1 /******************************************************************************
2 *
3 * Copyright (C) 2006-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains action functions for BTA JV APIs.
22 *
23 ******************************************************************************/
24 #include <hardware/bluetooth.h>
25 #include <arpa/inet.h>
26 #include <pthread.h>
27 #include <stdlib.h>
28 #include <string.h>
29
30 #include "osi/include/allocator.h"
31 #include "bt_types.h"
32 #include "bt_common.h"
33 #include "utl.h"
34 #include "bta_sys.h"
35 #include "bta_api.h"
36 #include "bta_jv_api.h"
37 #include "bta_jv_int.h"
38 #include "bta_jv_co.h"
39 #include "btm_api.h"
40 #include "btm_int.h"
41 #include "sdp_api.h"
42 #include "l2c_api.h"
43 #include "port_api.h"
44 #include "rfcdefs.h"
45 #include "avct_api.h"
46 #include "avdt_api.h"
47 #include "gap_api.h"
48 #include "l2c_api.h"
49
50 #include "osi/include/osi.h"
51
52
53 /* one of these exists for each client */
54 struct fc_client {
55 struct fc_client *next_all_list;
56 struct fc_client *next_chan_list;
57 BD_ADDR remote_addr;
58 uint32_t id;
59 tBTA_JV_L2CAP_CBACK *p_cback;
60 void *user_data;
61 uint16_t handle;
62 uint16_t chan;
63 uint8_t sec_id;
64 unsigned server : 1;
65 unsigned init_called : 1;
66 };
67
68 /* one of these exists for each channel we're dealing with */
69 struct fc_channel {
70 struct fc_channel *next;
71 struct fc_client *clients;
72 uint8_t has_server : 1;
73 uint16_t chan;
74 };
75
76
77 static struct fc_client *fc_clients;
78 static struct fc_channel *fc_channels;
79 static uint32_t fc_next_id;
80
81
82 static void fcchan_conn_chng_cbk(UINT16 chan, BD_ADDR bd_addr, BOOLEAN connected,
83 UINT16 reason, tBT_TRANSPORT );
84 static void fcchan_data_cbk(UINT16 chan, BD_ADDR bd_addr, BT_HDR *p_buf);
85
86
87 extern void uuid_to_string_legacy(bt_uuid_t *p_uuid, char *str);
logu(const char * title,const uint8_t * p_uuid)88 static inline void logu(const char* title, const uint8_t * p_uuid)
89 {
90 char uuids[128];
91 uuid_to_string_legacy((bt_uuid_t*)p_uuid, uuids);
92 APPL_TRACE_DEBUG("%s: %s", title, uuids);
93 }
94
95
96 static tBTA_JV_PCB * bta_jv_add_rfc_port(tBTA_JV_RFC_CB *p_cb, tBTA_JV_PCB *p_pcb_open);
97 static tBTA_JV_STATUS bta_jv_free_set_pm_profile_cb(UINT32 jv_handle);
98 static void bta_jv_pm_conn_busy(tBTA_JV_PM_CB *p_cb);
99 static void bta_jv_pm_conn_idle(tBTA_JV_PM_CB *p_cb);
100 static void bta_jv_pm_state_change(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE state);
101 tBTA_JV_STATUS bta_jv_set_pm_conn_state(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE
102 new_st);
103
104 /*******************************************************************************
105 **
106 ** Function bta_jv_alloc_sec_id
107 **
108 ** Description allocate a security id
109 **
110 ** Returns
111 **
112 *******************************************************************************/
bta_jv_alloc_sec_id(void)113 UINT8 bta_jv_alloc_sec_id(void)
114 {
115 UINT8 ret = 0;
116 int i;
