1 /* 2 * Copyright (C) 2009-2012 by Matthias Ringwald 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY MATTHIAS RINGWALD AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at [email protected] 34 * 35 */ 36 37 /* 38 * l2cap.c 39 * 40 * Logical Link Control and Adaption Protocl (L2CAP) 41 * 42 * Created by Matthias Ringwald on 5/16/09. 43 */ 44 45 #include "l2cap.h" 46 #include "hci.h" 47 #include "hci_dump.h" 48 #include "debug.h" 49 #include "btstack_memory.h" 50 51 #include <stdarg.h> 52 #include <string.h> 53 54 #include <stdio.h> 55 56 // nr of buffered acl packets in outgoing queue to get max performance 57 #define NR_BUFFERED_ACL_PACKETS 3 58 59 // used to cache l2cap rejects, echo, and informational requests 60 #define NR_PENDING_SIGNALING_RESPONSES 3 61 62 // offsets for L2CAP SIGNALING COMMANDS 63 #define L2CAP_SIGNALING_COMMAND_CODE_OFFSET 0 64 #define L2CAP_SIGNALING_COMMAND_SIGID_OFFSET 1 65 #define L2CAP_SIGNALING_COMMAND_LENGTH_OFFSET 2 66 #define L2CAP_SIGNALING_COMMAND_DATA_OFFSET 4 67 68 static void null_packet_handler(void * connection, uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size); 69 static void l2cap_packet_handler(uint8_t packet_type, uint8_t *packet, uint16_t size); 70 71 // used to cache l2cap rejects, echo, and informational requests 72 static l2cap_signaling_response_t signaling_responses[NR_PENDING_SIGNALING_RESPONSES]; 73 static int signaling_responses_pending; 74 75 static linked_list_t l2cap_channels; 76 static linked_list_t l2cap_services; 77 static void (*packet_handler) (void * connection, uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size) = null_packet_handler; 78 static int new_credits_blocked = 0; 79 80 static btstack_packet_handler_t attribute_protocol_packet_handler; 81 static btstack_packet_handler_t security_protocol_packet_handler; 82 static uint8_t require_security_level2_for_outgoing_sdp; 83 84 // prototypes 85 static void l2cap_finialize_channel_close(l2cap_channel_t *channel); 86 static l2cap_service_t * l2cap_get_service(uint16_t psm); 87 static void l2cap_emit_channel_opened(l2cap_channel_t *channel, uint8_t status); 88 static void l2cap_emit_channel_closed(l2cap_channel_t *channel); 89 static void l2cap_emit_connection_request(l2cap_channel_t *channel); 90 static int l2cap_channel_ready_for_open(l2cap_channel_t *channel); 91 92 93 void l2cap_init(){ 94 new_credits_blocked = 0; 95 signaling_responses_pending = 0; 96 97 l2cap_channels = NULL; 98 l2cap_services = NULL; 99 100 packet_handler = null_packet_handler; 101 attribute_protocol_packet_handler = NULL; 102 security_protocol_packet_handler = NULL; 103 104 require_security_level2_for_outgoing_sdp = 0; 105 106 // 107 // register callback with HCI 108 // 109 hci_register_packet_handler(&l2cap_packet_handler); 110 hci_connectable_control(0); // no services yet 111 } 112 113 114 /** Register L2CAP packet handlers */ 115 static void null_packet_handler(void * connection, uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 116 } 117 void l2cap_register_packet_handler(void (*handler)(void * connection, uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size)){ 118 packet_handler = handler; 119 } 120 121 // notify client/protocol handler 122 void l2cap_dispatch(l2cap_channel_t *channel, uint8_t type, uint8_t * data, uint16_t size){ 123 if (channel->packet_handler) { 124 (* (channel->packet_handler))(type, channel->local_cid, data, size); 125 } else { 126 (*packet_handler)(channel->connection, type, channel->local_cid, data, size); 127 } 128 } 129 130 void l2cap_emit_channel_opened(l2cap_channel_t *channel, uint8_t status) { 131 log_info("L2CAP_EVENT_CHANNEL_OPENED status 0x%x addr %s handle 0x%x psm 0x%x local_cid 0x%x remote_cid 0x%x local_mtu %u, remote_mtu %u, flush_timeout %u", 132 status, bd_addr_to_str(channel->address), channel->handle, channel->psm, 133 channel->local_cid, channel->remote_cid, channel->local_mtu, channel->remote_mtu, channel->flush_timeout); 134 uint8_t event[23]; 135 event[0] = L2CAP_EVENT_CHANNEL_OPENED; 136 event[1] = sizeof(event) - 2; 137 event[2] = status; 138 bt_flip_addr(&event[3], channel->address); 139 bt_store_16(event, 9, channel->handle); 140 bt_store_16(event, 11, channel->psm); 141 bt_store_16(event, 13, channel->local_cid); 142 bt_store_16(event, 15, channel->remote_cid); 143 bt_store_16(event, 17, channel->local_mtu); 144 bt_store_16(event, 19, channel->remote_mtu); 145 bt_store_16(event, 19, channel->flush_timeout); 146 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 147 l2cap_dispatch(channel, HCI_EVENT_PACKET, event, sizeof(event)); 148 } 149 150 void l2cap_emit_channel_closed(l2cap_channel_t *channel) { 151 log_info("L2CAP_EVENT_CHANNEL_CLOSED local_cid 0x%x", channel->local_cid); 152 uint8_t event[4]; 153 event[0] = L2CAP_EVENT_CHANNEL_CLOSED; 154 event[1] = sizeof(event) - 2; 155 bt_store_16(event, 2, channel->local_cid); 156 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 157 l2cap_dispatch(channel, HCI_EVENT_PACKET, event, sizeof(event)); 158 } 159 160 void l2cap_emit_connection_request(l2cap_channel_t *channel) { 161 log_info("L2CAP_EVENT_INCOMING_CONNECTION addr %s handle 0x%x psm 0x%x local_cid 0x%x remote_cid 0x%x", 162 bd_addr_to_str(channel->address), channel->handle, channel->psm, channel->local_cid, channel->remote_cid); 163 uint8_t event[16]; 164 event[0] = L2CAP_EVENT_INCOMING_CONNECTION; 165 event[1] = sizeof(event) - 2; 166 bt_flip_addr(&event[2], channel->address); 167 bt_store_16(event, 8, channel->handle); 168 bt_store_16(event, 10, channel->psm); 169 bt_store_16(event, 12, channel->local_cid); 170 bt_store_16(event, 14, channel->remote_cid); 171 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 172 l2cap_dispatch(channel, HCI_EVENT_PACKET, event, sizeof(event)); 173 } 174 175 static void l2cap_emit_service_registered(void *connection, uint8_t status, uint16_t psm){ 176 log_info("L2CAP_EVENT_SERVICE_REGISTERED status 0x%x psm 0x%x", status, psm); 177 uint8_t event[5]; 178 event[0] = L2CAP_EVENT_SERVICE_REGISTERED; 179 event[1] = sizeof(event) - 2; 180 event[2] = status; 181 bt_store_16(event, 3, psm); 182 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 183 (*packet_handler)(connection, HCI_EVENT_PACKET, 0, event, sizeof(event)); 184 } 185 186 void l2cap_emit_credits(l2cap_channel_t *channel, uint8_t credits) { 187 188 log_info("L2CAP_EVENT_CREDITS local_cid 0x%x credits %u", channel->local_cid, credits); 189 // track credits 190 channel->packets_granted += credits; 191 192 uint8_t