1 /******************************************************************************
3 * Copyright (C) 2009-2013 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
20 #include "bt_target.h"
27 #if GAP_CONN_INCLUDED == TRUE
30 /********************************************************************************/
31 /* L O C A L F U N C T I O N P R O T O T Y P E S */
32 /********************************************************************************/
33 static void gap_connect_ind (BD_ADDR bd_addr, UINT16 l2cap_cid, UINT16 psm, UINT8 l2cap_id);
34 static void gap_connect_cfm (UINT16 l2cap_cid, UINT16 result);
35 static void gap_config_ind (UINT16 l2cap_cid, tL2CAP_CFG_INFO *p_cfg);
36 static void gap_config_cfm (UINT16 l2cap_cid, tL2CAP_CFG_INFO *p_cfg);
37 static void gap_disconnect_ind (UINT16 l2cap_cid, BOOLEAN ack_needed);
38 static void gap_data_ind (UINT16 l2cap_cid, BT_HDR *p_msg);
39 static void gap_congestion_ind (UINT16 lcid, BOOLEAN is_congested);
41 static tGAP_CCB *gap_find_ccb_by_cid (UINT16 cid);
42 static tGAP_CCB *gap_find_ccb_by_handle (UINT16 handle);
43 static tGAP_CCB *gap_allocate_ccb (void);
44 static void gap_release_ccb (tGAP_CCB *p_ccb);
46 /*******************************************************************************
48 ** Function gap_conn_init
50 ** Description This function is called to initialize GAP connection management
54 *******************************************************************************/
55 void gap_conn_init (void)
57 #if AMP_INCLUDED == TRUE
58 gap_cb.conn.reg_info.pAMP_ConnectInd_Cb = gap_connect_ind;
59 gap_cb.conn.reg_info.pAMP_ConnectCfm_Cb = gap_connect_cfm;
60 gap_cb.conn.reg_info.pAMP_ConnectPnd_Cb = NULL;
61 gap_cb.conn.reg_info.pAMP_ConfigInd_Cb = gap_config_ind;
62 gap_cb.conn.reg_info.pAMP_ConfigCfm_Cb = gap_config_cfm;
63 gap_cb.conn.reg_info.pAMP_DisconnectInd_Cb = gap_disconnect_ind;
64 gap_cb.conn.reg_info.pAMP_DisconnectCfm_Cb = NULL;
65 gap_cb.conn.reg_info.pAMP_QoSViolationInd_Cb = NULL;
66 gap_cb.conn.reg_info.pAMP_DataInd_Cb = gap_data_ind;
67 gap_cb.conn.reg_info.pAMP_CongestionStatus_Cb = gap_congestion_ind;
68 gap_cb.conn.reg_info.pAMP_TxComplete_Cb = NULL;
69 gap_cb.conn.reg_info.pAMP_MoveInd_Cb = NULL;
70 gap_cb.conn.reg_info.pAMP_MoveRsp_Cb = NULL;
71 gap_cb.conn.reg_info.pAMP_MoveCfm_Cb = NULL; //gap_move_cfm
72 gap_cb.conn.reg_info.pAMP_MoveCfmRsp_Cb = NULL; //gap_move_cfm_rsp
75 gap_cb.conn.reg_info.pL2CA_ConnectInd_Cb = gap_connect_ind;
76 gap_cb.conn.reg_info.pL2CA_ConnectCfm_Cb = gap_connect_cfm;
77 gap_cb.conn.reg_info.pL2CA_ConnectPnd_Cb = NULL;
78 gap_cb.conn.reg_info.pL2CA_ConfigInd_Cb = gap_config_ind;
79 gap_cb.conn.reg_info.pL2CA_ConfigCfm_Cb = gap_config_cfm;
80 gap_cb.conn.reg_info.pL2CA_DisconnectInd_Cb = gap_disconnect_ind;
81 gap_cb.conn.reg_info.pL2CA_DisconnectCfm_Cb = NULL;
82 gap_cb.conn.reg_info.pL2CA_QoSViolationInd_Cb = NULL;
83 gap_cb.conn.reg_info.pL2CA_DataInd_Cb = gap_data_ind;
84 gap_cb.conn.reg_info.pL2CA_CongestionStatus_Cb = gap_congestion_ind;
85 gap_cb.conn.reg_info.pL2CA_TxComplete_Cb = NULL;
90 /*******************************************************************************
92 ** Function GAP_ConnOpen
94 ** Description This function is called to open an L2CAP connection.
96 ** Parameters: is_server - If TRUE, the connection is not created
97 ** but put into a "listen" mode waiting for
98 ** the remote side to connect.
100 ** service_id - Unique service ID from
101 ** BTM_SEC_SERVICE_FIRST_EMPTY (6)
102 ** to BTM_SEC_MAX_SERVICE_RECORDS (32)
104 ** p_rem_bda - Pointer to remote BD Address.
105 ** If a server, and we don't care about the
106 ** remote BD Address, then NULL should be passed.