117 for(i=0; i<BTA_JV_NUM_SERVICE_ID; i++)
118 {
119 if(0 == bta_jv_cb.sec_id[i])
120 {
121 bta_jv_cb.sec_id[i] = BTA_JV_FIRST_SERVICE_ID + i;
122 ret = bta_jv_cb.sec_id[i];
123 break;
124 }
125 }
126 return ret;
127
128 }
get_sec_id_used(void)129 static int get_sec_id_used(void)
130 {
131 int i;
132 int used = 0;
133 for(i=0; i<BTA_JV_NUM_SERVICE_ID; i++)
134 {
135 if(bta_jv_cb.sec_id[i])
136 used++;
137 }
138 if (used == BTA_JV_NUM_SERVICE_ID)
139 APPL_TRACE_ERROR("get_sec_id_used, sec id exceeds the limit:%d",
140 BTA_JV_NUM_SERVICE_ID);
141 return used;
142 }
get_rfc_cb_used(void)143 static int get_rfc_cb_used(void)
144 {
145 int i;
146 int used = 0;
147 for(i=0; i<BTA_JV_MAX_RFC_CONN; i++)
148 {
149 if(bta_jv_cb.rfc_cb[i].handle )
150 used++;
151 }
152 if (used == BTA_JV_MAX_RFC_CONN)
153 APPL_TRACE_ERROR("get_sec_id_used, rfc ctrl block exceeds the limit:%d",
154 BTA_JV_MAX_RFC_CONN);
155 return used;
156 }
157
158 /*******************************************************************************
159 **
160 ** Function bta_jv_free_sec_id
161 **
162 ** Description free the given security id
163 **
164 ** Returns
165 **
166 *******************************************************************************/
bta_jv_free_sec_id(UINT8 * p_sec_id)167 static void bta_jv_free_sec_id(UINT8 *p_sec_id)
168 {
169 UINT8 sec_id = *p_sec_id;
170 *p_sec_id = 0;
171 if(sec_id >= BTA_JV_FIRST_SERVICE_ID && sec_id <= BTA_JV_LAST_SERVICE_ID)
172 {
173 BTM_SecClrService(sec_id);
174 bta_jv_cb.sec_id[sec_id - BTA_JV_FIRST_SERVICE_ID] = 0;
175 }
176 }
177
178 /*******************************************************************************
179 **
180 ** Function bta_jv_alloc_rfc_cb
181 **
182 ** Description allocate a control block for the given port handle
183 **
184 ** Returns
185 **
186 *******************************************************************************/
bta_jv_alloc_rfc_cb(UINT16 port_handle,tBTA_JV_PCB ** pp_pcb)187 tBTA_JV_RFC_CB * bta_jv_alloc_rfc_cb(UINT16 port_handle, tBTA_JV_PCB **pp_pcb)
188 {
189 tBTA_JV_RFC_CB *p_cb = NULL;
190 tBTA_JV_PCB *p_pcb;
191 int i, j;
192 for(i=0; i<BTA_JV_MAX_RFC_CONN; i++)
193 {
194 if (0 == bta_jv_cb.rfc_cb[i].handle )
195 {
196 p_cb = &bta_jv_cb.rfc_cb[i];
197 /* mask handle to distinguish it with L2CAP handle */
198 p_cb->handle = (i + 1) | BTA_JV_RFCOMM_MASK;
199
200 p_cb->max_sess = 1;
201 p_cb->curr_sess = 1;
202 for (j = 0; j < BTA_JV_MAX_RFC_SR_SESSION; j++)
203 p_cb->rfc_hdl[j] = 0;
204 p_cb->rfc_hdl[0] = port_handle;
205 APPL_TRACE_DEBUG( "bta_jv_alloc_rfc_cb port_handle:%d handle:0x%2x",
206 port_handle, p_cb->handle);
207
208 p_pcb = &bta_jv_cb.port_cb[port_handle - 1];
209 p_pcb->handle = p_cb->handle;
210 p_pcb->port_handle = port_handle;
211 p_pcb->p_pm_cb = NULL;
212 *pp_pcb = p_pcb;
213 break;
214 }
215 }
216 if(p_cb == NULL)
217 {
218 APPL_TRACE_ERROR( "bta_jv_alloc_rfc_cb: port_handle:%d, ctrl block exceeds "
219 "limit:%d", port_handle, BTA_JV_MAX_RFC_CONN);
220 }
221 return p_cb;
222 }
223
224 /*******************************************************************************