event[5]; 193 event[0] = L2CAP_EVENT_CREDITS; 194 event[1] = sizeof(event) - 2; 195 bt_store_16(event, 2, channel->local_cid); 196 event[4] = credits; 197 hci_dump_packet( HCI_EVENT_PACKET, 0, event, sizeof(event)); 198 l2cap_dispatch(channel, HCI_EVENT_PACKET, event, sizeof(event)); 199 } 200 201 void l2cap_block_new_credits(uint8_t blocked){ 202 new_credits_blocked = blocked; 203 } 204 205 void l2cap_hand_out_credits(void){ 206 207 if (new_credits_blocked) return; // we're told not to. used by daemon 208 209 linked_item_t *it; 210 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 211 if (!hci_number_free_acl_slots()) return; 212 l2cap_channel_t * channel = (l2cap_channel_t *) it; 213 if (channel->state != L2CAP_STATE_OPEN) continue; 214 if (hci_number_outgoing_packets(channel->handle) < NR_BUFFERED_ACL_PACKETS && channel->packets_granted == 0) { 215 l2cap_emit_credits(channel, 1); 216 } 217 } 218 } 219 220 l2cap_channel_t * l2cap_get_channel_for_local_cid(uint16_t local_cid){ 221 linked_item_t *it; 222 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 223 l2cap_channel_t * channel = (l2cap_channel_t *) it; 224 if ( channel->local_cid == local_cid) { 225 return channel; 226 } 227 } 228 return NULL; 229 } 230 231 int l2cap_can_send_packet_now(uint16_t local_cid){ 232 l2cap_channel_t *channel = l2cap_get_channel_for_local_cid(local_cid); 233 if (!channel) return 0; 234 if (!channel->packets_granted) return 0; 235 return hci_can_send_packet_now(HCI_ACL_DATA_PACKET); 236 } 237 238 uint16_t l2cap_get_remote_mtu_for_local_cid(uint16_t local_cid){ 239 l2cap_channel_t * channel = l2cap_get_channel_for_local_cid(local_cid); 240 if (channel) { 241 return channel->remote_mtu; 242 } 243 return 0; 244 } 245 246 static l2cap_channel_t * l2cap_channel_for_rtx_timer(timer_source_t * ts){ 247 linked_item_t *it; 248 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 249 l2cap_channel_t * channel = (l2cap_channel_t *) it; 250 if ( &channel->rtx == ts) { 251 return channel; 252 } 253 } 254 return NULL; 255 } 256 257 static void l2cap_rtx_timeout(timer_source_t * ts){ 258 l2cap_channel_t * channel = l2cap_channel_for_rtx_timer(ts); 259 if (!ts) return; 260 261 log_info("l2cap_rtx_timeout for local cid 0x%02x", channel->local_cid); 262 263 // "When terminating the channel, it is not necessary to send a L2CAP_DisconnectReq 264 // and enter WAIT_DISCONNECT state. Channels can be transitioned directly to the CLOSED state." 265 // notify client 266 l2cap_emit_channel_opened(channel, L2CAP_CONNECTION_RESPONSE_RESULT_RTX_TIMEOUT); 267 268 // discard channel 269 linked_list_remove(&l2cap_channels, (linked_item_t *) channel); 270 btstack_memory_l2cap_channel_free(channel); 271 } 272 273 static void l2cap_stop_rtx(l2cap_channel_t * channel){ 274 log_info("l2cap_stop_rtx for local cid 0x%02x", channel->local_cid); 275 run_loop_remove_timer(&channel->rtx); 276 } 277 278 static void l2cap_start_rtx(l2cap_channel_t * channel){ 279 log_info("l2cap_start_rtx for local cid 0x%02x", channel->local_cid); 280 l2cap_stop_rtx(channel); 281 run_loop_set_timer_handler(&channel->rtx, l2cap_rtx_timeout); 282 run_loop_set_timer(&channel->rtx, L2CAP_RTX_TIMEOUT_MS); 283 run_loop_add_timer(&channel->rtx); 284 } 285 286 static void l2cap_start_ertx(l2cap_channel_t * channel){ 287 log_info("l2cap_start_ertx for local cid 0x%02x", channel->local_cid); 288 l2cap_stop_rtx(channel); 289 run_loop_set_timer_handler(&channel->rtx, l2cap_rtx_timeout); 290 run_loop_set_timer(&channel->rtx, L2CAP_ERTX_TIMEOUT_MS); 291 run_loop_add_timer(&channel->rtx); 292 } 293 294 void l2cap_require_security_level_2_for_outgoing_sdp(){ 295 require_security_level2_for_outgoing_sdp = 1; 296 } 297 298 static int l2cap_security_level_0_allowed_for_PSM(uint16_t psm){ 299 return (psm == PSM_SDP) && (!require_security_level2_for_outgoing_sdp); 300 } 301 302 int l2cap_send_signaling_packet(hci_con_handle_t handle, L2CAP_SIGNALING_COMMANDS cmd, uint8_t identifier, ...){ 303 304 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 305 log_info("l2cap_send_signaling_packet, cannot send\n"); 306 return BTSTACK_ACL_BUFFERS_FULL; 307 } 308 309 // log_info("l2cap_send_signaling_packet type %u\n", cmd); 310 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 311 va_list argptr; 312 va_start(argptr, identifier); 313 uint16_t len = l2cap_create_signaling_classic(acl_buffer, handle, cmd, identifier, argptr); 314 va_end(argptr); 315 // log_info("l2cap_send_signaling_packet con %u!\n", handle); 316 return hci_send_acl_packet(acl_buffer, len); 317 } 318 319 #ifdef HAVE_BLE 320 int l2cap_send_le_signaling_packet(hci_con_handle_t handle, L2CAP_SIGNALING_COMMANDS cmd, uint8_t identifier, ...){ 321 322 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 323 log_info("l2cap_send_signaling_packet, cannot send\n"); 324 return BTSTACK_ACL_BUFFERS_FULL; 325 } 326 327 // log_info("l2cap_send_signaling_packet type %u\n", cmd); 328 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 329 va_list argptr; 330 va_start(argptr, identifier); 331 uint16_t len = l2cap_create_signaling_le(acl_buffer, handle, cmd, identifier, argptr); 332 va_end(argptr); 333 // log_info("l2cap_send_signaling_packet con %u!\n", handle); 334 return hci_send_acl_packet(acl_buffer, len); 335 } 336 #endif 337 338 uint8_t *l2cap_get_outgoing_buffer(void){ 339 return hci_get_outgoing_acl_packet_buffer() + COMPLETE_L2CAP_HEADER; // 8 bytes 340 } 341 342 int l2cap_send_prepared(uint16_t local_cid, uint16_t len){ 343 344 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 345 log_info("l2cap_send_internal cid 0x%02x, cannot send\n", local_cid); 346 return BTSTACK_ACL_BUFFERS_FULL; 347 } 348 349 l2cap_channel_t * channel = l2cap_get_channel_for_local_cid(local_cid); 350 if (!channel) { 351 log_error("l2cap_send_internal no channel for cid 0x%02x\n", local_cid); 352 return -1; // TODO: define error 353 } 354 355 if (channel->packets_granted == 0){ 356 log_error("l2cap_send_internal cid 0x%02x, no credits!