108 ** psm - the PSM used for the connection
110 ** p_config - Optional pointer to configuration structure.
111 ** If NULL, the default GAP configuration will
114 ** security - security flags
115 ** chan_mode_mask - (GAP_FCR_CHAN_OPT_BASIC, GAP_FCR_CHAN_OPT_ERTM,
116 ** GAP_FCR_CHAN_OPT_STREAM)
118 ** p_cb - Pointer to callback function for events.
120 ** Returns handle of the connection if successful, else GAP_INVALID_HANDLE
122 *******************************************************************************/
123 UINT16 GAP_ConnOpen (char *p_serv_name, UINT8 service_id, BOOLEAN is_server,
124 BD_ADDR p_rem_bda, UINT16 psm, tL2CAP_CFG_INFO *p_cfg,
125 tL2CAP_ERTM_INFO *ertm_info, UINT16 security, UINT8 chan_mode_mask,
126 tGAP_CONN_CALLBACK *p_cb)
131 GAP_TRACE_EVENT ("GAP_CONN - Open Request");
133 /* Allocate a new CCB. Return if none available. */
134 if ((p_ccb = gap_allocate_ccb()) == NULL)
135 return (GAP_INVALID_HANDLE);
137 /* If caller specified a BD address, save it */
140 /* the bd addr is not BT_BD_ANY, then a bd address was specified */
141 if (memcmp (p_rem_bda, BT_BD_ANY, BD_ADDR_LEN))
142 p_ccb->rem_addr_specified = TRUE;
144 memcpy (&p_ccb->rem_dev_address[0], p_rem_bda, BD_ADDR_LEN);
148 /* remore addr is not specified and is not a server -> bad */
149 return (GAP_INVALID_HANDLE);
152 /* A client MUST have specified a bd addr to connect with */
153 if (!p_ccb->rem_addr_specified && !is_server)
155 gap_release_ccb (p_ccb);
156 GAP_TRACE_ERROR ("GAP ERROR: Client must specify a remote BD ADDR to connect to!");
157 return (GAP_INVALID_HANDLE);
160 /* Check if configuration was specified */
164 p_ccb->p_callback = p_cb;
166 /* If originator, use a dynamic PSM */
167 #if AMP_INCLUDED == TRUE
169 gap_cb.conn.reg_info.pAMP_ConnectInd_Cb = NULL;
171 gap_cb.conn.reg_info.pAMP_ConnectInd_Cb = gap_connect_ind;
174 gap_cb.conn.reg_info.pL2CA_ConnectInd_Cb = NULL;
176 gap_cb.conn.reg_info.pL2CA_ConnectInd_Cb = gap_connect_ind;
179 /* Register the PSM with L2CAP */
180 if ((p_ccb->psm = L2CA_REGISTER (psm, &gap_cb.conn.reg_info,
181 AMP_AUTOSWITCH_ALLOWED|AMP_USE_AMP_IF_POSSIBLE)) == 0)
183 GAP_TRACE_ERROR ("GAP_ConnOpen: Failure registering PSM 0x%04x", psm);
184 gap_release_ccb (p_ccb);
185 return (GAP_INVALID_HANDLE);
188 /* Register with Security Manager for the specific security level */
189 p_ccb->service_id = service_id;
190 if (!BTM_SetSecurityLevel ((UINT8)!is_server, p_serv_name,
191 p_ccb->service_id, security, p_ccb->psm, 0, 0))
193 GAP_TRACE_ERROR ("GAP_CONN - Security Error");
194 gap_release_ccb (p_ccb);
195 return (GAP_INVALID_HANDLE);
198 /* Fill in eL2CAP parameter data */
199 if( p_ccb->cfg.fcr_present )
201 if(ertm_info == NULL) {
202 p_ccb->ertm_info.preferred_mode = p_ccb->cfg.fcr.mode;
203 p_ccb->ertm_info.user_rx_pool_id = GAP_DATA_POOL_ID;
204 p_ccb->ertm_info.user_tx_pool_id = GAP_DATA_POOL_ID;
205 p_ccb->ertm_info.fcr_rx_pool_id = L2CAP_DEFAULT_ERM_POOL_ID;
206 p_ccb->ertm_info.fcr_tx_pool_id = L2CAP_DEFAULT_ERM_POOL_ID;
208 p_ccb->ertm_info = *ertm_info;
212 /* optional FCR channel modes */
213 if(ertm_info != NULL) {
214 p_ccb->ertm_info.allowed_modes =
215 (chan_mode_mask) ? chan_mode_mask : (UINT8)L2CAP_FCR_CHAN_OPT_BASIC;
220 p_ccb->con_flags |= GAP_CCB_FLAGS_SEC_DONE; /* assume btm/l2cap would handle it */
221 p_ccb->con_state = GAP_CCB_STATE_LISTENING;
222 return (p_ccb->gap_handle);
226 /* We are the originator of this connection */
227 p_ccb->con_flags = GAP_CCB_FLAGS_IS_ORIG;
229 /* Transition to the next appropriate state, waiting for connection confirm. */
230 p_ccb->con_state = GAP_CCB_STATE_CONN_SETUP;
232 /* mark security done flag, when security is not required */
233 if ((security & (BTM_SEC_OUT_AUTHORIZE | BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT) ) == 0)
234 p_ccb->con_flags |= GAP_CCB_FLAGS_SEC_DONE;
236 /* Check if L2CAP started the connection process */
237 if (p_rem_bda && ((cid = L2CA_CONNECT_REQ (p_ccb->psm, p_rem_bda, &p_ccb->ertm_info)) != 0))
239 p_ccb->connection_id = cid;
240 return (p_ccb->gap_handle);
244 gap_release_ccb (p_ccb);
245 return (GAP_INVALID_HANDLE);
251 /*******************************************************************************
253 ** Function GAP_ConnClose
255 ** Description This function is called to close a connection.