225 **
226 ** Function bta_jv_rfc_port_to_pcb
227 **
228 ** Description find the port control block associated with the given port handle
229 **
230 ** Returns
231 **
232 *******************************************************************************/
bta_jv_rfc_port_to_pcb(UINT16 port_handle)233 tBTA_JV_PCB * bta_jv_rfc_port_to_pcb(UINT16 port_handle)
234 {
235 tBTA_JV_PCB *p_pcb = NULL;
236
237 if ((port_handle > 0) && (port_handle <= MAX_RFC_PORTS)
238 && bta_jv_cb.port_cb[port_handle - 1].handle)
239 {
240 p_pcb = &bta_jv_cb.port_cb[port_handle - 1];
241 }
242
243 return p_pcb;
244 }
245
246 /*******************************************************************************
247 **
248 ** Function bta_jv_rfc_port_to_cb
249 **
250 ** Description find the RFCOMM control block associated with the given port handle
251 **
252 ** Returns
253 **
254 *******************************************************************************/
bta_jv_rfc_port_to_cb(UINT16 port_handle)255 tBTA_JV_RFC_CB * bta_jv_rfc_port_to_cb(UINT16 port_handle)
256 {
257 tBTA_JV_RFC_CB *p_cb = NULL;
258 UINT32 handle;
259
260 if ((port_handle > 0) && (port_handle <= MAX_RFC_PORTS)
261 && bta_jv_cb.port_cb[port_handle - 1].handle)
262 {
263 handle = bta_jv_cb.port_cb[port_handle - 1].handle;
264 handle &= BTA_JV_RFC_HDL_MASK;
265 handle &= ~BTA_JV_RFCOMM_MASK;
266 if (handle)
267 p_cb = &bta_jv_cb.rfc_cb[handle - 1];
268 }
269 else
270 {
271 APPL_TRACE_WARNING("bta_jv_rfc_port_to_cb(port_handle:0x%x):jv handle:0x%x not"
272 " FOUND", port_handle, bta_jv_cb.port_cb[port_handle - 1].handle);
273 }
274 return p_cb;
275 }
276
bta_jv_free_rfc_cb(tBTA_JV_RFC_CB * p_cb,tBTA_JV_PCB * p_pcb)277 static tBTA_JV_STATUS bta_jv_free_rfc_cb(tBTA_JV_RFC_CB *p_cb, tBTA_JV_PCB *p_pcb)
278 {
279 tBTA_JV_STATUS status = BTA_JV_SUCCESS;
280 BOOLEAN remove_server = FALSE;
281 int close_pending = 0;
282
283 if (!p_cb || !p_pcb)
284 {
285 APPL_TRACE_ERROR("bta_jv_free_sr_rfc_cb, p_cb or p_pcb cannot be null");
286 return BTA_JV_FAILURE;
287 }
288 APPL_TRACE_DEBUG("bta_jv_free_sr_rfc_cb: max_sess:%d, curr_sess:%d, p_pcb:%p, user:"
289 "%p, state:%d, jv handle: 0x%x" ,p_cb->max_sess, p_cb->curr_sess, p_pcb,
290 p_pcb->user_data, p_pcb->state, p_pcb->handle);
291
292 if (p_cb->curr_sess <= 0)
293 return BTA_JV_SUCCESS;
294
295 switch (p_pcb->state)
296 {
297 case BTA_JV_ST_CL_CLOSING:
298 case BTA_JV_ST_SR_CLOSING:
299 APPL_TRACE_WARNING("bta_jv_free_sr_rfc_cb: return on closing, port state:%d, "
300 "scn:%d, p_pcb:%p, user_data:%p", p_pcb->state, p_cb->scn, p_pcb,
301 p_pcb->user_data);
302 status = BTA_JV_FAILURE;
303 return status;
304 case BTA_JV_ST_CL_OPEN:
305 case BTA_JV_ST_CL_OPENING:
306 APPL_TRACE_DEBUG("bta_jv_free_sr_rfc_cb: state: %d, scn:%d,"
307 " user_data:%p", p_pcb->state, p_cb->scn, p_pcb->user_data);
308 p_pcb->state = BTA_JV_ST_CL_CLOSING;
309 break;
310 case BTA_JV_ST_SR_LISTEN:
311 p_pcb->state = BTA_JV_ST_SR_CLOSING;
312 remove_server = TRUE;
313 APPL_TRACE_DEBUG("bta_jv_free_sr_rfc_cb: state: BTA_JV_ST_SR_LISTEN, scn:%d,"
