1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20 #include <stdint.h>
21 #include <stdlib.h>
22 #include <assert.h>
23 #include <string.h>
24 #include "sysinit/sysinit.h"
25 #include "syscfg/syscfg.h"
26 #include "os/os.h"
27 #include "os/os_cputime.h"
28 #include "stats/stats.h"
29 #include "nimble/ble.h"
30 #include "nimble/nimble_opt.h"
31 #include "nimble/hci_common.h"
32 #include "nimble/ble_hci_trans.h"
33 #include "controller/ble_hw.h"
34 #include "controller/ble_phy.h"
35 #include "controller/ble_phy_trace.h"
36 #include "controller/ble_ll.h"
37 #include "controller/ble_ll_adv.h"
38 #include "controller/ble_ll_sched.h"
39 #include "controller/ble_ll_scan.h"
40 #include "controller/ble_ll_hci.h"
41 #include "controller/ble_ll_whitelist.h"
42 #include "controller/ble_ll_resolv.h"
43 #include "controller/ble_ll_xcvr.h"
44 #include "controller/ble_ll_trace.h"
45 #include "ble_ll_conn_priv.h"
46
47 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE) == 1
48 #include "ble_ll_dtm_priv.h"
49 #endif
50
51 /* XXX:
52 *
53 * 1) use the sanity task!
54 * 2) Need to figure out what to do with packets that we hand up that did
55 * not pass the filter policy for the given state. Currently I count all
56 * packets I think. Need to figure out what to do with this.
57 * 3) For the features defined, we need to conditionally compile code.
58 * 4) Should look into always disabled the wfr interrupt if we receive the
59 * start of a frame. Need to look at the various states to see if this is the
60 * right thing to do.
61 */
62
63 /* Supported states */
64 #define BLE_LL_S_NCA (0x00000000001)
65 #define BLE_LL_S_SA (0x00000000002)
66 #define BLE_LL_S_CA (0x00000000004)
67 #define BLE_LL_S_HDCA (0x00000000008)
68 #define BLE_LL_S_PS (0x00000000010)
69 #define BLE_LL_S_AS (0x00000000020)
70 #define BLE_LL_S_INIT (0x00000000040)
71 #define BLE_LL_S_SLAVE (0x00000000080)
72 #define BLE_LL_S_NCA_PS (0x00000000100)
73 #define BLE_LL_S_SA_PS (0x00000000200)
74 #define BLE_LL_S_CA_PS (0x00000000400)
75 #define BLE_LL_S_HDCA_PS (0x00000000800)
76 #define BLE_LL_S_NCA_AS (0x00000001000)
77 #define BLE_LL_S_SA_AS (0x00000002000)
78 #define BLE_LL_S_CA_AS (0x00000004000)
79 #define BLE_LL_S_HDCA_AS (0x00000008000)
80 #define BLE_LL_S_NCA_INIT (0x00000010000)
81 #define BLE_LL_S_SA_INIT (0x00000020000)
82 #define BLE_LL_S_NCA_MASTER (0x00000040000)
83 #define BLE_LL_S_SA_MASTER (0x00000080000)
84 #define BLE_LL_S_NCA_SLAVE (0x00000100000)
85 #define BLE_LL_S_SA_SLAVE (0x00000200000)
86 #define BLE_LL_S_PS_INIT (0x00000400000)
87 #define BLE_LL_S_AS_INIT (0x00000800000)
88 #define BLE_LL_S_PS_MASTER (0x00001000000)
89 #define BLE_LL_S_AS_MASTER (0x00002000000)
90 #define BLE_LL_S_PS_SLAVE (0x00004000000)
91 #define BLE_LL_S_AS_SLAVE (0x00008000000)
92 #define BLE_LL_S_INIT_MASTER (0x00010000000)
93 #define BLE_LL_S_LDCA (0x00020000000)
94 #define BLE_LL_S_LDCA_PS (0x00040000000)
95 #define BLE_LL_S_LDCA_AS (0x00080000000)
96 #define BLE_LL_S_CA_INIT (0x00100000000)
97 #define BLE_LL_S_HDCA_INIT (0x00200000000)
98 #define BLE_LL_S_LDCA_INIT (0x00400000000)
99 #define BLE_LL_S_CA_MASTER (0x00800000000)
100 #define BLE_LL_S_HDCA_MASTER (0x01000000000)
101 #define BLE_LL_S_LDCA_MASTER (0x02000000000)
102 #define BLE_LL_S_CA_SLAVE (0x04000000000)
103 #define BLE_LL_S_HDCA_SLAVE (0x08000000000)
104 #define BLE_LL_S_LDCA_SLAVE (0x10000000000)
105 #define BLE_LL_S_INIT_SLAVE (0x20000000000)
106
107 #define BLE_LL_SUPPORTED_STATES \
108 ( \
109 BLE_LL_S_NCA | \
110 BLE_LL_S_SA | \
111 BLE_LL_S_CA | \
112 BLE_LL_S_HDCA | \
113 BLE_LL_S_PS | \
114 BLE_LL_S_AS | \
115 BLE_LL_S_INIT | \
116 BLE_LL_S_SLAVE | \
117 BLE_LL_S_NCA_PS | \
118 BLE_LL_S_SA_PS | \
119 BLE_LL_S_CA_PS | \
120 BLE_LL_S_HDCA_PS | \
121 BLE_LL_S_NCA_AS | \
122 BLE_LL_S_SA_AS | \
123 BLE_LL_S_CA_AS | \
124 BLE_LL_S_HDCA_AS | \
125 BLE_LL_S_NCA_INIT | \
126 BLE_LL_S_SA_INIT | \
127 BLE_LL_S_NCA_MASTER | \
128 BLE_LL_S_SA_MASTER | \
129 BLE_LL_S_NCA_SLAVE | \
130 BLE_LL_S_SA_SLAVE | \
131 BLE_LL_S_PS_INIT | \
132 BLE_LL_S_AS_INIT | \
133 BLE_LL_S_PS_MASTER | \
134 BLE_LL_S_AS_MASTER | \
135 BLE_LL_S_PS_SLAVE | \
136 BLE_LL_S_AS_SLAVE | \
137 BLE_LL_S_INIT_MASTER | \
138 BLE_LL_S_LDCA | \
139 BLE_LL_S_LDCA_PS | \
140 BLE_LL_S_LDCA_AS | \
141 BLE_LL_S_CA_INIT | \
142 BLE_LL_S_HDCA_INIT | \
143 BLE_LL_S_LDCA_INIT | \
144 BLE_LL_S_CA_MASTER | \
145 BLE_LL_S_HDCA_MASTER | \
146 BLE_LL_S_LDCA_MASTER | \
147 BLE_LL_S_CA_SLAVE | \
148 BLE_LL_S_HDCA_SLAVE | \
149 BLE_LL_S_LDCA_SLAVE | \
150 BLE_LL_S_INIT_SLAVE)
151
152 /* The global BLE LL data object */
153 struct ble_ll_obj g_ble_ll_data;
154
155 /* Global link layer statistics */
156 STATS_SECT_DECL(ble_ll_stats) ble_ll_stats;
157 STATS_NAME_START(ble_ll_stats)
158 STATS_NAME(ble_ll_stats, hci_cmds)
159 STATS_NAME(ble_ll_stats, hci_cmd_errs)
160 STATS_NAME(ble_ll_stats, hci_events_sent)
161 STATS_NAME(ble_ll_stats, bad_ll_state)
162 STATS_NAME(ble_ll_stats, bad_acl_hdr)
163 STATS_NAME(ble_ll_stats, no_bufs)
164 STATS_NAME(ble_ll_stats, rx_adv_pdu_crc_ok)
165 STATS_NAME(ble_ll_stats, rx_adv_pdu_crc_err)
166 STATS_NAME(ble_ll_stats, rx_adv_bytes_crc_ok)
167 STATS_NAME(ble_ll_stats, rx_adv_bytes_crc_err)
168 STATS_NAME(ble_ll_stats, rx_data_pdu_crc_ok)
169 STATS_NAME(ble_ll_stats, rx_data_pdu_crc_err)
170 STATS_NAME(ble_ll_stats, rx_data_bytes_crc_ok)