257 ** Parameters: handle - Handle of the connection returned by GAP_ConnOpen
259 ** Returns BT_PASS - closed OK
260 ** GAP_ERR_BAD_HANDLE - invalid handle
262 *******************************************************************************/
263 UINT16 GAP_ConnClose (UINT16 gap_handle)
265 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
267 GAP_TRACE_EVENT ("GAP_CONN - close handle: 0x%x", gap_handle);
271 /* Check if we have a connection ID */
272 if (p_ccb->con_state != GAP_CCB_STATE_LISTENING)
273 L2CA_DISCONNECT_REQ (p_ccb->connection_id);
275 gap_release_ccb (p_ccb);
280 return (GAP_ERR_BAD_HANDLE);
285 /*******************************************************************************
287 ** Function GAP_ConnReadData
289 ** Description Normally not GKI aware application will call this function
290 ** after receiving GAP_EVT_RXDATA event.
292 ** Parameters: handle - Handle of the connection returned in the Open
293 ** p_data - Data area
294 ** max_len - Byte count requested
295 ** p_len - Byte count received
297 ** Returns BT_PASS - data read
298 ** GAP_ERR_BAD_HANDLE - invalid handle
299 ** GAP_NO_DATA_AVAIL - no data available
301 *******************************************************************************/
302 UINT16 GAP_ConnReadData (UINT16 gap_handle, UINT8 *p_data, UINT16 max_len, UINT16 *p_len)
304 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
309 return (GAP_ERR_BAD_HANDLE);
313 p_buf = (BT_HDR *)GKI_getfirst (&p_ccb->rx_queue);
315 return (GAP_NO_DATA_AVAIL);
319 while (max_len && p_buf)
321 copy_len = (p_buf->len > max_len)?max_len:p_buf->len;
326 memcpy (p_data, (UINT8 *)(p_buf + 1) + p_buf->offset, copy_len);
330 if (p_buf->len > copy_len)
332 p_buf->offset += copy_len;
333 p_buf->len -= copy_len;
340 p_buf = (BT_HDR *)GKI_getnext (p_buf);
342 GKI_freebuf (GKI_dequeue (&p_ccb->rx_queue));
346 p_ccb->rx_queue_size -= *p_len;
350 GAP_TRACE_EVENT ("GAP_ConnReadData - rx_queue_size left=%d, *p_len=%d",
351 p_ccb->rx_queue_size, *p_len);
356 /*******************************************************************************
358 ** Function GAP_GetRxQueueCnt
360 ** Description This function return number of bytes on the rx queue.
362 ** Parameters: handle - Handle returned in the GAP_ConnOpen
363 ** p_rx_queue_count - Pointer to return queue count in.
366 *******************************************************************************/
367 int GAP_GetRxQueueCnt (UINT16 handle, UINT32 *p_rx_queue_count)
372 /* Check that handle is valid */
373 if (handle < GAP_MAX_CONNECTIONS)
375 p_ccb = &gap_cb.conn.ccb_pool[handle];
377 if (p_ccb->con_state == GAP_CCB_STATE_CONNECTED)
379 *p_rx_queue_count = p_ccb->rx_queue_size;
382 rc = GAP_INVALID_HANDLE;
385 rc = GAP_INVALID_HANDLE;
387 GAP_TRACE_EVENT ("GAP_GetRxQueueCnt - rc = 0x%04x, rx_queue_count=%d",
388 rc , *p_rx_queue_count);
393 /*******************************************************************************
395 ** Function GAP_ConnBTRead
397 ** Description Bluetooth aware applications will call this function after receiving
398 ** GAP_EVT_RXDATA event.
400 ** Parameters: handle - Handle of the connection returned in the Open
401 ** pp_buf - pointer to address of buffer with data,
403 ** Returns BT_PASS - data read
404 ** GAP_ERR_BAD_HANDLE - invalid handle
405 ** GAP_NO_DATA_AVAIL - no data available
407 *******************************************************************************/
408 UINT16 GAP_ConnBTRead (UINT16 gap_handle, BT_HDR **pp_buf)
410 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
414 return (GAP_ERR_BAD_HANDLE);
416 p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->rx_queue);
422 p_ccb->rx_queue_size -= p_buf->len;
428 return (GAP_NO_DATA_AVAIL);
433 /*******************************************************************************
435 ** Function GAP_ConnBTWrite
437 ** Description Bluetooth Aware applications can call this function to write data.