314 " user_data:%p", p_cb->scn, p_pcb->user_data);
315 break;
316 case BTA_JV_ST_SR_OPEN:
317 p_pcb->state = BTA_JV_ST_SR_CLOSING;
318 APPL_TRACE_DEBUG("bta_jv_free_sr_rfc_cb: state: BTA_JV_ST_SR_OPEN, scn:%d,"
319 " user_data:%p", p_cb->scn, p_pcb->user_data);
320 break;
321 default:
322 APPL_TRACE_WARNING("bta_jv_free_sr_rfc_cb():failed, ignore port state:%d, scn:"
323 "%d, p_pcb:%p, jv handle: 0x%x, port_handle: %d, user_data:%p",
324 p_pcb->state, p_cb->scn, p_pcb, p_pcb->handle, p_pcb->port_handle,
325 p_pcb->user_data);
326 status = BTA_JV_FAILURE;
327 break;
328 }
329 if (BTA_JV_SUCCESS == status)
330 {
331 int port_status;
332
333 if (!remove_server)
334 port_status = RFCOMM_RemoveConnection(p_pcb->port_handle);
335 else
336 port_status = RFCOMM_RemoveServer(p_pcb->port_handle);
337 if (port_status != PORT_SUCCESS)
338 {
339 status = BTA_JV_FAILURE;
340 APPL_TRACE_WARNING("bta_jv_free_rfc_cb(jv handle: 0x%x, state %d)::"
341 "port_status: %d, port_handle: %d, close_pending: %d:Remove",
342 p_pcb->handle, p_pcb->state, port_status, p_pcb->port_handle,
343 close_pending);
344 }
345 }
346 if (!close_pending)
347 {
348 p_pcb->port_handle = 0;
349 p_pcb->state = BTA_JV_ST_NONE;
350 bta_jv_free_set_pm_profile_cb(p_pcb->handle);
351
352 //Initialize congestion flags
353 p_pcb->cong = FALSE;
354 p_pcb->user_data = 0;
355 int si = BTA_JV_RFC_HDL_TO_SIDX(p_pcb->handle);
356 if (0 <= si && si < BTA_JV_MAX_RFC_SR_SESSION)
357 p_cb->rfc_hdl[si] = 0;
358 p_pcb->handle = 0;
359 p_cb->curr_sess--;
360 if (p_cb->curr_sess == 0)
361 {
362 p_cb->scn = 0;
363 bta_jv_free_sec_id(&p_cb->sec_id);
364 p_cb->p_cback = NULL;
365 p_cb->handle = 0;
366 p_cb->curr_sess = -1;
367 }
368 if (remove_server) {
369 bta_jv_free_sec_id(&p_cb->sec_id);
370 }
371 }
372 return status;
373 }
374
375 /*******************************************************************************
376 **
377 ** Function bta_jv_free_l2c_cb
378 **
379 ** Description free the given L2CAP control block
380 **
381 ** Returns
382 **
383 *******************************************************************************/
bta_jv_free_l2c_cb(tBTA_JV_L2C_CB * p_cb)384 tBTA_JV_STATUS bta_jv_free_l2c_cb(tBTA_JV_L2C_CB *p_cb)
385 {
386 tBTA_JV_STATUS status = BTA_JV_SUCCESS;
387
388 if(BTA_JV_ST_NONE != p_cb->state)
389 {
390 bta_jv_free_set_pm_profile_cb((UINT32)p_cb->handle);
391 if (GAP_ConnClose(p_cb->handle) != BT_PASS)
392 status = BTA_JV_FAILURE;
393 }
394 p_cb->psm = 0;
395 p_cb->state = BTA_JV_ST_NONE;
396 p_cb->cong = FALSE;
397 bta_jv_free_sec_id(&p_cb->sec_id);
398 p_cb->p_cback = NULL;
399 return status;
400 }
401
402 /*******************************************************************************
403 **
404 **
405 ** Function bta_jv_clear_pm_cb
406 **
407 ** Description clears jv pm control block and optionally calls bta_sys_conn_close()
408 ** In general close_conn should be set to TRUE to remove registering with
409 ** dm pm!
410 **
411 ** WARNING: Make sure to clear pointer form port or l2c to this control block too!