\n", local_cid); 357 return -1; // TODO: define error 358 } 359 360 --channel->packets_granted; 361 362 log_debug("l2cap_send_internal cid 0x%02x, handle %u, 1 credit used, credits left %u;\n", 363 local_cid, channel->handle, channel->packets_granted); 364 365 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 366 367 // 0 - Connection handle : PB=10 : BC=00 368 bt_store_16(acl_buffer, 0, channel->handle | (2 << 12) | (0 << 14)); 369 // 2 - ACL length 370 bt_store_16(acl_buffer, 2, len + 4); 371 // 4 - L2CAP packet length 372 bt_store_16(acl_buffer, 4, len + 0); 373 // 6 - L2CAP channel DEST 374 bt_store_16(acl_buffer, 6, channel->remote_cid); 375 // send 376 int err = hci_send_acl_packet(acl_buffer, len+8); 377 378 l2cap_hand_out_credits(); 379 380 return err; 381 } 382 383 int l2cap_send_prepared_connectionless(uint16_t handle, uint16_t cid, uint16_t len){ 384 385 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 386 log_info("l2cap_send_prepared_to_handle cid 0x%02x, cannot send\n", cid); 387 return BTSTACK_ACL_BUFFERS_FULL; 388 } 389 390 log_debug("l2cap_send_prepared_to_handle cid 0x%02x, handle %u\n", cid, handle); 391 392 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 393 394 // 0 - Connection handle : PB=10 : BC=00 395 bt_store_16(acl_buffer, 0, handle | (2 << 12) | (0 << 14)); 396 // 2 - ACL length 397 bt_store_16(acl_buffer, 2, len + 4); 398 // 4 - L2CAP packet length 399 bt_store_16(acl_buffer, 4, len + 0); 400 // 6 - L2CAP channel DEST 401 bt_store_16(acl_buffer, 6, cid); 402 // send 403 int err = hci_send_acl_packet(acl_buffer, len+8); 404 405 l2cap_hand_out_credits(); 406 407 return err; 408 } 409 410 int l2cap_send_internal(uint16_t local_cid, uint8_t *data, uint16_t len){ 411 412 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 413 log_info("l2cap_send_internal cid 0x%02x, cannot send\n", local_cid); 414 return BTSTACK_ACL_BUFFERS_FULL; 415 } 416 417 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 418 419 memcpy(&acl_buffer[8], data, len); 420 421 return l2cap_send_prepared(local_cid, len); 422 } 423 424 int l2cap_send_connectionless(uint16_t handle, uint16_t cid, uint8_t *data, uint16_t len){ 425 426 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 427 log_info("l2cap_send_internal cid 0x%02x, cannot send\n", cid); 428 return BTSTACK_ACL_BUFFERS_FULL; 429 } 430 431 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 432 433 memcpy(&acl_buffer[8], data, len); 434 435 return l2cap_send_prepared_connectionless(handle, cid, len); 436 } 437 438 int l2cap_send_echo_request(uint16_t handle, uint8_t *data, uint16_t len){ 439 return l2cap_send_signaling_packet(handle, ECHO_REQUEST, 0x77, len, data); 440 } 441 442 static inline void channelStateVarSetFlag(l2cap_channel_t *channel, L2CAP_CHANNEL_STATE_VAR flag){ 443 channel->state_var = (L2CAP_CHANNEL_STATE_VAR) (channel->state_var | flag); 444 } 445 446 static inline void channelStateVarClearFlag(l2cap_channel_t *channel, L2CAP_CHANNEL_STATE_VAR flag){ 447 channel->state_var = (L2CAP_CHANNEL_STATE_VAR) (channel->state_var & ~flag); 448 } 449 450 451 452 // MARK: L2CAP_RUN 453 // process outstanding signaling tasks 454 void l2cap_run(void){ 455 456 // check pending signaling responses 457 while (signaling_responses_pending){ 458 459 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)) break; 460 461 hci_con_handle_t handle = signaling_responses[0].handle; 462 uint8_t sig_id = signaling_responses[0].sig_id; 463 uint16_t infoType = signaling_responses[0].data; // INFORMATION_REQUEST 464 uint16_t result = signaling_responses[0].data; // CONNECTION_REQUEST, COMMAND_REJECT 465 466 switch (signaling_responses[0].code){ 467 case CONNECTION_REQUEST: 468 l2cap_send_signaling_packet(handle, CONNECTION_RESPONSE, sig_id, 0, 0, result, 0); 469 // also disconnect if result is 0x0003 - security blocked 470 hci_disconnect_security_block(handle); 471 break; 472 case ECHO_REQUEST: 473 l2cap_send_signaling_packet(handle, ECHO_RESPONSE, sig_id, 0, NULL); 474 break; 475 case INFORMATION_REQUEST: 476 switch (infoType){ 477 case 1: { // Connectionless MTU 478 uint16_t connectionless_mtu = hci_max_acl_data_packet_length(); 479 l2cap_send_signaling_packet(handle, INFORMATION_RESPONSE, sig_id, infoType, 0, sizeof(connectionless_mtu), &connectionless_mtu); 480 break; 481 } 482 case 2: { // Extended Features Supported 483 // extended features request supported, only supporing fixed channel map 484 uint32_t features = 0x80; 485 l2cap_send_signaling_packet(handle, INFORMATION_RESPONSE, sig_id, infoType, 0, sizeof(features), &features); 486 break; 487 } 488 case 3: { // Fixed Channels Supported 489 uint8_t map[8]; 490 memset(map, 0, 8); 491 map[0] = 0x01; // L2CAP Signaling Channel 492 l2cap_send_signaling_packet(handle, INFORMATION_RESPONSE, sig_id, infoType, 0, sizeof(map), &map); 493 break; 494 } 495 default: 496 // all other types are not supported 497 l2cap_send_signaling_packet(handle, INFORMATION_RESPONSE, sig_id, infoType, 1, 0, NULL); 498 break; 499 } 500 break; 501 case COMMAND_REJECT: 502 l2cap_send_signaling_packet(handle, COMMAND_REJECT, sig_id, result, 0, NULL); 503 #ifdef HAVE_BLE 504 case COMMAND_REJECT_LE: 505 l2cap_send_le_signaling_packet(handle, COMMAND_REJECT, sig_id, result, 0, NULL); 506 break; 507 #endif 508 default: 509 // should not happen 510 break; 511 } 512 513 // remove first item 514 signaling_responses_pending--; 515 int i; 516 for (i=0; i < signaling_responses_pending; i++){ 517 memcpy(&signaling_responses[i], &signaling_responses[i+1], sizeof(l2cap_signaling_response_t)); 518 } 519 } 520 521 uint8_t config_options[4]; 522 linked_item_t *it; 523 linked_item_t *next; 524 for (it = (linked_item_t *) l2cap_channels; it ; it = next){ 525 next = it->next; // cache next item as current item might get freed 526 527 if (!hci_can_send_packet_now(HCI_COMMAND_DATA_PACKET)) break; 528 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)) break; 529 530 l2cap_channel_t * channel = (l2cap_channel_t *) it; 531 532 // log_info("l2cap_run: state %u, var 0x%02x\n", channel->state, channel->state_var); 533 534 535 switch (channel->state){ 536 537 case L2CAP_STATE_WAIT_INCOMING_SECURITY_LEVEL_UPDATE: 538 case L2CAP_STATE_WAIT_CLIENT_ACCEPT_OR_REJECT: 539 if (channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONN_RESP_PEND) { 540 channelStateVarClearFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONN_RESP_PEND); 541 l2cap_send_signaling_packet(channel->handle, CONNECTION_RESPONSE, channel->remote_sig_id, channel->local_cid, channel->remote_cid, 1, 0); 542 } 543 break; 544 545 case L2CAP_STATE_WILL_SEND_CREATE_CONNECTION: 546 // send connection request - set state first 547 channel->state = L2CAP_STATE_WAIT_CONNECTION_COMPLETE; 548 // BD_ADDR, Packet_Type, Page_Scan_Repetition_Mode, Reserved, Clock_Offset, Allow_Role_Switch 549 hci_send_cmd(&hci_create_connection, channel->address, hci_usable_acl_packet_types(), 0, 0, 0, 1); 550 break; 551 552 case L2CAP_STATE_WILL_SEND_CONNECTION_RESPONSE_DECLINE: 553 