439 ** Parameters: handle - Handle of the connection returned in the Open
440 ** p_buf - pointer to address of buffer with data,
442 ** Returns BT_PASS - data read
443 ** GAP_ERR_BAD_HANDLE - invalid handle
444 ** GAP_ERR_BAD_STATE - connection not established
445 ** GAP_INVALID_BUF_OFFSET - buffer offset is invalid
446 *******************************************************************************/
447 UINT16 GAP_ConnBTWrite (UINT16 gap_handle, BT_HDR *p_buf)
449 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
454 return (GAP_ERR_BAD_HANDLE);
457 if (p_ccb->con_state != GAP_CCB_STATE_CONNECTED)
460 return (GAP_ERR_BAD_STATE);
463 if (p_buf->offset < L2CAP_MIN_OFFSET)
466 return (GAP_ERR_BUF_OFFSET);
469 GKI_enqueue (&p_ccb->tx_queue, p_buf);
471 if (p_ccb->is_congested)
476 /* Send the buffer through L2CAP */
477 #if (GAP_CONN_POST_EVT_INCLUDED == TRUE)
478 gap_send_event (gap_handle);
480 while ((p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->tx_queue)) != NULL)
482 UINT8 status = L2CA_DATA_WRITE (p_ccb->connection_id, p_buf);
484 if (status == L2CAP_DW_CONGESTED)
486 p_ccb->is_congested = TRUE;
489 else if (status != L2CAP_DW_SUCCESS)
490 return (GAP_ERR_BAD_STATE);
497 /*******************************************************************************
499 ** Function GAP_ConnWriteData
501 ** Description Normally not GKI aware application will call this function
502 ** to send data to the connection.
504 ** Parameters: handle - Handle of the connection returned in the Open
505 ** p_data - Data area
506 ** max_len - Byte count requested
507 ** p_len - Byte count received
509 ** Returns BT_PASS - data read
510 ** GAP_ERR_BAD_HANDLE - invalid handle
511 ** GAP_ERR_BAD_STATE - connection not established
512 ** GAP_CONGESTION - system is congested
514 *******************************************************************************/
515 UINT16 GAP_ConnWriteData (UINT16 gap_handle, UINT8 *p_data, UINT16 max_len, UINT16 *p_len)
517 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
523 return (GAP_ERR_BAD_HANDLE);
525 if (p_ccb->con_state != GAP_CCB_STATE_CONNECTED)
526 return (GAP_ERR_BAD_STATE);
530 if (p_ccb->cfg.fcr.mode == L2CAP_FCR_ERTM_MODE)
532 if ((p_buf = (BT_HDR *)GKI_getpoolbuf (p_ccb->ertm_info.user_tx_pool_id)) == NULL)
533 return (GAP_ERR_CONGESTED);
537 if ((p_buf = (BT_HDR *)GKI_getpoolbuf (GAP_DATA_POOL_ID)) == NULL)
538 return (GAP_ERR_CONGESTED);
541 p_buf->offset = L2CAP_MIN_OFFSET;
542 p_buf->len = (p_ccb->rem_mtu_size < max_len) ? p_ccb->rem_mtu_size : max_len;
543 p_buf->event = BT_EVT_TO_BTU_SP_DATA;
545 memcpy ((UINT8 *)(p_buf + 1) + p_buf->offset, p_data, p_buf->len);
547 *p_len += p_buf->len;
548 max_len -= p_buf->len;
549 p_data += p_buf->len;
551 GAP_TRACE_EVENT ("GAP_WriteData %d bytes", p_buf->len);
553 GKI_enqueue (&p_ccb->tx_queue, p_buf);
556 if (p_ccb->is_congested)
561 /* Send the buffer through L2CAP */
562 #if (GAP_CONN_POST_EVT_INCLUDED == TRUE)
563 gap_send_event (gap_handle);
565 while ((p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->tx_queue)) != NULL)
567 UINT8 status = L2CA_DATA_WRITE (p_ccb->connection_id, p_buf);
569 if (status == L2CAP_DW_CONGESTED)
571 p_ccb->is_congested = TRUE;
574 else if (status != L2CAP_DW_SUCCESS)
575 return (GAP_ERR_BAD_STATE);
582 /*******************************************************************************
584 ** Function GAP_ConnReconfig
586 ** Description Applications can call this function to reconfigure the connection.