412 **
413 *******************************************************************************/
bta_jv_clear_pm_cb(tBTA_JV_PM_CB * p_pm_cb,BOOLEAN close_conn)414 static void bta_jv_clear_pm_cb(tBTA_JV_PM_CB *p_pm_cb, BOOLEAN close_conn)
415 {
416 /* needs to be called if registered with bta pm, otherwise we may run out of dm pm slots! */
417 if (close_conn)
418 bta_sys_conn_close(BTA_ID_JV, p_pm_cb->app_id, p_pm_cb->peer_bd_addr);
419 p_pm_cb->state = BTA_JV_PM_FREE_ST;
420 p_pm_cb->app_id = BTA_JV_PM_ALL;
421 p_pm_cb->handle = BTA_JV_PM_HANDLE_CLEAR;
422 bdcpy(p_pm_cb->peer_bd_addr, bd_addr_null);
423 }
424
425 /*******************************************************************************
426 **
427 ** Function bta_jv_free_set_pm_profile_cb
428 **
429 ** Description free pm profile control block
430 **
431 ** Returns BTA_JV_SUCCESS if cb has been freed correctly,
432 ** BTA_JV_FAILURE in case of no profile has been registered or already freed
433 **
434 *******************************************************************************/
bta_jv_free_set_pm_profile_cb(UINT32 jv_handle)435 static tBTA_JV_STATUS bta_jv_free_set_pm_profile_cb(UINT32 jv_handle)
436 {
437 tBTA_JV_STATUS status = BTA_JV_FAILURE;
438 tBTA_JV_PM_CB **p_cb;
439 int i, j, bd_counter = 0, appid_counter = 0;
440
441 for (i = 0; i < BTA_JV_PM_MAX_NUM; i++)
442 {
443 p_cb = NULL;
444 if ((bta_jv_cb.pm_cb[i].state != BTA_JV_PM_FREE_ST) &&
445 (jv_handle == bta_jv_cb.pm_cb[i].handle))
446 {
447 for (j = 0; j < BTA_JV_PM_MAX_NUM; j++)
448 {
449 if (bdcmp(bta_jv_cb.pm_cb[j].peer_bd_addr, bta_jv_cb.pm_cb[i].peer_bd_addr) == 0)
450 bd_counter++;
451 if (bta_jv_cb.pm_cb[j].app_id == bta_jv_cb.pm_cb[i].app_id)
452 appid_counter++;
453 }
454
455 APPL_TRACE_API("%s(jv_handle: 0x%2x), idx: %d, "
456 "app_id: 0x%x",__func__, jv_handle, i, bta_jv_cb.pm_cb[i].app_id);
457 APPL_TRACE_API("%s, bd_counter = %d, "
458 "appid_counter = %d", __func__, bd_counter, appid_counter);
459 if (bd_counter > 1)
460 {
461 bta_jv_pm_conn_idle(&bta_jv_cb.pm_cb[i]);
462 }
463
464 if (bd_counter <= 1 || (appid_counter <= 1))
465 {
466 bta_jv_clear_pm_cb(&bta_jv_cb.pm_cb[i], TRUE);
467 }
468 else
469 {
470 bta_jv_clear_pm_cb(&bta_jv_cb.pm_cb[i], FALSE);
471 }
472
473 if (BTA_JV_RFCOMM_MASK & jv_handle)
474 {
475 UINT32 hi = ((jv_handle & BTA_JV_RFC_HDL_MASK) & ~BTA_JV_RFCOMM_MASK) - 1;
476 UINT32 si = BTA_JV_RFC_HDL_TO_SIDX(jv_handle);
477 if (hi < BTA_JV_MAX_RFC_CONN && bta_jv_cb.rfc_cb[hi].p_cback && si
478 < BTA_JV_MAX_RFC_SR_SESSION && bta_jv_cb.rfc_cb[hi].rfc_hdl[si])
479 {
480 tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(bta_jv_cb.rfc_cb[hi].rfc_hdl[si]);
481 if (p_pcb)
482 {
483 if (NULL == p_pcb->p_pm_cb)
484 APPL_TRACE_WARNING("%s(jv_handle:"
485 " 0x%x):port_handle: 0x%x, p_pm_cb: %d: no link to "
486 "pm_cb?", __func__, jv_handle, p_pcb->port_handle, i);
487 p_cb = &p_pcb->p_pm_cb;
488 }
489 }
490 }
491 else
492 {
493 if (jv_handle < BTA_JV_MAX_L2C_CONN)
494 {
495 tBTA_JV_L2C_CB *p_l2c_cb = &bta_jv_cb.l2c_cb[jv_handle];
496 if (NULL == p_l2c_cb->p_pm_cb)
497 APPL_TRACE_WARNING("%s(jv_handle: "
498 "0x%x): p_pm_cb: %d: no link to pm_cb?", __func__, jv_handle, i);