171 STATS_NAME(ble_ll_stats, rx_data_bytes_crc_err)
172 STATS_NAME(ble_ll_stats, rx_adv_malformed_pkts)
173 STATS_NAME(ble_ll_stats, rx_adv_ind)
174 STATS_NAME(ble_ll_stats, rx_adv_direct_ind)
175 STATS_NAME(ble_ll_stats, rx_adv_nonconn_ind)
176 STATS_NAME(ble_ll_stats, rx_adv_ext_ind)
177 STATS_NAME(ble_ll_stats, rx_scan_reqs)
178 STATS_NAME(ble_ll_stats, rx_scan_rsps)
179 STATS_NAME(ble_ll_stats, rx_connect_reqs)
180 STATS_NAME(ble_ll_stats, rx_scan_ind)
181 STATS_NAME(ble_ll_stats, rx_aux_connect_rsp)
182 STATS_NAME(ble_ll_stats, adv_txg)
183 STATS_NAME(ble_ll_stats, adv_late_starts)
184 STATS_NAME(ble_ll_stats, adv_resched_pdu_fail)
185 STATS_NAME(ble_ll_stats, adv_drop_event)
186 STATS_NAME(ble_ll_stats, sched_state_conn_errs)
187 STATS_NAME(ble_ll_stats, sched_state_adv_errs)
188 STATS_NAME(ble_ll_stats, scan_starts)
189 STATS_NAME(ble_ll_stats, scan_stops)
190 STATS_NAME(ble_ll_stats, scan_req_txf)
191 STATS_NAME(ble_ll_stats, scan_req_txg)
192 STATS_NAME(ble_ll_stats, scan_rsp_txg)
193 STATS_NAME(ble_ll_stats, aux_missed_adv)
194 STATS_NAME(ble_ll_stats, aux_scheduled)
195 STATS_NAME(ble_ll_stats, aux_received)
196 STATS_NAME(ble_ll_stats, aux_fired_for_read)
197 STATS_NAME(ble_ll_stats, aux_allocated)
198 STATS_NAME(ble_ll_stats, aux_freed)
199 STATS_NAME(ble_ll_stats, aux_sched_cb)
200 STATS_NAME(ble_ll_stats, aux_conn_req_tx)
201 STATS_NAME(ble_ll_stats, aux_conn_rsp_tx)
202 STATS_NAME(ble_ll_stats, aux_conn_rsp_err)
203 STATS_NAME(ble_ll_stats, aux_scan_req_tx)
204 STATS_NAME(ble_ll_stats, aux_scan_rsp_err)
205 STATS_NAME(ble_ll_stats, aux_chain_cnt)
206 STATS_NAME(ble_ll_stats, aux_chain_err)
207 STATS_NAME(ble_ll_stats, adv_evt_dropped)
208 STATS_NAME(ble_ll_stats, scan_timer_stopped)
209 STATS_NAME(ble_ll_stats, scan_timer_restarted)
210 STATS_NAME_END(ble_ll_stats)
211
212 static void ble_ll_event_rx_pkt(struct ble_npl_event *ev);
213 static void ble_ll_event_tx_pkt(struct ble_npl_event *ev);
214 static void ble_ll_event_dbuf_overflow(struct ble_npl_event *ev);
215
216 #if MYNEWT
217
218 /* The BLE LL task data structure */
219 #if MYNEWT_VAL(BLE_LL_CFG_FEAT_LL_EXT_ADV)
220 /* TODO: This is for testing. Check it we really need it */
221 #define BLE_LL_STACK_SIZE (128)
222 #else
223 #define BLE_LL_STACK_SIZE (90)
224 #endif
225
226 struct os_task g_ble_ll_task;
227
228 OS_TASK_STACK_DEFINE(g_ble_ll_stack, BLE_LL_STACK_SIZE);
229
230 #endif /* MYNEWT */
231
232 /** Our global device address (public) */
233 uint8_t g_dev_addr[BLE_DEV_ADDR_LEN];
234
235 /** Our random address */
236 uint8_t g_random_addr[BLE_DEV_ADDR_LEN];
237
238 static const uint16_t g_ble_ll_pdu_header_tx_time[BLE_PHY_NUM_MODE] =
239 {
240 [BLE_PHY_MODE_1M] =
241 (BLE_LL_PREAMBLE_LEN + BLE_LL_ACC_ADDR_LEN + BLE_LL_CRC_LEN +
242 BLE_LL_PDU_HDR_LEN) << 3,
243 [BLE_PHY_MODE_2M] =
244 (BLE_LL_PREAMBLE_LEN * 2 + BLE_LL_ACC_ADDR_LEN + BLE_LL_CRC_LEN +
245 BLE_LL_PDU_HDR_LEN) << 2,
246 /* For Coded PHY we have exact TX times provided by specification:
247 * - Preamble, Access Address, CI, TERM1 (always coded as S=8)
248 * - PDU, CRC, TERM2 (coded as S=2 or S=8)
249 * (Vol 6, Part B, 2.2).
250 */
251 [BLE_PHY_MODE_CODED_125KBPS] =
252 (80 + 256 + 16 + 24 + 8 * (BLE_LL_PDU_HDR_LEN * 8 + 24 + 3)),
253 [BLE_PHY_MODE_CODED_500KBPS] =
254 (80 + 256 + 16 + 24 + 2 * (BLE_LL_PDU_HDR_LEN * 8 + 24 + 3)),
255 };
256
257 /**
258 * Counts the number of advertising PDU's received, by type. For advertising
259 * PDU's that contain a destination address, we still count these packets even
260 * if they are not for us.
261 *
262 * @param pdu_type
263 */
264 static void
ble_ll_count_rx_adv_pdus(uint8_t pdu_type)265 ble_ll_count_rx_adv_pdus(uint8_t pdu_type)
266 {
267 /* Count received packet types */
268 switch (pdu_type) {
269 case BLE_ADV_PDU_TYPE_ADV_EXT_IND:
270 STATS_INC(ble_ll_stats, rx_adv_ext_ind);
271 break;
272 case BLE_ADV_PDU_TYPE_ADV_IND:
273 STATS_INC(ble_ll_stats, rx_adv_ind);
274 break;
275 case BLE_ADV_PDU_TYPE_ADV_DIRECT_IND:
276 STATS_INC(ble_ll_stats, rx_adv_direct_ind);
277 break;
278 case BLE_ADV_PDU_TYPE_ADV_NONCONN_IND:
279 STATS_INC(ble_ll_stats, rx_adv_nonconn_ind);
280 break;
281 case BLE_ADV_PDU_TYPE_SCAN_REQ:
282 STATS_INC(ble_ll_stats, rx_scan_reqs);
283 break;
284 case BLE_ADV_PDU_TYPE_SCAN_RSP:
285 STATS_INC(ble_ll_stats, rx_scan_rsps);
286 break;
287 case BLE_ADV_PDU_TYPE_CONNECT_REQ:
288 STATS_INC(ble_ll_stats, rx_connect_reqs);
289 break;
290 case BLE_ADV_PDU_TYPE_AUX_CONNECT_RSP:
291 STATS_INC(ble_ll_stats, rx_aux_connect_rsp);
292 break;
293 case BLE_ADV_PDU_TYPE_ADV_SCAN_IND:
294 STATS_INC(ble_ll_stats, rx_scan_ind);
295 break;
296 default:
297 break;
298 }
299 }
300
301 /**
302 * Allocate a pdu (chain) for reception.
303 *
304 * @param len
305 *
306 * @return struct os_mbuf*
307 */
308 struct os_mbuf *
ble_ll_rxpdu_alloc(uint16_t len)309 ble_ll_rxpdu_alloc(uint16_t len)
310 {
311 uint16_t mb_bytes;
312 struct os_mbuf *m;
313 struct os_mbuf *n;
314 struct os_mbuf *p;
315 struct os_mbuf_pkthdr *pkthdr;
316
317 p = os_msys_get_pkthdr(len, sizeof(struct ble_mbuf_hdr));
318 if (!p) {
319 goto rxpdu_alloc_exit;
320 }
321
322 /* Set packet length */
323 pkthdr = OS_MBUF_PKTHDR(p);
324 pkthdr->omp_len = len;
325
326 /*
327 * NOTE: first mbuf in chain will have data pre-pended to it so we adjust
328 * m_data by a word.