588 ** Parameters: handle - Handle of the connection
589 ** p_cfg - Pointer to new configuration
591 ** Returns BT_PASS - config process started
592 ** GAP_ERR_BAD_HANDLE - invalid handle
594 *******************************************************************************/
595 UINT16 GAP_ConnReconfig (UINT16 gap_handle, tL2CAP_CFG_INFO *p_cfg)
597 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
600 return (GAP_ERR_BAD_HANDLE);
604 if (p_ccb->con_state == GAP_CCB_STATE_CONNECTED)
605 L2CA_CONFIG_REQ (p_ccb->connection_id, p_cfg);
612 /*******************************************************************************
614 ** Function GAP_ConnSetIdleTimeout
616 ** Description Higher layers call this function to set the idle timeout for
617 ** a connection, or for all future connections. The "idle timeout"
618 ** is the amount of time that a connection can remain up with
619 ** no L2CAP channels on it. A timeout of zero means that the
620 ** connection will be torn down immediately when the last channel
621 ** is removed. A timeout of 0xFFFF means no timeout. Values are
624 ** Parameters: handle - Handle of the connection
626 ** 0 = immediate disconnect when last channel is removed
627 ** 0xFFFF = no idle timeout
629 ** Returns BT_PASS - config process started
630 ** GAP_ERR_BAD_HANDLE - invalid handle
632 *******************************************************************************/
633 UINT16 GAP_ConnSetIdleTimeout (UINT16 gap_handle, UINT16 timeout)
637 if ((p_ccb = gap_find_ccb_by_handle (gap_handle)) == NULL)
638 return (GAP_ERR_BAD_HANDLE);
640 if (L2CA_SetIdleTimeout (p_ccb->connection_id, timeout, FALSE))
643 return (GAP_ERR_BAD_HANDLE);
648 /*******************************************************************************
650 ** Function GAP_ConnGetRemoteAddr
652 ** Description This function is called to get the remote BD address
655 ** Parameters: handle - Handle of the connection returned by GAP_ConnOpen
657 ** Returns BT_PASS - closed OK
658 ** GAP_ERR_BAD_HANDLE - invalid handle
660 *******************************************************************************/
661 UINT8 *GAP_ConnGetRemoteAddr (UINT16 gap_handle)
663 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (gap_handle);
665 GAP_TRACE_EVENT ("GAP_ConnGetRemoteAddr gap_handle = %d", gap_handle);
667 if ((p_ccb) && (p_ccb->con_state > GAP_CCB_STATE_LISTENING))
669 GAP_TRACE_EVENT("GAP_ConnGetRemoteAddr bda :0x%02x:0x%02x:0x%02x:0x%02x:0x%02x:0x%02x\n", \
670 p_ccb->rem_dev_address[0],p_ccb->rem_dev_address[1],p_ccb->rem_dev_address[2],
671 p_ccb->rem_dev_address[3],p_ccb->rem_dev_address[4],p_ccb->rem_dev_address[5]);
672 return (p_ccb->rem_dev_address);
676 GAP_TRACE_EVENT ("GAP_ConnGetRemoteAddr return Error ");
682 /*******************************************************************************
684 ** Function GAP_ConnGetRemMtuSize
686 ** Description Returns the remote device's MTU size
688 ** Parameters: handle - Handle of the connection
690 ** Returns UINT16 - maximum size buffer that can be transmitted to the peer
692 *******************************************************************************/
693 UINT16 GAP_ConnGetRemMtuSize (UINT16 gap_handle)
697 if ((p_ccb = gap_find_ccb_by_handle (gap_handle)) == NULL)
700 return (p_ccb->rem_mtu_size);
703 /*******************************************************************************
705 ** Function GAP_ConnGetL2CAPCid
707 ** Description Returns the L2CAP channel id
709 ** Parameters: handle - Handle of the connection
711 ** Returns UINT16 - The L2CAP channel id
714 *******************************************************************************/
715 UINT16 GAP_ConnGetL2CAPCid (UINT16 gap_handle)
719 if ((p_ccb = gap_find_ccb_by_handle (gap_handle)) == NULL)
722 return (p_ccb->connection_id);
726 /*******************************************************************************
728 ** Function gap_connect_ind
730 ** Description This function handles an inbound connection indication
731 ** from L2CAP. This is the case where we are acting as a
736 *******************************************************************************/
737 static void gap_connect_ind (BD_ADDR bd_addr, UINT16 l2cap_cid, UINT16 psm, UINT8 l2cap_id)
742 /* See if we have a CCB listening for the connection */
743 for (xx = 0, p_ccb = gap_cb.conn.ccb_pool; xx < GAP_MAX_CONNECTIONS; xx++, p_ccb++)