499 p_cb = &p_l2c_cb->p_pm_cb;
500 }
501 }
502 if (p_cb)
503 {
504 *p_cb = NULL;
505 status = BTA_JV_SUCCESS;
506 }
507 }
508 }
509 return status;
510 }
511
512 /*******************************************************************************
513 **
514 ** Function bta_jv_alloc_set_pm_profile_cb
515 **
516 ** Description set PM profile control block
517 **
518 ** Returns pointer to allocated cb or NULL in case of failure
519 **
520 *******************************************************************************/
bta_jv_alloc_set_pm_profile_cb(UINT32 jv_handle,tBTA_JV_PM_ID app_id)521 static tBTA_JV_PM_CB *bta_jv_alloc_set_pm_profile_cb(UINT32 jv_handle, tBTA_JV_PM_ID app_id)
522 {
523 BOOLEAN bRfcHandle = (jv_handle & BTA_JV_RFCOMM_MASK) != 0;
524 BD_ADDR peer_bd_addr;
525 int i, j;
526 tBTA_JV_PM_CB **pp_cb;
527
528 for (i = 0; i < BTA_JV_PM_MAX_NUM; i++)
529 {
530 pp_cb = NULL;
531 if (bta_jv_cb.pm_cb[i].state == BTA_JV_PM_FREE_ST)
532 {
533 /* rfc handle bd addr retrieval requires core stack handle */
534 if (bRfcHandle)
535 {
536 for (j = 0; j < BTA_JV_MAX_RFC_CONN; j++)
537 {
538 if (jv_handle == bta_jv_cb.port_cb[j].handle)
539 {
540 pp_cb = &bta_jv_cb.port_cb[j].p_pm_cb;
541 if (PORT_SUCCESS != PORT_CheckConnection(
542 bta_jv_cb.port_cb[j].port_handle, peer_bd_addr, NULL))
543 i = BTA_JV_PM_MAX_NUM;
544 break;
545 }
546 }
547 }
548 else
549 {
550 /* use jv handle for l2cap bd address retrieval */
551 for (j = 0; j < BTA_JV_MAX_L2C_CONN; j++)
552 {
553 if (jv_handle == bta_jv_cb.l2c_cb[j].handle)
554 {
555 pp_cb = &bta_jv_cb.l2c_cb[j].p_pm_cb;
556 UINT8 *p_bd_addr = GAP_ConnGetRemoteAddr((UINT16)jv_handle);
557 if (NULL != p_bd_addr)
558 bdcpy(peer_bd_addr, p_bd_addr);
559 else
560 i = BTA_JV_PM_MAX_NUM;
561 break;
562 }
563 }
564 }
565 APPL_TRACE_API("bta_jv_alloc_set_pm_profile_cb(handle 0x%2x, app_id %d): "
566 "idx: %d, (BTA_JV_PM_MAX_NUM: %d), pp_cb: 0x%x", jv_handle, app_id,
567 i, BTA_JV_PM_MAX_NUM, pp_cb);
568 break;
569 }
570 }
571
572 if ((i != BTA_JV_PM_MAX_NUM) && (NULL != pp_cb))
573 {
574 *pp_cb = &bta_jv_cb.pm_cb[i];
575 bta_jv_cb.pm_cb[i].handle = jv_handle;
576 bta_jv_cb.pm_cb[i].app_id = app_id;
577 bdcpy(bta_jv_cb.pm_cb[i].peer_bd_addr, peer_bd_addr);
578 bta_jv_cb.pm_cb[i].state = BTA_JV_PM_IDLE_ST;
579 return &bta_jv_cb.pm_cb[i];
580 }
581 APPL_TRACE_WARNING("bta_jv_alloc_set_pm_profile_cb(jv_handle: 0x%x, app_id: %d) "
582 "return NULL", jv_handle, app_id);
583 return (tBTA_JV_PM_CB *)NULL;
584 }
585
586 /*******************************************************************************
587 **
588 ** Function bta_jv_check_psm
589 **
590 ** Description for now use only the legal PSM per JSR82 spec
591 **
592 ** Returns TRUE, if allowed
593 **
594 *******************************************************************************/
bta_jv_check_psm(UINT16 psm)595 BOOLEAN bta_jv_check_psm(UINT16 psm)
596 {
597 BOOLEAN ret = FALSE;
598
599 if (L2C_IS_VALID_PSM(psm))
600 {
601 if (psm < 0x1001)
602 {
603 /* see if this is defined by spec */
604 switch (psm)
605 {
606 case SDP_PSM: /* 1 */
607 case BT_PSM_RFCOMM: /* 3 */
608 /* do not allow java app to use these 2 PSMs */
609 break;
610
611 case TCS_PSM_INTERCOM: /* 5 */