329 */
330 p->om_data += 4;
331 mb_bytes = (p->om_omp->omp_databuf_len - p->om_pkthdr_len - 4);
332
333 if (mb_bytes < len) {
334 n = p;
335 len -= mb_bytes;
336 while (len) {
337 m = os_msys_get(len, 0);
338 if (!m) {
339 os_mbuf_free_chain(p);
340 p = NULL;
341 goto rxpdu_alloc_exit;
342 }
343 /* Chain new mbuf to existing chain */
344 SLIST_NEXT(n, om_next) = m;
345 n = m;
346 mb_bytes = m->om_omp->omp_databuf_len;
347 if (mb_bytes >= len) {
348 len = 0;
349 } else {
350 len -= mb_bytes;
351 }
352 }
353 }
354
355
356 rxpdu_alloc_exit:
357 if (!p) {
358 STATS_INC(ble_ll_stats, no_bufs);
359 }
360 return p;
361 }
362
363 int
ble_ll_chk_txrx_octets(uint16_t octets)364 ble_ll_chk_txrx_octets(uint16_t octets)
365 {
366 int rc;
367
368 if ((octets < BLE_LL_CONN_SUPP_BYTES_MIN) ||
369 (octets > BLE_LL_CONN_SUPP_BYTES_MAX)) {
370 rc = 0;
371 } else {
372 rc = 1;
373 }
374
375 return rc;
376 }
377
378 int
ble_ll_chk_txrx_time(uint16_t time)379 ble_ll_chk_txrx_time(uint16_t time)
380 {
381 int rc;
382
383 if ((time < BLE_LL_CONN_SUPP_TIME_MIN) ||
384 (time > BLE_LL_CONN_SUPP_TIME_MAX)) {
385 rc = 0;
386 } else {
387 rc = 1;
388 }
389
390 return rc;
391 }
392
393 /**
394 * Checks to see if the address is a resolvable private address.
395 *
396 * NOTE: the addr_type parameter will be 0 if the address is public;
397 * any other value is random (all non-zero values).
398 *
399 * @param addr
400 * @param addr_type Public (zero) or Random (non-zero) address
401 *
402 * @return int
403 */
404 int
ble_ll_is_rpa(uint8_t * addr,uint8_t addr_type)405 ble_ll_is_rpa(uint8_t *addr, uint8_t addr_type)
406 {
407 int rc;
408
409 if (addr_type && ((addr[5] & 0xc0) == 0x40)) {
410 rc = 1;
411 } else {
412 rc = 0;
413 }
414 return rc;
415 }
416
417 /* Checks to see that the device is a valid random address */
418 int
ble_ll_is_valid_random_addr(uint8_t * addr)419 ble_ll_is_valid_random_addr(uint8_t *addr)
420 {
421 int i;
422 int rc;
423 uint16_t sum;
424 uint8_t addr_type;
425
426 /* Make sure all bits are neither one nor zero */
427 sum = 0;
428 for (i = 0; i < (BLE_DEV_ADDR_LEN -1); ++i) {
429 sum += addr[i];
430 }
431 sum += addr[5] & 0x3f;
432
433 if ((sum == 0) || (sum == ((5*255) + 0x3f))) {
434 return 0;
435 }
436
437 /* Get the upper two bits of the address */
438 rc = 1;
439 addr_type = addr[5] & 0xc0;
440 if (addr_type == 0xc0) {
441 /* Static random address. No other checks needed */
442 } else if (addr_type == 0x40) {
443 /* Resolvable */
444 sum = addr[3] + addr[4] + (addr[5] & 0x3f);
445 if ((sum == 0) || (sum == (255 + 255 + 0x3f))) {
446 rc = 0;
447 }
448 } else if (addr_type == 0) {
449 /* non-resolvable. Cant be equal to public */
450 if (!memcmp(g_dev_addr, addr, BLE_DEV_ADDR_LEN)) {
451 rc = 0;
452 }
453 } else {
454 /* Invalid upper two bits */
455 rc = 0;
456 }
457
458 return rc;
459 }
460
461 /**
462 * Called from the HCI command parser when the set random address command
463 * is received.
464 *
465 * Context: Link Layer task (HCI command parser)
466 *
467 * @param addr Pointer to address
468 *
469 * @return int 0: success
470 */
471 int
ble_ll_set_random_addr(uint8_t * addr,bool hci_adv_ext)472 ble_ll_set_random_addr(uint8_t *addr, bool hci_adv_ext)
473 {
474 /* If the Host issues this command when scanning or legacy advertising is
475 * enabled, the Controller shall return the error code Command Disallowed.
476 *
477 * Test specification extends this also to initiating.
478 */
479
480 if (g_ble_ll_conn_create_sm || ble_ll_scan_enabled() ||
481 (!hci_adv_ext && ble_ll_adv_enabled())) {
482 return BLE_ERR_CMD_DISALLOWED;
483 }
484
485 if (!ble_ll_is_valid_random_addr(addr)) {
486 return BLE_ERR_INV_HCI_CMD_PARMS;
487 }
488
489 memcpy(g_random_addr, addr, BLE_DEV_ADDR_LEN);
490
491 #if MYNEWT_VAL(BLE_LL_CFG_FEAT_LL_EXT_ADV)
492 /* For instance 0 we need same address if legacy advertising might be
493 * used. If extended advertising is in use than this command doesn't
494 * affect instance 0.
495 */
496 if (!hci_adv_ext)
497 ble_ll_adv_set_random_addr(addr, 0);
498 #endif
499
500 return BLE_ERR_SUCCESS;
501 }
502
503 /**
504 * Checks to see if an address is our device address (either public or
505 * random)
506 *
507 * @param addr
508 * @param addr_type
509 *
510 * @return int 0: not our device address. 1: is our device address
511 */
512 int
ble_ll_is_our_devaddr(uint8_t * addr,int addr_type)513 ble_ll_is_our_devaddr(uint8_t *addr, int addr_type)
514 {
515 int rc;
516 uint8_t *our_addr;
517
518 if (addr_type) {
519 our_addr = g_random_addr;
520 } else {
521 our_addr = g_dev_addr;
522 }
523
524 rc = 0;
525 if (!memcmp(our_addr, addr, BLE_DEV_ADDR_LEN)) {
526 rc = 1;
527 }
528
529 return rc;
530 }
531
532 /**
533 * Get identity address
534 *
535 * @param addr_type Random (1). Public(0)
536 *
537 * @return pointer to identity address of given type.
538 */
539 uint8_t*
ble_ll_get_our_devaddr(uint8_t addr_type)540 ble_ll_get_our_devaddr(uint8_t addr_type)
541 {
542 if (addr_type) {
543 return g_random_addr;
544 }
545
546 return g_dev_addr;
547 }
548
549 /**
550 * Wait for response timeout function
551 *
552 * Context: interrupt (ble scheduler)
553 *
554 * @param arg
555 */
556 void
ble_ll_wfr_timer_exp(void * arg)557 ble_ll_wfr_timer_exp(void *arg)
558 {
559 int rx_start;
560 uint8_t lls;
561
562 rx_start = ble_phy_rx_started();
563 lls = g_ble_ll_data.ll_state;
564
565 ble_ll_trace_u32x3(BLE_LL_TRACE_ID_WFR_EXP, lls, ble_phy_xcvr_state_get(),
566 (uint32_t)rx_start);
567
568 /* If we have started a reception, there is nothing to do here */
569 if (!rx_start) {
570 switch (lls) {
571 case BLE_LL_STATE_ADV:
572 ble_ll_adv_wfr_timer_exp();
573 break;
574 case BLE_LL_STATE_CONNECTION:
575 ble_ll_conn_wfr_timer_exp();
576 break;
577 case BLE_LL_STATE_SCANNING:
578 ble_ll_scan_wfr_timer_exp();
579 break;
580 case BLE_LL_STATE_INITIATING:
581 ble_ll_conn_init_wfr_timer_exp();
582 break;
583 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE) == 1
584 case BLE_LL_STATE_DTM:
585 ble_ll_dtm_wfr_timer_exp();
586 break;
587 #endif
588 default:
589 break;
590 }
591 }
592 }
593
594 /**
595 * Enable the wait for response timer.