l2cap_send_signaling_packet(channel->handle, CONNECTION_RESPONSE, channel->remote_sig_id, channel->local_cid, channel->remote_cid, channel->reason, 0); 554 // discard channel - l2cap_finialize_channel_close without sending l2cap close event 555 linked_list_remove(&l2cap_channels, (linked_item_t *) channel); // -- remove from list 556 btstack_memory_l2cap_channel_free(channel); 557 break; 558 559 case L2CAP_STATE_WILL_SEND_CONNECTION_RESPONSE_ACCEPT: 560 channel->state = L2CAP_STATE_CONFIG; 561 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_REQ); 562 l2cap_send_signaling_packet(channel->handle, CONNECTION_RESPONSE, channel->remote_sig_id, channel->local_cid, channel->remote_cid, 0, 0); 563 break; 564 565 case L2CAP_STATE_WILL_SEND_CONNECTION_REQUEST: 566 // success, start l2cap handshake 567 channel->local_sig_id = l2cap_next_sig_id(); 568 channel->state = L2CAP_STATE_WAIT_CONNECT_RSP; 569 l2cap_send_signaling_packet( channel->handle, CONNECTION_REQUEST, channel->local_sig_id, channel->psm, channel->local_cid); 570 l2cap_start_rtx(channel); 571 break; 572 573 case L2CAP_STATE_CONFIG: 574 if (channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP){ 575 uint16_t flags = 0; 576 channelStateVarClearFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP); 577 if (channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_CONT) { 578 flags = 1; 579 } else { 580 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SENT_CONF_RSP); 581 } 582 if (channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_INVALID){ 583 l2cap_send_signaling_packet(channel->handle, CONFIGURE_RESPONSE, channel->remote_sig_id, channel->remote_cid, flags, L2CAP_CONF_RESULT_UNKNOWN_OPTIONS, 0, NULL); 584 } else if (channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_MTU){ 585 config_options[0] = 1; // MTU 586 config_options[1] = 2; // len param 587 bt_store_16( (uint8_t*)&config_options, 2, channel->remote_mtu); 588 l2cap_send_signaling_packet(channel->handle, CONFIGURE_RESPONSE, channel->remote_sig_id, channel->remote_cid, flags, 0, 4, &config_options); 589 channelStateVarClearFlag(channel,L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_MTU); 590 } else { 591 l2cap_send_signaling_packet(channel->handle, CONFIGURE_RESPONSE, channel->remote_sig_id, channel->remote_cid, flags, 0, 0, NULL); 592 } 593 channelStateVarClearFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_CONT); 594 } 595 else if (channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONF_REQ){ 596 channelStateVarClearFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_REQ); 597 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SENT_CONF_REQ); 598 channel->local_sig_id = l2cap_next_sig_id(); 599 config_options[0] = 1; // MTU 600 config_options[1] = 2; // len param 601 bt_store_16( (uint8_t*)&config_options, 2, channel->local_mtu); 602 l2cap_send_signaling_packet(channel->handle, CONFIGURE_REQUEST, channel->local_sig_id, channel->remote_cid, 0, 4, &config_options); 603 l2cap_start_rtx(channel); 604 } 605 if (l2cap_channel_ready_for_open(channel)){ 606 channel->state = L2CAP_STATE_OPEN; 607 l2cap_emit_channel_opened(channel, 0); // success 608 l2cap_emit_credits(channel, 1); 609 } 610 break; 611 612 case L2CAP_STATE_WILL_SEND_DISCONNECT_RESPONSE: 613 l2cap_send_signaling_packet( channel->handle, DISCONNECTION_RESPONSE, channel->remote_sig_id, channel->local_cid, channel->remote_cid); 614 // we don't start an RTX timer for a disconnect - there's no point in closing the channel if the other side doesn't respond :) 615 l2cap_finialize_channel_close(channel); // -- remove from list 616 break; 617 618 case L2CAP_STATE_WILL_SEND_DISCONNECT_REQUEST: 619 channel->local_sig_id = l2cap_next_sig_id(); 620 channel->state = L2CAP_STATE_WAIT_DISCONNECT; 621 l2cap_send_signaling_packet( channel->handle, DISCONNECTION_REQUEST, channel->local_sig_id, channel->remote_cid, channel->local_cid); 622 break; 623 default: 624 break; 625 } 626 } 627 } 628 629 uint16_t l2cap_max_mtu(void){ 630 return hci_max_acl_data_packet_length() - L2CAP_HEADER_SIZE; 631 } 632 633 static void l2cap_handle_connection_complete(uint16_t handle, l2cap_channel_t * channel){ 634 if (channel->state == L2CAP_STATE_WAIT_CONNECTION_COMPLETE || channel->state == L2CAP_STATE_WILL_SEND_CREATE_CONNECTION) { 635 log_info("l2cap_handle_connection_complete expected state"); 636 // success, start l2cap handshake 637 channel->handle = handle; 638 channel->local_cid = l2cap_next_local_cid(); 639 // check remote SSP feature first 640 channel->state = L2CAP_STATE_WAIT_REMOTE_SUPPORTED_FEATURES; 641 } 642 } 643 644 static void l2cap_handle_remote_supported_features_received(l2cap_channel_t * channel){ 645 if (channel->state != L2CAP_STATE_WAIT_REMOTE_SUPPORTED_FEATURES) return; 646 647 // we have been waiting for remote supported features, if both support SSP, 648 log_info("l2cap received remote supported features, sec_level_0_allowed for psm %u = %u", channel->psm, l2cap_security_level_0_allowed_for_PSM(channel->psm)); 649 if (hci_ssp_supported_on_both_sides(channel->handle) && !l2cap_security_level_0_allowed_for_PSM(channel->psm)){ 650 // request security level 2 651 channel->state = L2CAP_STATE_WAIT_OUTGOING_SECURITY_LEVEL_UPDATE; 652 gap_request_security_level(channel->handle, LEVEL_2); 653 return; 654 } 655 // fine, go ahead 656 channel->state = L2CAP_STATE_WILL_SEND_CONNECTION_REQUEST; 657 } 658 659 // open outgoing L2CAP channel 660 void l2cap_create_channel_internal(void * connection, btstack_packet_handler_t packet_handler, 661 bd_addr_t address, uint16_t psm, uint16_t mtu){ 662 663 log_info("L2CAP_CREATE_CHANNEL_MTU addr %s psm 0x%x mtu %u", bd_addr_to_str(address), psm, mtu); 664 665 // alloc structure 666 l2cap_channel_t * chan = (l2cap_channel_t*) btstack_memory_l2cap_channel_get(); 667 if (!chan) { 668 // emit error event 669 l2cap_channel_t dummy_channel; 670 BD_ADDR_COPY(dummy_channel.address, address); 671 dummy_channel.psm = psm; 672 l2cap_emit_channel_opened(&dummy_channel, BTSTACK_MEMORY_ALLOC_FAILED); 673 return; 674 } 675 // limit local mtu to max acl packet length 676 if (mtu > l2cap_max_mtu()) { 677 mtu = l2cap_max_mtu(); 678 } 679 680 // fill in 681 BD_ADDR_COPY(chan->address, address); 682 chan->psm = psm; 683 chan->handle = 0; 684 chan->connection = connection; 685 chan->packet_handler = packet_handler; 686 chan->remote_mtu = L2CAP_MINIMAL_MTU; 687 chan->local_mtu = mtu; 688 chan->packets_granted = 0; 689 690 // set initial state 691 chan->state = L2CAP_STATE_WILL_SEND_CREATE_CONNECTION; 