_window != 0 &&
1069 (p_lcb->transport == BT_TRANSPORT_LE))) &&
1070 (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) {
1071 tL2C_TX_COMPLETE_CB_INFO cbi;
1072 p_buf = l2cu_get_next_buffer_to_send(p_lcb, &cbi);
1073 if (p_buf == NULL) break;
1074
1075 if (!l2c_link_send_to_lower(p_lcb, p_buf, &cbi)) break;
1076 }
1077 }
1078
1079 /* There is a special case where we have readjusted the link quotas and */
1080 /* this link may have sent anything but some other link sent packets so */
1081 /* so we may need a timer to kick off this link's transmissions. */
1082 if ((!list_is_empty(p_lcb->link_xmit_data_q)) &&
1083 (p_lcb->sent_not_acked < p_lcb->link_xmit_quota)) {
1084 alarm_set_on_mloop(p_lcb->l2c_lcb_timer,
1085 L2CAP_LINK_FLOW_CONTROL_TIMEOUT_MS,
1086 l2c_lcb_timer_timeout, p_lcb);
1087 }
1088 }
1089 }
1090
1091 /*******************************************************************************
1092 *
1093 * Function l2c_link_send_to_lower
1094 *
1095 * Description This function queues the buffer for HCI transmission
1096 *
1097 * Returns true for success, false for fail
1098 *
1099 ******************************************************************************/
l2c_link_send_to_lower(tL2C_LCB * p_lcb,BT_HDR * p_buf,tL2C_TX_COMPLETE_CB_INFO * p_cbi)1100 static bool l2c_link_send_to_lower(tL2C_LCB* p_lcb, BT_HDR* p_buf,
1101 tL2C_TX_COMPLETE_CB_INFO* p_cbi) {
1102 uint16_t num_segs;
1103 uint16_t xmit_window, acl_data_size;
1104 const controller_t* controller = controller_get_interface();
1105
1106 if ((p_buf->len <= controller->get_acl_packet_size_classic() &&
1107 (p_lcb->transport == BT_TRANSPORT_BR_EDR)) ||
1108 ((p_lcb->transport == BT_TRANSPORT_LE) &&
1109 (p_buf->len <= controller->get_acl_packet_size_ble()))) {
1110 if (p_lcb->link_xmit_quota == 0) {
1111 if (p_lcb->transport == BT_TRANSPORT_LE)
1112 l2cb.ble_round_robin_unacked++;
1113 else
1114 l2cb.round_robin_unacked++;
1115 }
1116 p_lcb->sent_not_acked++;
1117 p_buf->layer_specific = 0;
1118
1119 if (p_lcb->transport == BT_TRANSPORT_LE) {
1120 l2cb.controller_le_xmit_window--;
1121 bte_main_hci_send(
1122 p_buf, (uint16_t)(BT_EVT_TO_LM_HCI_ACL | LOCAL_BLE_CONTROLLER_ID));
1123 } else {
1124 l2cb.controller_xmit_window--;
1125 bte_main_hci_send(p_buf, BT_EVT_TO_LM_HCI_ACL);
1126 }
1127 } else {
1128 if (p_lcb->transport == BT_TRANSPORT_LE) {
1129 acl_data_size = controller->get_acl_data_size_ble();
1130 xmit_window = l2cb.controller_le_xmit_window;
1131
1132 } else {
1133 acl_data_size = controller->get_acl_data_size_classic();
1134 xmit_window = l2cb.controller_xmit_window;
1135 }
1136 num_segs = (p_buf->len - HCI_DATA_PREAMBLE_SIZE + acl_data_size - 1) /
1137 acl_data_size;
1138
1139 /* If doing round-robin, then only 1 segment each time */
1140 if (p_lcb->link_xmit_quota == 0) {
1141 num_segs = 1;
1142 p_lcb->partial_segment_being_sent = true;
1143 } else {
1144 /* Multi-segment packet. Make sure it can fit */
1145 if (num_segs > xmit_window) {
1146 num_segs = xmit_window;
1147 p_lcb->partial_segment_being_sent = true;
1148 }
1149
1150 if (num_segs > (p_lcb->link_xmit_quota - p_lcb->sent_not_acked)) {