596 *
597 * Context: Interrupt.
598 *
599 * @param cputime
600 * @param wfr_cb
601 * @param arg
602 */
603 void
ble_ll_wfr_enable(uint32_t cputime)604 ble_ll_wfr_enable(uint32_t cputime)
605 {
606 }
607
608 /**
609 * Disable the wait for response timer
610 */
611 void
ble_ll_wfr_disable(void)612 ble_ll_wfr_disable(void)
613 {
614 }
615
616 /**
617 * ll tx pkt in proc
618 *
619 * Process ACL data packet input from host
620 *
621 * Context: Link layer task
622 *
623 */
624 static void
ble_ll_tx_pkt_in(void)625 ble_ll_tx_pkt_in(void)
626 {
627 uint16_t handle;
628 uint16_t length;
629 uint16_t pb;
630 struct os_mbuf_pkthdr *pkthdr;
631 struct os_mbuf *om;
632
633 /* Drain all packets off the queue */
634 while (STAILQ_FIRST(&g_ble_ll_data.ll_tx_pkt_q)) {
635 /* Get mbuf pointer from packet header pointer */
636 pkthdr = STAILQ_FIRST(&g_ble_ll_data.ll_tx_pkt_q);
637 om = (struct os_mbuf *)((uint8_t *)pkthdr - sizeof(struct os_mbuf));
638
639 /* Remove from queue */
640 STAILQ_REMOVE_HEAD(&g_ble_ll_data.ll_tx_pkt_q, omp_next);
641
642 /* Strip HCI ACL header to get handle and length */
643 handle = get_le16(om->om_data);
644 length = get_le16(om->om_data + 2);
645 os_mbuf_adj(om, sizeof(struct hci_data_hdr));
646
647 /* Do some basic error checking */
648 pb = handle & 0x3000;
649 if ((pkthdr->omp_len != length) || (pb > 0x1000) || (length == 0)) {
650 /* This is a bad ACL packet. Count a stat and free it */
651 STATS_INC(ble_ll_stats, bad_acl_hdr);
652 os_mbuf_free_chain(om);
653 continue;
654 }
655
656 /* Hand to connection state machine */
657 ble_ll_conn_tx_pkt_in(om, handle, length);
658 }
659 }
660
661 /**
662 * Count Link Layer statistics for received PDUs
663 *
664 * Context: Link layer task
665 *
666 * @param hdr
667 * @param len
668 */
669 static void
ble_ll_count_rx_stats(struct ble_mbuf_hdr * hdr,uint16_t len,uint8_t pdu_type)670 ble_ll_count_rx_stats(struct ble_mbuf_hdr *hdr, uint16_t len, uint8_t pdu_type)
671 {
672 uint8_t crcok;
673 bool connection_data;
674
675 crcok = BLE_MBUF_HDR_CRC_OK(hdr);
676 connection_data = (BLE_MBUF_HDR_RX_STATE(hdr) == BLE_LL_STATE_CONNECTION);
677
678 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE) == 1
679 /* Reuse connection stats for DTM */
680 connection_data = (BLE_MBUF_HDR_RX_STATE(hdr) == BLE_LL_STATE_DTM);
681 #endif
682
683 if (crcok) {
684 if (connection_data) {
685 STATS_INC(ble_ll_stats, rx_data_pdu_crc_ok);
686 STATS_INCN(ble_ll_stats, rx_data_bytes_crc_ok, len);
687 } else {
688 STATS_INC(ble_ll_stats, rx_adv_pdu_crc_ok);
689 STATS_INCN(ble_ll_stats, rx_adv_bytes_crc_ok, len);
690 ble_ll_count_rx_adv_pdus(pdu_type);
691 }
692 } else {
693 if (connection_data) {
694 STATS_INC(ble_ll_stats, rx_data_pdu_crc_err);
695 STATS_INCN(ble_ll_stats, rx_data_bytes_crc_err, len);
696 } else {
697 STATS_INC(ble_ll_stats, rx_adv_pdu_crc_err);
698 STATS_INCN(ble_ll_stats, rx_adv_bytes_crc_err, len);
699 }
700 }
701 }
702
703 /**
704 * ll rx pkt in
705 *
706 * Process received packet from PHY.
707 *
708 * Context: Link layer task
709 *
710 */
711 static void
ble_ll_rx_pkt_in(void)712 ble_ll_rx_pkt_in(void)
713 {
714 os_sr_t sr;
715 uint8_t pdu_type;
716 uint8_t *rxbuf;
717 struct os_mbuf_pkthdr *pkthdr;
718 struct ble_mbuf_hdr *ble_hdr;
719 struct os_mbuf *m;
720
721 /* Drain all packets off the queue */
722 while (STAILQ_FIRST(&g_ble_ll_data.ll_rx_pkt_q)) {
723 /* Get mbuf pointer from packet header pointer */
724 pkthdr = STAILQ_FIRST(&g_ble_ll_data.ll_rx_pkt_q);
725 m = (struct os_mbuf *)((uint8_t *)pkthdr - sizeof(struct os_mbuf));
726
727 /* Remove from queue */
728 OS_ENTER_CRITICAL(sr);
729 STAILQ_REMOVE_HEAD(&g_ble_ll_data.ll_rx_pkt_q, omp_next);
730 OS_EXIT_CRITICAL(sr);
731
732 /* Note: pdu type wont get used unless this is an advertising pdu */
733 ble_hdr = BLE_MBUF_HDR_PTR(m);
734 rxbuf = m->om_data;
735 pdu_type = rxbuf[0] & BLE_ADV_PDU_HDR_TYPE_MASK;
736 ble_ll_count_rx_stats(ble_hdr, pkthdr->omp_len, pdu_type);
737
738 /* Process the data or advertising pdu */
739 /* Process the PDU */
740 switch (BLE_MBUF_HDR_RX_STATE(ble_hdr)) {
741 case BLE_LL_STATE_CONNECTION:
742 ble_ll_conn_rx_data_pdu(m, ble_hdr);
743 /* m is going to be free by function above */
744 m = NULL;
745 break;
746 case BLE_LL_STATE_ADV:
747 ble_ll_adv_rx_pkt_in(pdu_type, rxbuf, ble_hdr);
748 break;
749 case BLE_LL_STATE_SCANNING:
750 ble_ll_scan_rx_pkt_in(pdu_type, m, ble_hdr);
751 break;
752 case BLE_LL_STATE_INITIATING:
753 ble_ll_init_rx_pkt_in(pdu_type, rxbuf, ble_hdr);
754 break;
755 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE) == 1
756 case BLE_LL_STATE_DTM:
757 ble_ll_dtm_rx_pkt_in(m, ble_hdr);
758 break;
759 #endif
760 default:
761 /* Any other state should never occur */
762 STATS_INC(ble_ll_stats, bad_ll_state);
763 break;
764 }
765 if (m) {
766 /* Free the packet buffer */
767 os_mbuf_free_chain(m);
768 }
769 }
770 }
771
772 /**
773 * Called to put a packet on the Link Layer receive packet queue.
774 *
775 * @param rxpdu Pointer to received PDU
776 */
777 void
ble_ll_rx_pdu_in(struct os_mbuf * rxpdu)778 ble_ll_rx_pdu_in(struct os_mbuf *rxpdu)
779 {
780 struct os_mbuf_pkthdr *pkthdr;
781
782 pkthdr = OS_MBUF_PKTHDR(rxpdu);
783 STAILQ_INSERT_TAIL(&g_ble_ll_data.ll_rx_pkt_q, pkthdr, omp_next);
784 ble_npl_eventq_put(&g_ble_ll_data.ll_evq, &g_ble_ll_data.ll_rx_pkt_ev);
785 }
786
787 /**
788 * Called to put a packet on the Link Layer transmit packet queue.