692 chan->state_var = L2CAP_CHANNEL_STATE_VAR_NONE; 693 chan->remote_sig_id = L2CAP_SIG_ID_INVALID; 694 chan->local_sig_id = L2CAP_SIG_ID_INVALID; 695 chan->required_security_level = LEVEL_0; 696 697 // add to connections list 698 linked_list_add(&l2cap_channels, (linked_item_t *) chan); 699 700 // check if hci connection is already usable 701 hci_connection_t * conn = hci_connection_for_bd_addr((bd_addr_t*)address); 702 if (conn){ 703 log_info("l2cap_create_channel_internal, hci connection already exists"); 704 l2cap_handle_connection_complete(conn->con_handle, chan); 705 // check ir remote supported fearures are already received 706 if (conn->bonding_flags & BONDING_RECEIVED_REMOTE_FEATURES) { 707 l2cap_handle_remote_supported_features_received(chan); 708 } 709 } 710 711 l2cap_run(); 712 } 713 714 void l2cap_disconnect_internal(uint16_t local_cid, uint8_t reason){ 715 log_info("L2CAP_DISCONNECT local_cid 0x%x reason 0x%x", local_cid, reason); 716 // find channel for local_cid 717 l2cap_channel_t * channel = l2cap_get_channel_for_local_cid(local_cid); 718 if (channel) { 719 channel->state = L2CAP_STATE_WILL_SEND_DISCONNECT_REQUEST; 720 } 721 // process 722 l2cap_run(); 723 } 724 725 static void l2cap_handle_connection_failed_for_addr(bd_addr_t address, uint8_t status){ 726 linked_item_t *it = (linked_item_t *) &l2cap_channels; 727 while (it->next){ 728 l2cap_channel_t * channel = (l2cap_channel_t *) it->next; 729 if ( ! BD_ADDR_CMP( channel->address, address) ){ 730 if (channel->state == L2CAP_STATE_WAIT_CONNECTION_COMPLETE || channel->state == L2CAP_STATE_WILL_SEND_CREATE_CONNECTION) { 731 // failure, forward error code 732 l2cap_emit_channel_opened(channel, status); 733 // discard channel 734 it->next = it->next->next; 735 btstack_memory_l2cap_channel_free(channel); 736 } 737 } else { 738 it = it->next; 739 } 740 } 741 } 742 743 static void l2cap_handle_connection_success_for_addr(bd_addr_t address, hci_con_handle_t handle){ 744 linked_item_t *it; 745 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 746 l2cap_channel_t * channel = (l2cap_channel_t *) it; 747 if ( ! BD_ADDR_CMP( channel->address, address) ){ 748 l2cap_handle_connection_complete(handle, channel); 749 } 750 } 751 // process 752 l2cap_run(); 753 } 754 755 void l2cap_event_handler( uint8_t *packet, uint16_t size ){ 756 757 bd_addr_t address; 758 hci_con_handle_t handle; 759 l2cap_channel_t * channel; 760 linked_item_t *it; 761 int hci_con_used; 762 763 switch(packet[0]){ 764 765 // handle connection complete events 766 case HCI_EVENT_CONNECTION_COMPLETE: 767 bt_flip_addr(address, &packet[5]); 768 if (packet[2] == 0){ 769 handle = READ_BT_16(packet, 3); 770 l2cap_handle_connection_success_for_addr(address, handle); 771 } else { 772 l2cap_handle_connection_failed_for_addr(address, packet[2]); 773 } 774 break; 775 776 // handle successful create connection cancel command 777 case HCI_EVENT_COMMAND_COMPLETE: 778 if ( COMMAND_COMPLETE_EVENT(packet, hci_create_connection_cancel) ) { 779 if (packet[5] == 0){ 780 bt_flip_addr(address, &packet[6]); 781 // CONNECTION TERMINATED BY LOCAL HOST (0X16) 782 l2cap_handle_connection_failed_for_addr(address, 0x16); 783 } 784 } 785 l2cap_run(); // try sending signaling packets first 786 break; 787 788 case HCI_EVENT_COMMAND_STATUS: 789 l2cap_run(); // try sending signaling packets first 790 break; 791 792 // handle disconnection complete events 793 case HCI_EVENT_DISCONNECTION_COMPLETE: 794 // send l2cap disconnect events for all channels on this handle 795 handle = READ_BT_16(packet, 3); 796 it = (linked_item_t *) &l2cap_channels; 797 while (it->next){ 798 l2cap_channel_t * channel = (l2cap_channel_t *) it->next; 799 if ( channel->handle == handle ){ 800 // update prev item before free'ing next element - don't call l2cap_finalize_channel_close 801 it->next = it->next->next; 802 l2cap_emit_channel_closed(channel); 803 btstack_memory_l2cap_channel_free(channel); 804 } else { 805 it = it->next; 806 } 807 } 808 break; 809 810 case HCI_EVENT_NUMBER_OF_COMPLETED_PACKETS: 811 l2cap_run(); // try sending signaling packets first 812 l2cap_hand_out_credits(); 813 break; 814 815 // HCI Connection Timeouts 816 case L2CAP_EVENT_TIMEOUT_CHECK: 817 handle = READ_BT_16(packet, 2); 818 if (hci_authentication_active_for_handle(handle)) break; 819 hci_con_used = 0; 820 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 821 channel = (l2cap_channel_t *) it; 822 if (channel->handle == handle) { 823 hci_con_used = 1; 824 } 825 } 826 if (hci_con_used) break; 827 if (!hci_can_send_packet_now(HCI_COMMAND_DATA_PACKET)) break; 828 hci_send_cmd(&hci_disconnect, handle, 0x13); // remote closed connection 829 break; 830 831 case DAEMON_EVENT_HCI_PACKET_SENT: 832 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 833 channel = (l2cap_channel_t *) it; 834 if (channel->packet_handler) { 835 (* (channel->packet_handler))(HCI_EVENT_PACKET, channel->local_cid, packet, size); 836 } 837 } 838 if (attribute_protocol_packet_handler) { 839 (*attribute_protocol_packet_handler)(HCI_EVENT_PACKET, 0, packet, size); 840 } 841 if (security_protocol_packet_handler) { 842 (*security_protocol_packet_handler)(HCI_EVENT_PACKET, 0, packet, size); 843 } 844 break; 845 846 case HCI_EVENT_READ_REMOTE_SUPPORTED_FEATURES_COMPLETE: 847 handle = READ_BT_16(packet, 3); 848 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 849 channel = (l2cap_channel_t *) it; 850 if (channel->handle != handle) continue; 851 l2cap_handle_remote_supported_features_received(channel); 852 break; 853 } 854 855 case GAP_SECURITY_LEVEL: 856 handle = READ_BT_16(packet, 2); 857 log_info("l2cap - security level update"); 858 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 859 channel = (l2cap_channel_t *) it; 860 if (channel->handle != handle) continue; 861 862 log_info("l2cap - state %u", channel->state); 863 864 gap_security_level_t actual_level = packet[4]; 865 gap_security_level_t required_level = channel->required_security_level; 866 867 switch (channel->state){ 868 case L2CAP_STATE_WAIT_INCOMING_SECURITY_LEVEL_UPDATE: 869 if (actual_level >= required_level){ 870 channel->state = L2CAP_STATE_WAIT_CLIENT_ACCEPT_OR_REJECT; 871 l2cap_emit_connection_request(channel); 872 } else { 873 channel->reason = 0x03; // security block 874 channel->state = L2CAP_STATE_WILL_SEND_CONNECTION_RESPONSE_DECLINE; 875 } 876 break; 877 878 case L2CAP_STATE_WAIT_OUTGOING_SECURITY_LEVEL_UPDATE: 879 if (actual_level >= required_level){ 880 channel->state = L2CAP_STATE_WILL_SEND_CONNECTION_REQUEST; 881 } else { 882 // disconnnect, authentication not good enough 883 hci_disconnect_security_block(handle); 884 } 885 break; 886 887 default: 888 break; 889 } 890 } 891 break; 892 893 default: 894 break; 895 } 896 897 // pass on 898 (*packet_handler)(NULL, HCI_EVENT_PACKET, 0, packet, size); 899 900 l2cap_run(); 901 } 902 903 static void l2cap_handle_disconnect_request(l2cap_channel_t *channel, uint16_t identifier){ 904 channel->remote_sig_id = identifier; 905 channel->state = L2CAP_STATE_WILL_SEND_DISCONNECT_RESPONSE; 906 l2cap_run(); 907 } 908 909 static void l2cap_register_signaling_response(hci_con_handle_t handle, uint8_t code, uint8_t sig_id, uint16_t data){ 910 // Vol 3, Part A, 4.3: "The DCID and SCID fields shall be ignored when the result field indi- cates the connection was refused." 