745 if ((p_ccb->con_state == GAP_CCB_STATE_LISTENING)
746 && (p_ccb->psm == psm)
747 && ((p_ccb->rem_addr_specified == FALSE)
748 || (!memcmp (bd_addr, p_ccb->rem_dev_address, BD_ADDR_LEN))))
752 if (xx == GAP_MAX_CONNECTIONS)
754 GAP_TRACE_WARNING("*******");
755 GAP_TRACE_WARNING("WARNING: GAP Conn Indication for Unexpected Bd Addr...Disconnecting");
756 GAP_TRACE_WARNING("*******");
758 /* Disconnect because it is an unexpected connection */
759 L2CA_DISCONNECT_REQ (l2cap_cid);
763 /* Transition to the next appropriate state, waiting for config setup. */
764 p_ccb->con_state = GAP_CCB_STATE_CFG_SETUP;
766 /* Save the BD Address and Channel ID. */
767 memcpy (&p_ccb->rem_dev_address[0], bd_addr, BD_ADDR_LEN);
768 p_ccb->connection_id = l2cap_cid;
770 /* Send response to the L2CAP layer. */
771 L2CA_CONNECT_RSP (bd_addr, l2cap_id, l2cap_cid, L2CAP_CONN_OK, L2CAP_CONN_OK, &p_ccb->ertm_info);
773 GAP_TRACE_EVENT("GAP_CONN - Rcvd L2CAP conn ind, CID: 0x%x", p_ccb->connection_id);
775 /* Send a Configuration Request. */
776 L2CA_CONFIG_REQ (l2cap_cid, &p_ccb->cfg);
779 /*******************************************************************************
781 ** Function gap_checks_con_flags
783 ** Description This function processes the L2CAP configuration indication
788 *******************************************************************************/
789 static void gap_checks_con_flags (tGAP_CCB *p_ccb)
791 GAP_TRACE_EVENT ("gap_checks_con_flags conn_flags:0x%x, ", p_ccb->con_flags);
792 /* if all the required con_flags are set, report the OPEN event now */
793 if ((p_ccb->con_flags & GAP_CCB_FLAGS_CONN_DONE) == GAP_CCB_FLAGS_CONN_DONE)
795 p_ccb->con_state = GAP_CCB_STATE_CONNECTED;
797 p_ccb->p_callback (p_ccb->gap_handle, GAP_EVT_CONN_OPENED);
801 /*******************************************************************************
803 ** Function gap_sec_check_complete
805 ** Description The function called when Security Manager finishes
806 ** verification of the service side connection
810 *******************************************************************************/
811 static void gap_sec_check_complete (BD_ADDR bd_addr, tBT_TRANSPORT transport, void *p_ref_data, UINT8 res)
813 tGAP_CCB *p_ccb = (tGAP_CCB *)p_ref_data;
817 GAP_TRACE_EVENT ("gap_sec_check_complete conn_state:%d, conn_flags:0x%x, status:%d",
818 p_ccb->con_state, p_ccb->con_flags, res);
819 if (p_ccb->con_state == GAP_CCB_STATE_IDLE)
822 if (res == BTM_SUCCESS)
824 p_ccb->con_flags |= GAP_CCB_FLAGS_SEC_DONE;
825 gap_checks_con_flags (p_ccb);
829 /* security failed - disconnect the channel */
830 L2CA_DISCONNECT_REQ (p_ccb->connection_id);
834 /*******************************************************************************
836 ** Function gap_connect_cfm
838 ** Description This function handles the connect confirm events
839 ** from L2CAP. This is the case when we are acting as a
840 ** client and have sent a connect request.
844 *******************************************************************************/
845 static void gap_connect_cfm (UINT16 l2cap_cid, UINT16 result)
849 /* Find CCB based on CID */
850 if ((p_ccb = gap_find_ccb_by_cid (l2cap_cid)) == NULL)
853 /* initiate security process, if needed */
854 if ( (p_ccb->con_flags & GAP_CCB_FLAGS_SEC_DONE) == 0)
856 btm_sec_mx_access_request (p_ccb->rem_dev_address, p_ccb->psm, TRUE,
857 0, 0, &gap_sec_check_complete, p_ccb);
860 /* If the connection response contains success status, then */
861 /* Transition to the next state and startup the timer. */
862 if ((result == L2CAP_CONN_OK) && (p_ccb->con_state == GAP_CCB_STATE_CONN_SETUP))
864 p_ccb->con_state = GAP_CCB_STATE_CFG_SETUP;
866 /* Send a Configuration Request. */
867 L2CA_CONFIG_REQ (l2cap_cid, &p_ccb->cfg);
871 /* Tell the user if he has a callback */
872 if (p_ccb->p_callback)
873 (*p_ccb->p_callback) (p_ccb->gap_handle, GAP_EVT_CONN_CLOSED);
875 gap_release_ccb (p_ccb);
879 /*******************************************************************************
881 ** Function gap_config_ind
883 ** Description This function processes the L2CAP configuration indication
888 *******************************************************************************/
889 static void gap_config_ind (UINT16 l2cap_cid, tL2CAP_CFG_INFO *p_cfg)
892 UINT16 local_mtu_size;
894 /* Find CCB based on CID */