789 *
790 * @param txpdu Pointer to transmit packet
791 */
792 void
ble_ll_acl_data_in(struct os_mbuf * txpkt)793 ble_ll_acl_data_in(struct os_mbuf *txpkt)
794 {
795 os_sr_t sr;
796 struct os_mbuf_pkthdr *pkthdr;
797
798 pkthdr = OS_MBUF_PKTHDR(txpkt);
799 OS_ENTER_CRITICAL(sr);
800 STAILQ_INSERT_TAIL(&g_ble_ll_data.ll_tx_pkt_q, pkthdr, omp_next);
801 OS_EXIT_CRITICAL(sr);
802 ble_npl_eventq_put(&g_ble_ll_data.ll_evq, &g_ble_ll_data.ll_tx_pkt_ev);
803 }
804
805 /**
806 * Called to post event to Link Layer when a data buffer overflow has
807 * occurred.
808 *
809 * Context: Interrupt
810 *
811 */
812 void
ble_ll_data_buffer_overflow(void)813 ble_ll_data_buffer_overflow(void)
814 {
815 ble_npl_eventq_put(&g_ble_ll_data.ll_evq, &g_ble_ll_data.ll_dbuf_overflow_ev);
816 }
817
818 /**
819 * Called when a HW error occurs.
820 *
821 * Context: Interrupt
822 */
823 void
ble_ll_hw_error(void)824 ble_ll_hw_error(void)
825 {
826 ble_npl_callout_reset(&g_ble_ll_data.ll_hw_err_timer, 0);
827 }
828
829 /**
830 * Called when the HW error timer expires.
831 *
832 * @param arg
833 */
834 static void
ble_ll_hw_err_timer_cb(struct ble_npl_event * ev)835 ble_ll_hw_err_timer_cb(struct ble_npl_event *ev)
836 {
837 if (ble_ll_hci_ev_hw_err(BLE_HW_ERR_HCI_SYNC_LOSS)) {
838 /*
839 * Restart callout if failed to allocate event. Try to allocate an
840 * event every 50 milliseconds (or each OS tick if a tick is longer
841 * than 100 msecs).
842 */
843 ble_npl_callout_reset(&g_ble_ll_data.ll_hw_err_timer,
844 ble_npl_time_ms_to_ticks32(50));
845 }
846 }
847
848 /**
849 * Called upon start of received PDU
850 *
851 * Context: Interrupt
852 *
853 * @param rxpdu
854 * chan
855 *
856 * @return int
857 * < 0: A frame we dont want to receive.
858 * = 0: Continue to receive frame. Dont go from rx to tx
859 * > 0: Continue to receive frame and go from rx to tx when done
860 */
861 int
ble_ll_rx_start(uint8_t * rxbuf,uint8_t chan,struct ble_mbuf_hdr * rxhdr)862 ble_ll_rx_start(uint8_t *rxbuf, uint8_t chan, struct ble_mbuf_hdr *rxhdr)
863 {
864 int rc;
865 uint8_t pdu_type;
866
867 /* Advertising channel PDU */
868 pdu_type = rxbuf[0] & BLE_ADV_PDU_HDR_TYPE_MASK;
869
870 ble_ll_trace_u32x2(BLE_LL_TRACE_ID_RX_START, g_ble_ll_data.ll_state,
871 pdu_type);
872
873 switch (g_ble_ll_data.ll_state) {
874 case BLE_LL_STATE_CONNECTION:
875 rc = ble_ll_conn_rx_isr_start(rxhdr, ble_phy_access_addr_get());
876 break;
877 case BLE_LL_STATE_ADV:
878 rc = ble_ll_adv_rx_isr_start(pdu_type);
879 break;
880 case BLE_LL_STATE_INITIATING:
881 rc = ble_ll_init_rx_isr_start(pdu_type, rxhdr);
882 break;
883 case BLE_LL_STATE_SCANNING:
884 rc = ble_ll_scan_rx_isr_start(pdu_type, &rxhdr->rxinfo.flags);
885 break;
886 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE) == 1
887 case BLE_LL_STATE_DTM:
888 rc = ble_ll_dtm_rx_isr_start(rxhdr, ble_phy_access_addr_get());
889 break;
890 #endif
891 default:
892 /* Should not be in this state! */
893 rc = -1;
894 STATS_INC(ble_ll_stats, bad_ll_state);
895 break;
896 }
897
898 return rc;
899 }
900
901 /**
902 * Called by the PHY when a receive packet has ended.
903 *
904 * NOTE: Called from interrupt context!
905 *
906 * @param rxbuf Pointer to received PDU data
907 * rxhdr Pointer to BLE header of received mbuf
908 *
909 * @return int
910 * < 0: Disable the phy after reception.
911 * == 0: Success. Do not disable the PHY.
912 * > 0: Do not disable PHY as that has already been done.
913 */
914 int
ble_ll_rx_end(uint8_t * rxbuf,struct ble_mbuf_hdr * rxhdr)915 ble_ll_rx_end(uint8_t *rxbuf, struct ble_mbuf_hdr *rxhdr)
916 {
917 int rc;
918 int badpkt;
919 uint8_t pdu_type;
920 uint8_t len;
921 uint8_t crcok;
922 struct os_mbuf *rxpdu;
923
924 /* Get CRC status from BLE header */
925 crcok = BLE_MBUF_HDR_CRC_OK(rxhdr);
926
927 /* Get advertising PDU type and length */
928 pdu_type = rxbuf[0] & BLE_ADV_PDU_HDR_TYPE_MASK;
929 len = rxbuf[1];
930
931 ble_ll_trace_u32x3(BLE_LL_TRACE_ID_RX_END, pdu_type, len,
932 rxhdr->rxinfo.flags);
933
934 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE) == 1
935 if (BLE_MBUF_HDR_RX_STATE(rxhdr) == BLE_LL_STATE_DTM) {
936 rc = ble_ll_dtm_rx_isr_end(rxbuf, rxhdr);
937 return rc;
938 }
939 #endif
940
941 if (BLE_MBUF_HDR_RX_STATE(rxhdr) == BLE_LL_STATE_CONNECTION) {
942 rc = ble_ll_conn_rx_isr_end(rxbuf, rxhdr);
943 return rc;
944 }
945
946 /* If the CRC checks, make sure lengths check! */
947 badpkt = 0;
948 if (crcok) {
949 switch (pdu_type) {
950 case BLE_ADV_PDU_TYPE_SCAN_REQ:
951 case BLE_ADV_PDU_TYPE_ADV_DIRECT_IND:
952 if (len != BLE_SCAN_REQ_LEN) {
953 badpkt = 1;
954 }
955 break;
956 case BLE_ADV_PDU_TYPE_SCAN_RSP:
957 case BLE_ADV_PDU_TYPE_ADV_IND:
958 case BLE_ADV_PDU_TYPE_ADV_SCAN_IND:
959 case BLE_ADV_PDU_TYPE_ADV_NONCONN_IND:
960 if ((len < BLE_DEV_ADDR_LEN) || (len > BLE_ADV_SCAN_IND_MAX_LEN)) {
961 badpkt = 1;
962 }
963 break;
964 case BLE_ADV_PDU_TYPE_AUX_CONNECT_RSP:
965 break;
966 case BLE_ADV_PDU_TYPE_ADV_EXT_IND:
967 break;
968 case BLE_ADV_PDU_TYPE_CONNECT_REQ:
969 if (len != BLE_CONNECT_REQ_LEN) {
970 badpkt = 1;
971 }
972 break;
973 default:
974 badpkt = 1;
975 break;
976 }
977
978 /* If this is a malformed packet, just kill it here */
979 if (badpkt) {
980 STATS_INC(ble_ll_stats, rx_adv_malformed_pkts);
981 }
982 }
983
984 /* Hand packet to the appropriate state machine (if crc ok) */