911 if (signaling_responses_pending < NR_PENDING_SIGNALING_RESPONSES) { 912 signaling_responses[signaling_responses_pending].handle = handle; 913 signaling_responses[signaling_responses_pending].code = code; 914 signaling_responses[signaling_responses_pending].sig_id = sig_id; 915 signaling_responses[signaling_responses_pending].data = data; 916 signaling_responses_pending++; 917 l2cap_run(); 918 } 919 } 920 921 static void l2cap_handle_connection_request(hci_con_handle_t handle, uint8_t sig_id, uint16_t psm, uint16_t source_cid){ 922 923 // log_info("l2cap_handle_connection_request for handle %u, psm %u cid 0x%02x\n", handle, psm, source_cid); 924 l2cap_service_t *service = l2cap_get_service(psm); 925 if (!service) { 926 // 0x0002 PSM not supported 927 l2cap_register_signaling_response(handle, CONNECTION_REQUEST, sig_id, 0x0002); 928 return; 929 } 930 931 hci_connection_t * hci_connection = hci_connection_for_handle( handle ); 932 if (!hci_connection) { 933 // 934 log_error("no hci_connection for handle %u\n", handle); 935 return; 936 } 937 938 // reject connection (0x03 security block) and disconnect if both have SSP, connection is not encrypted and PSM != SDP 939 if ( hci_ssp_supported_on_both_sides(handle) 940 && gap_security_level(handle) == LEVEL_0 941 && !l2cap_security_level_0_allowed_for_PSM(psm)){ 942 943 // 0x0003 Security Block 944 l2cap_register_signaling_response(handle, CONNECTION_REQUEST, sig_id, 0x0003); 945 return; 946 } 947 948 949 // alloc structure 950 // log_info("l2cap_handle_connection_request register channel\n"); 951 l2cap_channel_t * channel = (l2cap_channel_t*) btstack_memory_l2cap_channel_get(); 952 if (!channel){ 953 // 0x0004 No resources available 954 l2cap_register_signaling_response(handle, CONNECTION_REQUEST, sig_id, 0x0004); 955 return; 956 } 957 958 // fill in 959 BD_ADDR_COPY(channel->address, hci_connection->address); 960 channel->psm = psm; 961 channel->handle = handle; 962 channel->connection = service->connection; 963 channel->packet_handler = service->packet_handler; 964 channel->local_cid = l2cap_next_local_cid(); 965 channel->remote_cid = source_cid; 966 channel->local_mtu = service->mtu; 967 channel->remote_mtu = L2CAP_DEFAULT_MTU; 968 channel->packets_granted = 0; 969 channel->remote_sig_id = sig_id; 970 channel->required_security_level = service->required_security_level; 971 972 // limit local mtu to max acl packet length 973 if (channel->local_mtu > l2cap_max_mtu()) { 974 channel->local_mtu = l2cap_max_mtu(); 975 } 976 977 // set initial state 978 channel->state = L2CAP_STATE_WAIT_INCOMING_SECURITY_LEVEL_UPDATE; 979 channel->state_var = L2CAP_CHANNEL_STATE_VAR_SEND_CONN_RESP_PEND; 980 981 // add to connections list 982 linked_list_add(&l2cap_channels, (linked_item_t *) channel); 983 984 // assert security requirements 985 gap_request_security_level(handle, channel->required_security_level); 986 } 987 988 void l2cap_accept_connection_internal(uint16_t local_cid){ 989 log_info("L2CAP_ACCEPT_CONNECTION local_cid 0x%x", local_cid); 990 l2cap_channel_t * channel = l2cap_get_channel_for_local_cid(local_cid); 991 if (!channel) { 992 log_error("l2cap_accept_connection_internal called but local_cid 0x%x not found", local_cid); 993 return; 994 } 995 996 channel->state = L2CAP_STATE_WILL_SEND_CONNECTION_RESPONSE_ACCEPT; 997 998 // process 999 l2cap_run(); 1000 } 1001 1002 void l2cap_decline_connection_internal(uint16_t local_cid, uint8_t reason){ 1003 log_info("L2CAP_DECLINE_CONNECTION local_cid 0x%x, reason %x", local_cid, reason); 1004 l2cap_channel_t * channel = l2cap_get_channel_for_local_cid( local_cid); 1005 if (!channel) { 1006 log_error( "l2cap_decline_connection_internal called but local_cid 0x%x not found", local_cid); 1007 return; 1008 } 1009 channel->state = L2CAP_STATE_WILL_SEND_CONNECTION_RESPONSE_DECLINE; 1010 channel->reason = reason; 1011 l2cap_run(); 1012 } 1013 1014 void l2cap_signaling_handle_configure_request(l2cap_channel_t *channel, uint8_t *command){ 1015 1016 channel->remote_sig_id = command[L2CAP_SIGNALING_COMMAND_SIGID_OFFSET]; 1017 1018 uint16_t flags = READ_BT_16(command, 6); 1019 if (flags & 1) { 1020 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_CONT); 1021 } 1022 1023 // accept the other's configuration options 1024 uint16_t end_pos = 4 + READ_BT_16(command, L2CAP_SIGNALING_COMMAND_LENGTH_OFFSET); 1025 uint16_t pos = 8; 1026 while (pos < end_pos){ 1027 uint8_t option_hint = command[pos] >> 7; 1028 uint8_t option_type = command[pos] & 0x7f; 1029 log_info("l2cap cid %u, hint %u, type %u", channel->local_cid, option_hint, option_type); 1030 pos++; 1031 uint8_t length = command[pos++]; 1032 // MTU { type(8): 1, len(8):2, MTU(16) } 1033 if (option_type == 1 && length == 2){ 1034 channel->remote_mtu = READ_BT_16(command, pos); 1035 // log_info("l2cap cid 0x%02x, remote mtu %u\n", channel->local_cid, channel->remote_mtu); 1036 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_MTU); 1037 } 1038 // Flush timeout { type(8):2, len(8): 2, Flush Timeout(16)} 1039 if (option_type == 2 && length == 2){ 1040 channel->flush_timeout = READ_BT_16(command, pos); 1041 } 1042 // check for unknown options 1043 if (option_hint == 0 && (option_type == 0 || option_type >= 0x07)){ 1044 log_info("l2cap cid %u, unknown options", channel->local_cid); 1045 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_INVALID); 1046 } 1047 pos += length; 1048 } 1049 } 1050 1051 static int l2cap_channel_ready_for_open(l2cap_channel_t *channel){ 1052 // log_info("l2cap_channel_ready_for_open 0x%02x\n", channel->state_var); 1053 if ((channel->state_var & L2CAP_CHANNEL_STATE_VAR_RCVD_CONF_RSP) == 0) return 0; 1054 if ((channel->state_var & L2CAP_CHANNEL_STATE_VAR_SENT_CONF_RSP) == 0) return 0; 1055 return 1; 1056 } 1057 1058 1059 void l2cap_signaling_handler_channel(l2cap_channel_t *channel, uint8_t *command){ 1060 1061 uint8_t code = command[L2CAP_SIGNALING_COMMAND_CODE_OFFSET]; 1062 uint8_t identifier = command[L2CAP_SIGNALING_COMMAND_SIGID_OFFSET]; 1063 uint16_t result = 0; 1064 1065 log_info("L2CAP signaling handler code %u, state %u\n", code, channel->state); 1066 1067 // handle DISCONNECT REQUESTS seperately 1068 if (code == DISCONNECTION_REQUEST){ 1069 switch (channel->state){ 1070 case L2CAP_STATE_CONFIG: 1071 case L2CAP_STATE_OPEN: 1072 case L2CAP_STATE_WILL_SEND_DISCONNECT_REQUEST: 1073 case L2CAP_STATE_WAIT_DISCONNECT: 1074 l2cap_handle_disconnect_request(channel, identifier); 1075 break; 1076 1077 default: 1078 // ignore in other states 1079 break; 1080 } 1081 return; 1082 } 1083 1084 // @STATEMACHINE(l2cap) 1085 switch (channel->state) { 1086 1087 case L2CAP_STATE_WAIT_CONNECT_RSP: 1088 switch (code){ 1089 case CONNECTION_RESPONSE: 1090 l2cap_stop_rtx(channel); 1091 result = READ_BT_16 (command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET+4); 1092 switch (result) { 1093 case 0: 1094 // successful connection 1095 channel->remote_cid = READ_BT_16(command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET); 1096 channel->state = L2CAP_STATE_CONFIG; 1097 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_REQ); 1098 break; 1099 case 1: 1100 // connection pending. get some coffee, but start the ERTX 1101 l2cap_start_ertx(channel); 1102 break; 1103 default: 1104 // channel closed 1105 channel->state = L2CAP_STATE_CLOSED; 1106 // map l2cap connection response result to BTstack status enumeration 1107 l2cap_emit_channel_opened(channel, L2CAP_CONNECTION_RESPONSE_RESULT_SUCCESSFUL + result); 1108 1109 // drop link key if security block 1110 if (L2CAP_CONNECTION_RESPONSE_RESULT_SUCCESSFUL + result == L2CAP_CONNECTION_RESPONSE_RESULT_REFUSED_SECURITY){ 1111 hci_drop_link_key_for_bd_addr(&channel->address); 1112 } 1113 1114 // discard channel 1115 linked_list_remove(&l2cap_channels, (linked_item_t *) channel); 1116 btstack_memory_l2cap_channel_free(channel); 1117 break; 1118 } 1119 break; 1120 1121 default: 1122 //@TODO: implement other signaling packets 1123 break; 1124 } 1125 break; 1126 1127 case L2CAP_STATE_CONFIG: 1128 result = READ_BT_16 (command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET+4); 1129 switch (code) { 1130 case CONFIGURE_REQUEST: 1131 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP); 1132 l2cap_signaling_handle_configure_request(channel, command); 1133 if (!(channel->state_var & L2CAP_CHANNEL_STATE_VAR_SEND_CONF_RSP_CONT)){ 1134 // only done if continuation not set 1135 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_RCVD_CONF_REQ); 1136 } 1137 break; 1138 case CONFIGURE_RESPONSE: 1139 l2cap_stop_rtx(channel); 1140 switch (result){ 1141 case 0: // success 1142 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_RCVD_CONF_RSP); 1143 break; 1144 case 4: // pending 1145 l2cap_start_ertx(channel); 1146 break; 1147 default: 1148 // retry on negative result 1149 channelStateVarSetFlag(channel, L2CAP_CHANNEL_STATE_VAR_SEND_CONF_REQ); 1150 break; 1151 } 1152 break; 1153 default: 1154 break; 1155 } 1156 if (l2cap_channel_ready_for_open(channel)){ 1157 // for open: 1158 channel->state = L2CAP_STATE_OPEN; 1159 l2cap_emit_channel_opened(channel, 0); 1160 l2cap_emit_credits(channel, 1); 1161 } 1162 break; 1163 1164 case L2CAP_STATE_WAIT_DISCONNECT: 1165 switch (code) { 1166 case DISCONNECTION_RESPONSE: 1167 l2cap_finialize_channel_close(channel); 1168 break; 1169 default: 1170 //@TODO: implement other signaling packets 1171 break; 1172 } 1173 break; 1174 1175 case L2CAP_STATE_CLOSED: 1176 // @TODO handle incoming requests 1177 break; 1178 1179 case L2CAP_STATE_OPEN: 1180 //@TODO: implement other signaling packets, e.g. re-configure 1181 break; 1182 default: 1183 break; 1184 } 1185 // log_info("new state %u\n", channel->state); 1186 } 1187 1188 1189 void l2cap_signaling_handler_dispatch( hci_con_handle_t handle, uint8_t * command){ 1190 1191 // get code, signalind identifier and command len 1192 uint8_t code = command[L2CAP_SIGNALING_COMMAND_CODE_OFFSET]; 1193 uint8_t sig_id = command[L2CAP_SIGNALING_COMMAND_SIGID_OFFSET]; 1194 1195 // not for a particular channel, and not CONNECTION_REQUEST, ECHO_[REQUEST|RESPONSE], INFORMATION_REQUEST 1196 if (code < 1 || code == ECHO_RESPONSE || code > INFORMATION_REQUEST){ 1197 l2cap_register_signaling_response(handle, COMMAND_REJECT, sig_id, L2CAP_REJ_CMD_UNKNOWN); 1198 return; 1199 } 1200 1201 // general commands without an assigned channel 1202 switch(code) { 1203 1204 case CONNECTION_REQUEST: { 1205 uint16_t psm = READ_BT_16(command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET); 1206 uint16_t source_cid = READ_BT_16(command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET+2); 1207 l2cap_handle_connection_request(handle, sig_id, psm, source_cid); 1208 return; 1209 } 1210 1211 case ECHO_REQUEST: 1212 l2cap_register_signaling_response(handle, code, sig_id, 0); 1213 return; 1214 1215 case INFORMATION_REQUEST: { 1216 uint16_t infoType = READ_BT_16(command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET); 1217 l2cap_register_signaling_response(handle, code, sig_id, infoType); 1218 return; 1219 } 1220 1221 default: 1222 break; 1223 } 1224 1225 1226 // Get potential destination CID 1227 uint16_t dest_cid = READ_BT_16(command, L2CAP_SIGNALING_COMMAND_DATA_OFFSET); 1228 1229 // Find channel for this sig_id and connection handle 1230 linked_item_t *it; 1231 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 1232 l2cap_channel_t * channel = (l2cap_channel_t *) it; 1233 if (channel->handle == handle) { 1234 if (code & 1) { 1235 // match odd commands (responses) by previous signaling identifier 1236 if (channel->local_sig_id == sig_id) { 1237 l2cap_signaling_handler_channel(channel, command); 1238 break; 1239 } 1240 } else { 1241 // match even commands (requests) by local channel id 1242 if (channel->local_cid == dest_cid) { 1243 l2cap_signaling_handler_channel(channel, command); 1244 break; 1245 } 1246 } 1247 } 1248 } 1249 } 1250 1251 void l2cap_acl_handler( uint8_t *packet, uint16_t size ){ 1252 1253 // Get Channel ID 1254 uint16_t channel_id = READ_L2CAP_CHANNEL_ID(packet); 1255 hci_con_handle_t handle = READ_ACL_CONNECTION_HANDLE(packet); 1256 1257 switch (channel_id) { 1258 1259 case L2CAP_CID_SIGNALING: { 1260 