1151 num_segs = (p_lcb->link_xmit_quota - p_lcb->sent_not_acked);
1152 p_lcb->partial_segment_being_sent = true;
1153 }
1154 }
1155
1156 p_buf->layer_specific = num_segs;
1157 if (p_lcb->transport == BT_TRANSPORT_LE) {
1158 l2cb.controller_le_xmit_window -= num_segs;
1159 if (p_lcb->link_xmit_quota == 0) l2cb.ble_round_robin_unacked += num_segs;
1160 } else {
1161 l2cb.controller_xmit_window -= num_segs;
1162
1163 if (p_lcb->link_xmit_quota == 0) l2cb.round_robin_unacked += num_segs;
1164 }
1165
1166 p_lcb->sent_not_acked += num_segs;
1167 if (p_lcb->transport == BT_TRANSPORT_LE) {
1168 bte_main_hci_send(
1169 p_buf, (uint16_t)(BT_EVT_TO_LM_HCI_ACL | LOCAL_BLE_CONTROLLER_ID));
1170 } else {
1171 bte_main_hci_send(p_buf, BT_EVT_TO_LM_HCI_ACL);
1172 }
1173 }
1174
1175 #if (L2CAP_HCI_FLOW_CONTROL_DEBUG == TRUE)
1176 if (p_lcb->transport == BT_TRANSPORT_LE) {
1177 L2CAP_TRACE_DEBUG(
1178 "TotalWin=%d,Hndl=0x%x,Quota=%d,Unack=%d,RRQuota=%d,RRUnack=%d",
1179 l2cb.controller_le_xmit_window, p_lcb->handle, p_lcb->link_xmit_quota,
1180 p_lcb->sent_not_acked, l2cb.ble_round_robin_quota,
1181 l2cb.ble_round_robin_unacked);
1182 } else {
1183 L2CAP_TRACE_DEBUG(
1184 "TotalWin=%d,Hndl=0x%x,Quota=%d,Unack=%d,RRQuota=%d,RRUnack=%d",
1185 l2cb.controller_xmit_window, p_lcb->handle, p_lcb->link_xmit_quota,
1186 p_lcb->sent_not_acked, l2cb.round_robin_quota,
1187 l2cb.round_robin_unacked);
1188 }
1189 #endif
1190
1191 if (p_cbi) l2cu_tx_complete(p_cbi);
1192
1193 return true;
1194 }
1195
1196 /*******************************************************************************
1197 *
1198 * Function l2c_link_process_num_completed_pkts
1199 *
1200 * Description This function is called when a "number-of-completed-packets"
1201 * event is received from the controller. It updates all the
1202 * LCB transmit counts.
1203 *
1204 * Returns void
1205 *
1206 ******************************************************************************/
l2c_link_process_num_completed_pkts(uint8_t * p)1207 void l2c_link_process_num_completed_pkts(uint8_t* p) {
1208 uint8_t num_handles, xx;
1209 uint16_t handle;
1210 uint16_t num_sent;
1211 tL2C_LCB* p_lcb;
1212
1213 STREAM_TO_UINT8(num_handles, p);
1214
1215 for (xx = 0; xx < num_handles; xx++) {
1216 STREAM_TO_UINT16(handle, p);
1217 STREAM_TO_UINT16(num_sent, p);
1218
1219 p_lcb = l2cu_find_lcb_by_handle(handle);
1220
1221 /* Callback for number of completed packet event */
1222 /* Originally designed for [3DSG] */
1223 if ((p_lcb != NULL) && (p_lcb->p_nocp_cb)) {
1224 L2CAP_TRACE_DEBUG("L2CAP - calling NoCP callback");
1225 (*p_lcb->p_nocp_cb)(p_lcb->remote_bd_addr);
1226 }
1227
1228 if (p_lcb) {
1229 if (p_lcb && (p_lcb->transport == BT_TRANSPORT_LE))
1230 l2cb.controller_le_xmit_window += num_sent;
1231 else {
1232 /* Maintain the total window to the controller */
1233 l2cb.controller_xmit_window += num_sent;
1234 }
1235 /* If doing round-robin, adjust communal counts */
1236 if (p_lcb->link_xmit_quota == 0) {
1237 if (p_lcb->transport == BT_TRANSPORT_LE) {
1238 /* Don't go negative */
1239 if (l2cb.ble_round_robin_unacked > num_sent)
1240 l2cb.ble_round_robin_unacked -= num_sent;
1241 else
1242 l2cb.ble_round_robin_unacked = 0;