895 if ((p_ccb = gap_find_ccb_by_cid (l2cap_cid)) == NULL)
898 /* Remember the remote MTU size */
900 if (p_ccb->cfg.fcr.mode == L2CAP_FCR_ERTM_MODE)
902 local_mtu_size = GKI_get_pool_bufsize (p_ccb->ertm_info.user_tx_pool_id)
903 - sizeof(BT_HDR) - L2CAP_MIN_OFFSET;
906 local_mtu_size = L2CAP_MTU_SIZE;
908 if ((!p_cfg->mtu_present)||(p_cfg->mtu > local_mtu_size))
910 p_ccb->rem_mtu_size = local_mtu_size;
913 p_ccb->rem_mtu_size = p_cfg->mtu;
915 /* For now, always accept configuration from the other side */
916 p_cfg->flush_to_present = FALSE;
917 p_cfg->mtu_present = FALSE;
918 p_cfg->result = L2CAP_CFG_OK;
919 p_cfg->fcs_present = FALSE;
921 L2CA_CONFIG_RSP (l2cap_cid, p_cfg);
923 p_ccb->con_flags |= GAP_CCB_FLAGS_HIS_CFG_DONE;
925 gap_checks_con_flags (p_ccb);
929 /*******************************************************************************
931 ** Function gap_config_cfm
933 ** Description This function processes the L2CAP configuration confirmation
938 *******************************************************************************/
939 static void gap_config_cfm (UINT16 l2cap_cid, tL2CAP_CFG_INFO *p_cfg)
943 /* Find CCB based on CID */
944 if ((p_ccb = gap_find_ccb_by_cid (l2cap_cid)) == NULL)
947 if (p_cfg->result == L2CAP_CFG_OK)
949 p_ccb->con_flags |= GAP_CCB_FLAGS_MY_CFG_DONE;
952 if (p_ccb->cfg.fcr_present)
953 p_ccb->cfg.fcr.mode = p_cfg->fcr.mode;
955 p_ccb->cfg.fcr.mode = L2CAP_FCR_BASIC_MODE;
957 gap_checks_con_flags (p_ccb);
961 p_ccb->p_callback (p_ccb->gap_handle, GAP_EVT_CONN_CLOSED);
962 gap_release_ccb (p_ccb);
967 /*******************************************************************************
969 ** Function gap_disconnect_ind
971 ** Description This function handles a disconnect event from L2CAP. If
972 ** requested to, we ack the disconnect before dropping the CCB
976 *******************************************************************************/
977 static void gap_disconnect_ind (UINT16 l2cap_cid, BOOLEAN ack_needed)
981 GAP_TRACE_EVENT ("GAP_CONN - Rcvd L2CAP disc, CID: 0x%x", l2cap_cid);
983 /* Find CCB based on CID */
984 if ((p_ccb = gap_find_ccb_by_cid (l2cap_cid)) == NULL)
988 L2CA_DISCONNECT_RSP (l2cap_cid);
990 p_ccb->p_callback (p_ccb->gap_handle, GAP_EVT_CONN_CLOSED);
991 gap_release_ccb (p_ccb);
995 /*******************************************************************************
997 ** Function gap_data_ind
999 ** Description This function is called when data is received from L2CAP.
1003 *******************************************************************************/
1004 static void gap_data_ind (UINT16 l2cap_cid, BT_HDR *p_msg)
1008 /* Find CCB based on CID */
1009 if ((p_ccb = gap_find_ccb_by_cid (l2cap_cid)) == NULL)
1011 GKI_freebuf (p_msg);
1015 if (p_ccb->con_state == GAP_CCB_STATE_CONNECTED)
1017 GKI_enqueue (&p_ccb->rx_queue, p_msg);
1019 p_ccb->rx_queue_size += p_msg->len;
1021 GAP_TRACE_EVENT ("gap_data_ind - rx_queue_size=%d, msg len=%d",
1022 p_ccb->rx_queue_size, p_msg->len);
1025 p_ccb->p_callback (p_ccb->gap_handle, GAP_EVT_CONN_DATA_AVAIL);
1029 GKI_freebuf (p_msg);
1034 /*******************************************************************************
1036 ** Function gap_congestion_ind
1038 ** Description This is a callback function called by L2CAP when
1039 ** data L2CAP congestion status changes
1041 *******************************************************************************/
1042 static void gap_congestion_ind (UINT16 lcid, BOOLEAN is_congested)
1049 GAP_TRACE_EVENT ("GAP_CONN - Rcvd L2CAP Is Congested (%d), CID: 0x%x",
1050 is_congested, lcid);
1052 /* Find CCB based on CID */
1053 if ((p_ccb = gap_find_ccb_by_cid (lcid)) == NULL)
1056 p_ccb->is_congested = is_congested;
1058 event = (is_congested) ? GAP_EVT_CONN_CONGESTED : GAP_EVT_CONN_UNCONGESTED;
1059 p_ccb->p_callback (p_ccb->gap_handle, event);
1063 while ((p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->tx_queue)) != NULL)
1065 status = L2CA_DATA_WRITE (p_ccb->connection_id, p_buf);
1067 if (status == L2CAP_DW_CONGESTED)
1069 p_ccb->is_congested = TRUE;
1072 else if (status != L2CAP_DW_SUCCESS)
1079 /*******************************************************************************
1081 ** Function gap_find_ccb_by_cid
1083 ** Description This function searches the CCB table for an entry with the
1086 ** Returns the CCB address, or NULL if not found.