1261 uint16_t command_offset = 8; 1262 while (command_offset < size) { 1263 1264 // handle signaling commands 1265 l2cap_signaling_handler_dispatch(handle, &packet[command_offset]); 1266 1267 // increment command_offset 1268 command_offset += L2CAP_SIGNALING_COMMAND_DATA_OFFSET + READ_BT_16(packet, command_offset + L2CAP_SIGNALING_COMMAND_LENGTH_OFFSET); 1269 } 1270 break; 1271 } 1272 1273 case L2CAP_CID_ATTRIBUTE_PROTOCOL: 1274 if (attribute_protocol_packet_handler) { 1275 (*attribute_protocol_packet_handler)(ATT_DATA_PACKET, handle, &packet[COMPLETE_L2CAP_HEADER], size-COMPLETE_L2CAP_HEADER); 1276 } 1277 break; 1278 1279 case L2CAP_CID_SECURITY_MANAGER_PROTOCOL: 1280 if (security_protocol_packet_handler) { 1281 (*security_protocol_packet_handler)(SM_DATA_PACKET, handle, &packet[COMPLETE_L2CAP_HEADER], size-COMPLETE_L2CAP_HEADER); 1282 } 1283 break; 1284 1285 case L2CAP_CID_SIGNALING_LE: { 1286 // not implemented yet for LE Peripheral 1287 uint8_t sig_id = packet[COMPLETE_L2CAP_HEADER + 1]; 1288 l2cap_register_signaling_response(handle, COMMAND_REJECT_LE, sig_id, L2CAP_REJ_CMD_UNKNOWN); 1289 break; 1290 } 1291 1292 default: { 1293 // Find channel for this channel_id and connection handle 1294 l2cap_channel_t * channel = l2cap_get_channel_for_local_cid(channel_id); 1295 if (channel) { 1296 l2cap_dispatch(channel, L2CAP_DATA_PACKET, &packet[COMPLETE_L2CAP_HEADER], size-COMPLETE_L2CAP_HEADER); 1297 } 1298 break; 1299 } 1300 } 1301 } 1302 1303 static void l2cap_packet_handler(uint8_t packet_type, uint8_t *packet, uint16_t size){ 1304 switch (packet_type) { 1305 case HCI_EVENT_PACKET: 1306 l2cap_event_handler(packet, size); 1307 break; 1308 case HCI_ACL_DATA_PACKET: 1309 l2cap_acl_handler(packet, size); 1310 break; 1311 default: 1312 break; 1313 } 1314 l2cap_run(); 1315 } 1316 1317 // finalize closed channel - l2cap_handle_disconnect_request & DISCONNECTION_RESPONSE 1318 void l2cap_finialize_channel_close(l2cap_channel_t *channel){ 1319 channel->state = L2CAP_STATE_CLOSED; 1320 l2cap_emit_channel_closed(channel); 1321 // discard channel 1322 linked_list_remove(&l2cap_channels, (linked_item_t *) channel); 1323 btstack_memory_l2cap_channel_free(channel); 1324 } 1325 1326 l2cap_service_t * l2cap_get_service(uint16_t psm){ 1327 linked_item_t *it; 1328 1329 // close open channels 1330 for (it = (linked_item_t *) l2cap_services; it ; it = it->next){ 1331 l2cap_service_t * service = ((l2cap_service_t *) it); 1332 if ( service->psm == psm){ 1333 return service; 1334 }; 1335 } 1336 return NULL; 1337 } 1338 1339 void l2cap_register_service_internal(void *connection, btstack_packet_handler_t packet_handler, uint16_t psm, uint16_t mtu, gap_security_level_t security_level){ 1340 1341 log_info("L2CAP_REGISTER_SERVICE psm 0x%x mtu %u", psm, mtu); 1342 1343 // check for alread registered psm 1344 // TODO: emit error event 1345 l2cap_service_t *service = l2cap_get_service(psm); 1346 if (service) { 1347 log_error("l2cap_register_service_internal: PSM %u already registered\n", psm); 1348 l2cap_emit_service_registered(connection, L2CAP_SERVICE_ALREADY_REGISTERED, psm); 1349 return; 1350 } 1351 1352 // alloc structure 1353 // TODO: emit error event 1354 service = (l2cap_service_t *) btstack_memory_l2cap_service_get(); 1355 if (!service) { 1356 log_error("l2cap_register_service_internal: no memory for l2cap_service_t\n"); 1357 l2cap_emit_service_registered(connection, BTSTACK_MEMORY_ALLOC_FAILED, psm); 1358 return; 1359 } 1360 1361 // fill in 1362 service->psm = psm; 1363 service->mtu = mtu; 1364 service->connection = connection; 1365 service->packet_handler = packet_handler; 1366 service->required_security_level = security_level; 1367 1368 // add to services list 1369 linked_list_add(&l2cap_services, (linked_item_t *) service); 1370 1371 // enable page scan 1372 hci_connectable_control(1); 1373 1374 // done 1375 l2cap_emit_service_registered(connection, 0, psm); 1376 } 1377 1378 void l2cap_unregister_service_internal(void *connection, uint16_t psm){ 1379 1380 log_info("L2CAP_UNREGISTER_SERVICE psm 0x%x", psm); 1381 1382 l2cap_service_t *service = l2cap_get_service(psm); 1383 if (!service) return; 1384 linked_list_remove(&l2cap_services, (linked_item_t *) service); 1385 btstack_memory_l2cap_service_free(service); 1386 1387 // disable page scan when no services registered 1388 if (!linked_list_empty(&l2cap_services)) return; 1389 hci_connectable_control(0); 1390 } 1391 1392 // 1393 void l2cap_close_connection(void *connection){ 1394 linked_item_t *it; 1395 1396 // close open channels - note to myself: no channel is freed, so no new for fancy iterator tricks 1397 l2cap_channel_t * channel; 1398 for (it = (linked_item_t *) l2cap_channels; it ; it = it->next){ 1399 channel = (l2cap_channel_t *) it; 1400 if (channel->connection == connection) { 1401 channel->state = L2CAP_STATE_WILL_SEND_DISCONNECT_REQUEST; 1402 } 1403 } 1404 1405 // unregister services 1406 it = (linked_item_t *) &l2cap_services; 1407 while (it->next) { 1408 l2cap_service_t * service = (l2cap_service_t *) it->next; 1409 if (service->connection == connection){ 1410 it->next = it->next->next; 1411 btstack_memory_l2cap_service_free(service); 1412 } else { 1413 it = it->next; 1414 } 1415 } 1416 1417 // process 1418 l2cap_run(); 1419 } 1420 1421 // Bluetooth 4.0 - allows to register handler for Attribute Protocol and Security Manager Protocol 1422 void l2cap_register_fixed_channel(btstack_packet_handler_t packet_handler, uint16_t channel_id) { 1423 switch(channel_id){ 1424 case L2CAP_CID_ATTRIBUTE_PROTOCOL: 1425 attribute_protocol_packet_handler = packet_handler; 1426 break; 1427 case L2CAP_CID_SECURITY_MANAGER_PROTOCOL: 1428 security_protocol_packet_handler = packet_handler; 1429 break; 1430 } 1431 } 1432 1433 #ifdef HAVE_BLE 1434 // Request LE connection parameter update 1435 int l2cap_le_request_connection_parameter_update(uint16_t handle, uint16_t interval_min, uint16_t interval_max, uint16_t slave_latency, uint16_t timeout_multiplier){ 1436 if (!hci_can_send_packet_now(HCI_ACL_DATA_PACKET)){ 1437 log_info("l2cap_send_signaling_packet, cannot send\n"); 1438 return BTSTACK_ACL_BUFFERS_FULL; 1439 } 1440 // log_info("l2cap_send_signaling_packet type %u\n", cmd); 1441 uint8_t *acl_buffer = hci_get_outgoing_acl_packet_buffer(); 1442 uint16_t len = l2cap_le_create_connection_parameter_update_request(acl_buffer, handle, interval_min, interval_max, slave_latency, timeout_multiplier); 1443 return hci_send_acl_packet(acl_buffer, len); 1444 } 1445 #endif 1446 1447