985 rxpdu = NULL;
986 switch (BLE_MBUF_HDR_RX_STATE(rxhdr)) {
987 case BLE_LL_STATE_ADV:
988 if (!badpkt) {
989 rxpdu = ble_ll_rxpdu_alloc(len + BLE_LL_PDU_HDR_LEN);
990 if (rxpdu) {
991 ble_phy_rxpdu_copy(rxbuf, rxpdu);
992 }
993 }
994 rc = ble_ll_adv_rx_isr_end(pdu_type, rxpdu, crcok);
995 break;
996 case BLE_LL_STATE_SCANNING:
997 if (!badpkt) {
998 rxpdu = ble_ll_rxpdu_alloc(len + BLE_LL_PDU_HDR_LEN);
999 if (rxpdu) {
1000 ble_phy_rxpdu_copy(rxbuf, rxpdu);
1001 }
1002 }
1003 rc = ble_ll_scan_rx_isr_end(rxpdu, crcok);
1004 break;
1005 case BLE_LL_STATE_INITIATING:
1006 rc = ble_ll_init_rx_isr_end(rxbuf, crcok, rxhdr);
1007 break;
1008 default:
1009 rc = -1;
1010 STATS_INC(ble_ll_stats, bad_ll_state);
1011 break;
1012 }
1013
1014 /* Hand packet up to higher layer (regardless of CRC failure) */
1015 if (rxpdu) {
1016 ble_ll_rx_pdu_in(rxpdu);
1017 }
1018
1019 return rc;
1020 }
1021
1022 uint8_t
ble_ll_tx_mbuf_pducb(uint8_t * dptr,void * pducb_arg,uint8_t * hdr_byte)1023 ble_ll_tx_mbuf_pducb(uint8_t *dptr, void *pducb_arg, uint8_t *hdr_byte)
1024 {
1025 struct os_mbuf *txpdu;
1026 struct ble_mbuf_hdr *ble_hdr;
1027
1028 txpdu = pducb_arg;
1029 BLE_LL_ASSERT(txpdu);
1030 ble_hdr = BLE_MBUF_HDR_PTR(txpdu);
1031
1032 os_mbuf_copydata(txpdu, ble_hdr->txinfo.offset, ble_hdr->txinfo.pyld_len,
1033 dptr);
1034
1035 *hdr_byte = ble_hdr->txinfo.hdr_byte;
1036
1037 return ble_hdr->txinfo.pyld_len;
1038 }
1039
1040 uint8_t
ble_ll_tx_flat_mbuf_pducb(uint8_t * dptr,void * pducb_arg,uint8_t * hdr_byte)1041 ble_ll_tx_flat_mbuf_pducb(uint8_t *dptr, void *pducb_arg, uint8_t *hdr_byte)
1042 {
1043 struct os_mbuf *txpdu;
1044 struct ble_mbuf_hdr *ble_hdr;
1045
1046 txpdu = pducb_arg;
1047 BLE_LL_ASSERT(txpdu);
1048 ble_hdr = BLE_MBUF_HDR_PTR(txpdu);
1049
1050 memcpy(dptr, txpdu->om_data, ble_hdr->txinfo.pyld_len);
1051
1052 *hdr_byte = ble_hdr->txinfo.hdr_byte;
1053
1054 return ble_hdr->txinfo.pyld_len;
1055 }
1056
1057 static void
ble_ll_event_rx_pkt(struct ble_npl_event * ev)1058 ble_ll_event_rx_pkt(struct ble_npl_event *ev)
1059 {
1060 ble_ll_rx_pkt_in();
1061 }
1062
1063 static void
ble_ll_event_tx_pkt(struct ble_npl_event * ev)1064 ble_ll_event_tx_pkt(struct ble_npl_event *ev)
1065 {
1066 ble_ll_tx_pkt_in();
1067 }
1068
1069 static void
ble_ll_event_dbuf_overflow(struct ble_npl_event * ev)1070 ble_ll_event_dbuf_overflow(struct ble_npl_event *ev)
1071 {
1072 ble_ll_hci_ev_databuf_overflow();
1073 }
1074
1075 static void
ble_ll_event_comp_pkts(struct ble_npl_event * ev)1076 ble_ll_event_comp_pkts(struct ble_npl_event *ev)
1077 {
1078 ble_ll_conn_num_comp_pkts_event_send(NULL);
1079 }
1080
1081 /**
1082 * Link Layer task.
1083 *
1084 * This is the task that runs the Link Layer.
1085 *
1086 * @param arg
1087 */
1088 void
ble_ll_task(void * arg)1089 ble_ll_task(void *arg)
1090 {
1091 struct ble_npl_event *ev;
1092
1093 /*
1094 * XXX RIOT ties event queue to a thread which initialized it so we need to
1095 * create event queue in LL task, not in general init function. This can
1096 * lead to some races between host and LL so for now let us have it as a
1097 * hack for RIOT where races can be avoided by proper initialization inside
1098 * package.
1099 */
1100 #ifdef RIOT_VERSION
1101 ble_npl_eventq_init(&g_ble_ll_data.ll_evq);
1102 #endif
1103
1104 /* Init ble phy */
1105 ble_phy_init();
1106
1107 /* Set output power to 1mW (0 dBm) */
1108 ble_phy_txpwr_set(MYNEWT_VAL(BLE_LL_TX_PWR_DBM));
1109
1110 /* Tell the host that we are ready to receive packets */
1111 ble_ll_hci_send_noop();
1112
1113 ble_ll_rand_start();
1114
1115 while (1) {
1116 ev = ble_npl_eventq_get(&g_ble_ll_data.ll_evq, BLE_NPL_TIME_FOREVER);
1117 assert(ev);
1118 ble_npl_event_run(ev);
1119 }
1120 }
1121
1122 /**
1123 * ble ll state set
1124 *
1125 * Called to set the current link layer state.
1126 *
1127 * Context: Interrupt and Link Layer task
1128 *
1129 * @param ll_state
1130 */
1131 void
ble_ll_state_set(uint8_t ll_state)1132 ble_ll_state_set(uint8_t ll_state)
1133 {
1134 g_ble_ll_data.ll_state = ll_state;
1135 }
1136
1137 /**
1138 * ble ll state get
1139 *
1140 * Called to get the current link layer state.
1141 *
1142 * Context: Link Layer task (can be called from interrupt context though).
1143 *
1144 * @return ll_state
1145 */
1146 uint8_t
ble_ll_state_get(void)1147 ble_ll_state_get(void)
1148 {
1149 return g_ble_ll_data.ll_state;
1150 }
1151
1152 /**
1153 * ble ll event send
1154 *
1155 * Send an event to the Link Layer task
1156 *
1157 * @param ev Event to add to the Link Layer event queue.
1158 */
1159 void
ble_ll_event_send(struct ble_npl_event * ev)1160 ble_ll_event_send(struct ble_npl_event *ev)
1161 {
1162 ble_npl_eventq_put(&g_ble_ll_data.ll_evq, ev);
1163 }
1164
1165 /**
1166 * Returns the features supported by the link layer
1167 *
1168 * @return uint8_t bitmask of supported features.
1169 */
1170 uint64_t
ble_ll_read_supp_states(void)1171 ble_ll_read_supp_states(void)
1172 {
1173 return BLE_LL_SUPPORTED_STATES;
1174 }
1175
1176 /**
1177 * Returns the features supported by the link layer
1178 *
1179 * @return uint32_t bitmask of supported features.
1180 */
1181 uint32_t
ble_ll_read_supp_features(void)1182 ble_ll_read_supp_features(void)
1183 {
1184 return g_ble_ll_data.ll_supp_features;
1185 }
1186
1187 /**
1188 * Flush a link layer packet queue.