1088 *******************************************************************************/
1089 static tGAP_CCB *gap_find_ccb_by_cid (UINT16 cid)
1094 /* Look through each connection control block */
1095 for (xx = 0, p_ccb = gap_cb.conn.ccb_pool; xx < GAP_MAX_CONNECTIONS; xx++, p_ccb++)
1097 if ((p_ccb->con_state != GAP_CCB_STATE_IDLE) && (p_ccb->connection_id == cid))
1101 /* If here, not found */
1106 /*******************************************************************************
1108 ** Function gap_find_ccb_by_handle
1110 ** Description This function searches the CCB table for an entry with the
1113 ** Returns the CCB address, or NULL if not found.
1115 *******************************************************************************/
1116 static tGAP_CCB *gap_find_ccb_by_handle (UINT16 handle)
1120 /* Check that handle is valid */
1121 if (handle < GAP_MAX_CONNECTIONS)
1123 p_ccb = &gap_cb.conn.ccb_pool[handle];
1125 if (p_ccb->con_state != GAP_CCB_STATE_IDLE)
1129 /* If here, handle points to invalid connection */
1134 /*******************************************************************************
1136 ** Function gap_allocate_ccb
1138 ** Description This function allocates a new CCB.
1140 ** Returns CCB address, or NULL if none available.
1142 *******************************************************************************/
1143 static tGAP_CCB *gap_allocate_ccb (void)
1148 /* Look through each connection control block for a free one */
1149 for (xx = 0, p_ccb = gap_cb.conn.ccb_pool; xx < GAP_MAX_CONNECTIONS; xx++, p_ccb++)
1151 if (p_ccb->con_state == GAP_CCB_STATE_IDLE)
1153 memset (p_ccb, 0, sizeof (tGAP_CCB));
1155 p_ccb->gap_handle = xx;
1156 p_ccb->rem_mtu_size = L2CAP_MTU_SIZE;
1162 /* If here, no free CCB found */
1167 /*******************************************************************************
1169 ** Function gap_release_ccb
1171 ** Description This function releases a CCB.
1175 *******************************************************************************/
1176 static void gap_release_ccb (tGAP_CCB *p_ccb)
1179 UINT16 psm = p_ccb->psm;
1180 UINT8 service_id = p_ccb->service_id;
1182 /* Drop any buffers we may be holding */
1183 p_ccb->rx_queue_size = 0;
1185 while (p_ccb->rx_queue._p_first)
1186 GKI_freebuf (GKI_dequeue (&p_ccb->rx_queue));
1188 while (p_ccb->tx_queue._p_first)
1189 GKI_freebuf (GKI_dequeue (&p_ccb->tx_queue));
1191 p_ccb->con_state = GAP_CCB_STATE_IDLE;
1193 /* If no-one else is using the PSM, deregister from L2CAP */
1194 for (xx = 0, p_ccb = gap_cb.conn.ccb_pool; xx < GAP_MAX_CONNECTIONS; xx++, p_ccb++)
1196 if ((p_ccb->con_state != GAP_CCB_STATE_IDLE) && (p_ccb->psm == psm))
1200 /* Free the security record for this PSM */
1201 BTM_SecClrService(service_id);
1202 L2CA_DEREGISTER (psm);
1205 #if (GAP_CONN_POST_EVT_INCLUDED == TRUE)
1207 /*******************************************************************************
1209 ** Function gap_send_event
1211 ** Description Send BT_EVT_TO_GAP_MSG event to BTU task
1215 *******************************************************************************/
1216 void gap_send_event (UINT16 gap_handle)
1220 if ((p_msg = (BT_HDR*)GKI_getbuf(BT_HDR_SIZE)) != NULL)
1222 p_msg->event = BT_EVT_TO_GAP_MSG;
1225 p_msg->layer_specific = gap_handle;
1227 GKI_send_msg(BTU_TASK, BTU_HCI_RCV_MBOX, p_msg);
1231 GAP_TRACE_ERROR("Unable to allocate message buffer for event.");
1235 /*******************************************************************************
1237 ** Function gap_proc_btu_event
1239 ** Description Event handler for BT_EVT_TO_GAP_MSG event from BTU task
1243 *******************************************************************************/
1244 void gap_proc_btu_event(BT_HDR *p_msg)
1246 tGAP_CCB *p_ccb = gap_find_ccb_by_handle (p_msg->layer_specific);
1255 if (p_ccb->con_state != GAP_CCB_STATE_CONNECTED)
1260 if (p_ccb->is_congested)
1265 /* Send the buffer through L2CAP */
1267 while ((p_buf = (BT_HDR *)GKI_dequeue (&p_ccb->tx_queue)) != NULL)
1269 status = L2CA_DATA_WRITE (p_ccb->connection_id, p_buf);
1271 if (status == L2CAP_DW_CONGESTED)
1273 p_ccb->is_congested = TRUE;
1276 else if (status != L2CAP_DW_SUCCESS)
1281 #endif /* (GAP_CONN_POST_EVT_INCLUDED == TRUE) */
1282 #endif /* GAP_CONN_INCLUDED */