1243 } else {
1244 /* Don't go negative */
1245 if (l2cb.round_robin_unacked > num_sent)
1246 l2cb.round_robin_unacked -= num_sent;
1247 else
1248 l2cb.round_robin_unacked = 0;
1249 }
1250 }
1251
1252 /* Don't go negative */
1253 if (p_lcb->sent_not_acked > num_sent)
1254 p_lcb->sent_not_acked -= num_sent;
1255 else
1256 p_lcb->sent_not_acked = 0;
1257
1258 l2c_link_check_send_pkts(p_lcb, NULL, NULL);
1259
1260 /* If we were doing round-robin for low priority links, check 'em */
1261 if ((p_lcb->acl_priority == L2CAP_PRIORITY_HIGH) &&
1262 (l2cb.check_round_robin) &&
1263 (l2cb.round_robin_unacked < l2cb.round_robin_quota)) {
1264 l2c_link_check_send_pkts(NULL, NULL, NULL);
1265 }
1266 if ((p_lcb->transport == BT_TRANSPORT_LE) &&
1267 (p_lcb->acl_priority == L2CAP_PRIORITY_HIGH) &&
1268 ((l2cb.ble_check_round_robin) &&
1269 (l2cb.ble_round_robin_unacked < l2cb.ble_round_robin_quota))) {
1270 l2c_link_check_send_pkts(NULL, NULL, NULL);
1271 }
1272 }
1273
1274 #if (L2CAP_HCI_FLOW_CONTROL_DEBUG == TRUE)
1275 if (p_lcb) {
1276 if (p_lcb->transport == BT_TRANSPORT_LE) {
1277 L2CAP_TRACE_DEBUG(
1278 "TotalWin=%d,LinkUnack(0x%x)=%d,RRCheck=%d,RRUnack=%d",
1279 l2cb.controller_le_xmit_window, p_lcb->handle,
1280 p_lcb->sent_not_acked, l2cb.ble_check_round_robin,
1281 l2cb.ble_round_robin_unacked);
1282 } else {
1283 L2CAP_TRACE_DEBUG(
1284 "TotalWin=%d,LinkUnack(0x%x)=%d,RRCheck=%d,RRUnack=%d",
1285 l2cb.controller_xmit_window, p_lcb->handle, p_lcb->sent_not_acked,
1286 l2cb.check_round_robin, l2cb.round_robin_unacked);
1287 }
1288 } else {
1289 L2CAP_TRACE_DEBUG(
1290 "TotalWin=%d LE_Win: %d, Handle=0x%x, RRCheck=%d, RRUnack=%d",
1291 l2cb.controller_xmit_window, l2cb.controller_le_xmit_window, handle,
1292 l2cb.ble_check_round_robin, l2cb.ble_round_robin_unacked);
1293 }
1294 #endif
1295 }
1296 }
1297
1298 /*******************************************************************************
1299 *
1300 * Function l2c_link_segments_xmitted
1301 *
1302 * Description This function is called from the HCI Interface when an ACL
1303 * data packet segment is transmitted.
1304 *
1305 * Returns void
1306 *
1307 ******************************************************************************/
l2c_link_segments_xmitted(BT_HDR * p_msg)1308 void l2c_link_segments_xmitted(BT_HDR* p_msg) {
1309 uint8_t* p = (uint8_t*)(p_msg + 1) + p_msg->offset;
1310 uint16_t handle;
1311 tL2C_LCB* p_lcb;
1312
1313 /* Extract the handle */
1314 STREAM_TO_UINT16(handle, p);
1315 handle = HCID_GET_HANDLE(handle);
1316
1317 /* Find the LCB based on the handle */
1318 p_lcb = l2cu_find_lcb_by_handle(handle);
1319 if (p_lcb == NULL) {
1320 L2CAP_TRACE_WARNING("L2CAP - rcvd segment complete, unknown handle: %d",
1321 handle);
1322 osi_free(p_msg);
1323 return;
1324 }
1325
1326 if (p_lcb->link_state == LST_CONNECTED) {
1327 /* Enqueue the buffer to the head of the transmit queue, and see */
1328 /* if we can transmit anything more. */
1329 list_prepend(p_lcb->link_xmit_data_q, p_msg);
1330
1331 p_lcb->partial_segment_being_sent = false;
1332
1333 l2c_link_check_send_pkts(p_lcb, NULL, NULL);
1334 } else
1335 osi_free(p_msg);
1336 }
1337