1189 *
1190 * @param pktq
1191 */
1192 static void
ble_ll_flush_pkt_queue(struct ble_ll_pkt_q * pktq)1193 ble_ll_flush_pkt_queue(struct ble_ll_pkt_q *pktq)
1194 {
1195 struct os_mbuf_pkthdr *pkthdr;
1196 struct os_mbuf *om;
1197
1198 /* FLush all packets from Link layer queues */
1199 while (STAILQ_FIRST(pktq)) {
1200 /* Get mbuf pointer from packet header pointer */
1201 pkthdr = STAILQ_FIRST(pktq);
1202 om = OS_MBUF_PKTHDR_TO_MBUF(pkthdr);
1203
1204 /* Remove from queue and free the mbuf */
1205 STAILQ_REMOVE_HEAD(pktq, omp_next);
1206 os_mbuf_free_chain(om);
1207 }
1208 }
1209
1210 /**
1211 * Called to initialize a mbuf used by the controller
1212 *
1213 * NOTE: this is only used when the mbuf is created by the controller;
1214 * it should not be used for data packets (ACL data packets) that come from
1215 * the host. This routine assumes that the entire pdu length can fit in
1216 * one mbuf contiguously.
1217 *
1218 * @param m
1219 * @param pdulen
1220 * @param hdr
1221 */
1222 void
ble_ll_mbuf_init(struct os_mbuf * m,uint8_t pdulen,uint8_t hdr)1223 ble_ll_mbuf_init(struct os_mbuf *m, uint8_t pdulen, uint8_t hdr)
1224 {
1225 struct ble_mbuf_hdr *ble_hdr;
1226
1227 /* Set mbuf length and packet length */
1228 m->om_len = pdulen;
1229 OS_MBUF_PKTHDR(m)->omp_len = pdulen;
1230
1231 /* Set BLE transmit header */
1232 ble_hdr = BLE_MBUF_HDR_PTR(m);
1233 ble_hdr->txinfo.flags = 0;
1234 ble_hdr->txinfo.offset = 0;
1235 ble_hdr->txinfo.pyld_len = pdulen;
1236 ble_hdr->txinfo.hdr_byte = hdr;
1237 }
1238
1239 /**
1240 * Called to reset the controller. This performs a "software reset" of the link
1241 * layer; it does not perform a HW reset of the controller nor does it reset
1242 * the HCI interface.
1243 *
1244 * Context: Link Layer task (HCI command)
1245 *
1246 * @return int The ble error code to place in the command complete event that
1247 * is returned when this command is issued.
1248 */
1249 int
ble_ll_reset(void)1250 ble_ll_reset(void)
1251 {
1252 int rc;
1253 os_sr_t sr;
1254
1255 /* Stop the phy */
1256 ble_phy_disable();
1257
1258 /* Stop any wait for response timer */
1259 OS_ENTER_CRITICAL(sr);
1260 ble_ll_wfr_disable();
1261 ble_ll_sched_stop();
1262 OS_EXIT_CRITICAL(sr);
1263
1264 /* Stop any scanning */
1265 ble_ll_scan_reset();
1266
1267 /* Stop any advertising */
1268 ble_ll_adv_reset();
1269
1270 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE)
1271 ble_ll_dtm_reset();
1272 #endif
1273
1274 /* FLush all packets from Link layer queues */
1275 ble_ll_flush_pkt_queue(&g_ble_ll_data.ll_tx_pkt_q);
1276 ble_ll_flush_pkt_queue(&g_ble_ll_data.ll_rx_pkt_q);
1277
1278 /* Reset LL stats */
1279 STATS_RESET(ble_ll_stats);
1280
1281 /* Reset any preferred PHYs */
1282 g_ble_ll_data.ll_pref_tx_phys = 0;
1283 g_ble_ll_data.ll_pref_rx_phys = 0;
1284
1285 /* Reset connection module */
1286 ble_ll_conn_module_reset();
1287
1288 /* All this does is re-initialize the event masks so call the hci init */
1289 ble_ll_hci_init();
1290
1291 /* Reset scheduler */
1292 ble_ll_sched_init();
1293
1294 /* Set state to standby */
1295 ble_ll_state_set(BLE_LL_STATE_STANDBY);
1296
1297 #ifdef BLE_XCVR_RFCLK
1298 /* Stops rf clock and rfclock timer */
1299 ble_ll_xcvr_rfclk_stop();
1300 #endif
1301
1302 /* Reset our random address */
1303 memset(g_random_addr, 0, BLE_DEV_ADDR_LEN);
1304
1305 /* Clear the whitelist */
1306 ble_ll_whitelist_clear();
1307
1308 /* Reset resolving list */
1309 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LL_PRIVACY) == 1)
1310 ble_ll_resolv_list_reset();
1311 #endif
1312
1313 /* Re-initialize the PHY */
1314 rc = ble_phy_init();
1315
1316 return rc;
1317 }
1318
1319 static void
ble_ll_seed_prng(void)1320 ble_ll_seed_prng(void)
1321 {
1322 uint32_t seed;
1323 int i;
1324
1325 /* Seed random number generator with least significant bytes of device
1326 * address.
1327 */
1328 seed = 0;
1329 for (i = 0; i < 4; ++i) {
1330 seed |= g_dev_addr[i];
1331 seed <<= 8;
1332 }
1333 srand(seed);
1334 }
1335
1336 uint32_t
ble_ll_pdu_tx_time_get(uint16_t payload_len,int phy_mode)1337 ble_ll_pdu_tx_time_get(uint16_t payload_len, int phy_mode)
1338 {
1339 uint32_t usecs;
1340
1341 #if (BLE_LL_BT5_PHY_SUPPORTED)
1342 if (phy_mode == BLE_PHY_MODE_1M) {
1343 /* 8 usecs per byte */
1344 usecs = payload_len << 3;
1345 } else if (phy_mode == BLE_PHY_MODE_2M) {
1346 /* 4 usecs per byte */
1347 usecs = payload_len << 2;
1348 } else if (phy_mode == BLE_PHY_MODE_CODED_125KBPS) {
1349 /* S=8 => 8 * 8 = 64 usecs per byte */
1350 usecs = payload_len << 6;
1351 } else if (phy_mode == BLE_PHY_MODE_CODED_500KBPS) {
1352 /* S=2 => 2 * 8 = 16 usecs per byte */
1353 usecs = payload_len << 4;
1354 } else {
1355 BLE_LL_ASSERT(0);
1356 }
1357
1358 usecs += g_ble_ll_pdu_header_tx_time[phy_mode];
1359 #else
1360 usecs = (((payload_len) + BLE_LL_PDU_HDR_LEN + BLE_LL_ACC_ADDR_LEN
1361 + BLE_LL_PREAMBLE_LEN + BLE_LL_CRC_LEN) << 3);
1362 #endif
1363
1364 return usecs;
1365 }
1366
1367 uint16_t
ble_ll_pdu_max_tx_octets_get(uint32_t usecs,int phy_mode)1368 ble_ll_pdu_max_tx_octets_get(uint32_t usecs, int phy_mode)
1369 {
1370 uint32_t header_tx_time;
1371 uint16_t octets;
1372
1373 BLE_LL_ASSERT(phy_mode < BLE_PHY_NUM_MODE);
1374
1375 header_tx_time = g_ble_ll_pdu_header_tx_time[phy_mode];
1376
1377 /*
1378 * Current conn max tx time can be too short to even send a packet header
1379 * and this can happen if we changed connection form uncoded to coded phy.
1380 * However, the lower bound for conn max tx time (all of them) depends on
1381 * current phy (uncoded/coded) but it always allows to send at least 27
1382 * bytes of payload thus we alwyas return at least 27 from here.
1383 *
1384 * Reference:
1385 * Core v5.0, Vol 6, Part B, section 4.5.10
1386 * see connEffectiveMaxTxTime and connEffectiveMaxRxTime definitions
1387 */
1388
1389 if (usecs < header_tx_time) {
1390 return 27;
1391 }
1392
1393 usecs -= header_tx_time;
1394
1395 if (phy_mode == BLE_PHY_MODE_1M) {
1396 /* 8 usecs per byte */
1397 octets = usecs >> 3;
1398 } else if (phy_mode == BLE_PHY_MODE_2M) {
1399 /* 4 usecs per byte */
1400 octets = usecs >> 2;
1401 } else if (phy_mode == BLE_PHY_MODE_CODED_125KBPS) {
1402 /* S=8 => 8 * 8 = 64 usecs per byte */
1403 octets = usecs >> 6;
1404 } else if (phy_mode == BLE_PHY_MODE_CODED_500KBPS) {
1405 /* S=2 => 2 * 8 = 16 usecs per byte */
1406 octets = usecs >> 4;
1407 } else {
1408 BLE_LL_ASSERT(0);
1409 }
1410
1411 /* see comment at the beginning */
1412 return max(27, octets);
1413 }
1414
1415 /**
1416 * Initialize the Link Layer. Should be called only once
1417 *
1418 * @return int
1419 */
1420 void
ble_ll_init(void)1421 ble_ll_init(void)
1422 {
1423 int rc;
1424 uint32_t features;
1425 #ifdef BLE_XCVR_RFCLK
1426 uint32_t xtal_ticks;
1427 #endif
1428 ble_addr_t addr;
1429 struct ble_ll_obj *lldata;
1430
1431 /* Ensure this function only gets called by sysinit. */
1432 SYSINIT_ASSERT_ACTIVE();
1433
1434 ble_ll_trace_init();
1435 ble_phy_trace_init();
1436
1437 /* Retrieve the public device address if not set by syscfg */
1438 memcpy(&addr.val[0], MYNEWT_VAL_BLE_PUBLIC_DEV_ADDR, BLE_DEV_ADDR_LEN);
1439 if (!memcmp(&addr.val[0], ((ble_addr_t *)BLE_ADDR_ANY)->val,
1440 BLE_DEV_ADDR_LEN)) {
1441 rc = ble_hw_get_public_addr(&addr);
1442 if (!rc) {
1443 memcpy(g_dev_addr, &addr.val[0], BLE_DEV_ADDR_LEN);
1444 }
1445 } else {
1446 memcpy(g_dev_addr, &addr.val[0], BLE_DEV_ADDR_LEN);
1447 }
1448
1449 #ifdef BLE_XCVR_RFCLK
1450 /* Settling time of crystal, in ticks */
1451 xtal_ticks = MYNEWT_VAL(BLE_XTAL_SETTLE_TIME);
1452 BLE_LL_ASSERT(xtal_ticks != 0);
1453 g_ble_ll_data.ll_xtal_ticks = os_cputime_usecs_to_ticks(xtal_ticks);
1454
1455 /* Initialize rf clock timer */
1456 os_cputime_timer_init(&g_ble_ll_data.ll_rfclk_timer,
1457 ble_ll_xcvr_rfclk_timer_exp, NULL);
1458
1459 #endif
1460
1461 /* Get pointer to global data object */
1462 lldata = &g_ble_ll_data;
1463
1464 /* Set acl pkt size and number */
1465 lldata->ll_num_acl_pkts = MYNEWT_VAL(BLE_ACL_BUF_COUNT);
1466 lldata->ll_acl_pkt_size = MYNEWT_VAL(BLE_ACL_BUF_SIZE);
1467
1468 /*
1469 * XXX RIOT ties event queue to a thread which initialized it so we need to
1470 * create event queue in LL task, not in general init function. This can
1471 * lead to some races between host and LL so for now let us have it as a
1472 * hack for RIOT where races can be avoided by proper initialization inside
1473 * package.
1474 */
1475 #ifndef RIOT_VERSION
1476 /* Initialize eventq */
1477 ble_npl_eventq_init(&lldata->ll_evq);
1478 #endif
1479
1480 /* Initialize the transmit (from host) and receive (from phy) queues */
1481 STAILQ_INIT(&lldata->ll_tx_pkt_q);
1482 STAILQ_INIT(&lldata->ll_rx_pkt_q);
1483
1484 /* Initialize transmit (from host) and receive packet (from phy) event */
1485 ble_npl_event_init(&lldata->ll_rx_pkt_ev, ble_ll_event_rx_pkt, NULL);
1486 ble_npl_event_init(&lldata->ll_tx_pkt_ev, ble_ll_event_tx_pkt, NULL);
1487
1488 /* Initialize data buffer overflow event and completed packets */
1489 ble_npl_event_init(&lldata->ll_dbuf_overflow_ev, ble_ll_event_dbuf_overflow, NULL);
1490 ble_npl_event_init(&lldata->ll_comp_pkt_ev, ble_ll_event_comp_pkts, NULL);
1491
1492 /* Initialize the HW error timer */
1493 ble_npl_callout_init(&g_ble_ll_data.ll_hw_err_timer,
1494 &g_ble_ll_data.ll_evq,
1495 ble_ll_hw_err_timer_cb,
1496 NULL);
1497
1498 /* Initialize LL HCI */
1499 ble_ll_hci_init();
1500
1501 /* Init the scheduler */
1502 ble_ll_sched_init();
1503
1504 /* Initialize advertiser */
1505 ble_ll_adv_init();
1506
1507 /* Initialize a scanner */
1508 ble_ll_scan_init();
1509
1510 /* Initialize the connection module */
1511 ble_ll_conn_module_init();
1512
1513 /* Set the supported features. NOTE: we always support extended reject. */
1514 features = BLE_LL_FEAT_EXTENDED_REJ;
1515
1516 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_DATA_LEN_EXT) == 1)
1517 features |= BLE_LL_FEAT_DATA_LEN_EXT;
1518 #endif
1519 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_CONN_PARAM_REQ) == 1)
1520 features |= BLE_LL_FEAT_CONN_PARM_REQ;
1521 #endif
1522 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_SLAVE_INIT_FEAT_XCHG) == 1)
1523 features |= BLE_LL_FEAT_SLAVE_INIT;
1524 #endif
1525 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LE_ENCRYPTION) == 1)
1526 features |= BLE_LL_FEAT_LE_ENCRYPTION;
1527 #endif
1528
1529 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LL_PRIVACY) == 1)
1530 features |= (BLE_LL_FEAT_LL_PRIVACY | BLE_LL_FEAT_EXT_SCAN_FILT);
1531 ble_ll_resolv_init();
1532 #endif
1533
1534 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LE_PING) == 1)
1535 features |= BLE_LL_FEAT_LE_PING;
1536 #endif
1537
1538 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LL_EXT_ADV) == 1)
1539 features |= BLE_LL_FEAT_EXT_ADV;
1540 #endif
1541
1542 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LE_CSA2) == 1)
1543 /* CSA2 */
1544 features |= BLE_LL_FEAT_CSA2;
1545 #endif
1546
1547 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LE_2M_PHY) == 1)
1548 features |= BLE_LL_FEAT_LE_2M_PHY;
1549 #endif
1550
1551 #if (MYNEWT_VAL(BLE_LL_CFG_FEAT_LE_CODED_PHY) == 1)
1552 features |= BLE_LL_FEAT_LE_CODED_PHY;
1553 #endif
1554
1555 /* Initialize random number generation */
1556 ble_ll_rand_init();
1557
1558 /* XXX: This really doesn't belong here, as the address probably has not
1559 * been set yet.
1560 */
1561 ble_ll_seed_prng();
1562
1563 lldata->ll_supp_features = features;
1564
1565 #if MYNEWT
1566 /* Initialize the LL task */
1567 os_task_init(&g_ble_ll_task, "ble_ll", ble_ll_task, NULL,
1568 MYNEWT_VAL(BLE_LL_PRIO), OS_WAIT_FOREVER, g_ble_ll_stack,
1569 BLE_LL_STACK_SIZE);
1570 #else
1571
1572 /*
1573 * For non-Mynewt OS it is required that OS creates task for LL and run LL
1574 * routine which is wrapped by nimble_port_ll_task_func().
1575 */
1576
1577 #endif
1578
1579 rc = stats_init_and_reg(STATS_HDR(ble_ll_stats),
1580 STATS_SIZE_INIT_PARMS(ble_ll_stats, STATS_SIZE_32),
1581 STATS_NAME_INIT_PARMS(ble_ll_stats),
1582 "ble_ll");
1583 SYSINIT_PANIC_ASSERT(rc == 0);
1584
1585 ble_hci_trans_cfg_ll(ble_ll_hci_cmd_rx, NULL, ble_ll_hci_acl_rx, NULL);
1586
1587 #if MYNEWT_VAL(BLE_LL_DIRECT_TEST_MODE)
1588 ble_ll_dtm_init();
1589 #endif
1590 }
1591