612 case TCS_PSM_CORDLESS: /* 7 */
613 if( FALSE == bta_sys_is_register(BTA_ID_CT) &&
614 FALSE == bta_sys_is_register(BTA_ID_CG) )
615 ret = TRUE;
616 break;
617
618 case BT_PSM_BNEP: /* F */
619 if(FALSE == bta_sys_is_register(BTA_ID_PAN))
620 ret = TRUE;
621 break;
622
623 case HID_PSM_CONTROL: /* 0x11 */
624 case HID_PSM_INTERRUPT: /* 0x13 */
625 //FIX: allow HID Device and HID Host to coexist
626 if( FALSE == bta_sys_is_register(BTA_ID_HD) ||
627 FALSE == bta_sys_is_register(BTA_ID_HH) )
628 ret = TRUE;
629 break;
630
631 case AVCT_PSM: /* 0x17 */
632 case AVDT_PSM: /* 0x19 */
633 if ((FALSE == bta_sys_is_register(BTA_ID_AV)) &&
634 (FALSE == bta_sys_is_register(BTA_ID_AVK)))
635 ret = TRUE;
636 break;
637
638 default:
639 ret = TRUE;
640 break;
641 }
642 }
643 else
644 {
645 ret = TRUE;
646 }
647 }
648 return ret;
649
650 }
651
652 /*******************************************************************************
653 **
654 ** Function bta_jv_enable
655 **
656 ** Description Initialises the JAVA I/F
657 **
658 ** Returns void
659 **
660 *******************************************************************************/
bta_jv_enable(tBTA_JV_MSG * p_data)661 void bta_jv_enable(tBTA_JV_MSG *p_data)
662 {
663 tBTA_JV_STATUS status = BTA_JV_SUCCESS;
664 bta_jv_cb.p_dm_cback = p_data->enable.p_cback;
665 bta_jv_cb.p_dm_cback(BTA_JV_ENABLE_EVT, (tBTA_JV *)&status, 0);
666 memset(bta_jv_cb.free_psm_list,0,sizeof(bta_jv_cb.free_psm_list));
667 }
668
669 /*******************************************************************************
670 **
671 ** Function bta_jv_disable
672 **
673 ** Description Disables the BT device manager
674 ** free the resources used by java
675 **
676 ** Returns void
677 **
678 *******************************************************************************/
bta_jv_disable(tBTA_JV_MSG * p_data)679 void bta_jv_disable (tBTA_JV_MSG *p_data)
680 {
681 UNUSED(p_data);
682
683 APPL_TRACE_ERROR("%s",__func__);
684 }
685
686
687 /**
688 * We keep a list of PSM's that have been freed from JAVA, for reuse.
689 * This function will return a free PSM, and delete it from the free
690 * list.
691 * If no free PSMs exist, 0 will be returned.
692 */
bta_jv_get_free_psm()693 static UINT16 bta_jv_get_free_psm() {
694 const int cnt = sizeof(bta_jv_cb.free_psm_list)/sizeof(bta_jv_cb.free_psm_list[0]);
695 for (int i = 0; i < cnt; i++) {
696 UINT16 psm = bta_jv_cb.free_psm_list[i];
697 if (psm != 0) {
698 APPL_TRACE_DEBUG("%s(): Reusing PSM: 0x%04d", __func__, psm)
699 bta_jv_cb.free_psm_list[i] = 0;
700 return psm;
701 }
702 }
703 return 0;
704 }
705
bta_jv_set_free_psm(UINT16 psm)706 static void bta_jv_set_free_psm(UINT16 psm) {
707 int free_index = -1;
708 const int cnt = sizeof(bta_jv_cb.free_psm_list)/sizeof(bta_jv_cb.free_psm_list[0]);
709 for (int i = 0; i < cnt; i++) {
710 if (bta_jv_cb.free_psm_list[i] == 0) {
711 free_index = i;
712 } else if (psm == bta_jv_cb.free_psm_list[i]) {
713 return; // PSM already freed?
714 }
715 }
716 if (free_index != -1) {
717 bta_jv_cb.free_psm_list[free_index] = psm;
718 APPL_TRACE_DEBUG("%s(): Recycling PSM: 0x%04d", __func__, psm)
719 } else {
720 APPL_TRACE_ERROR("%s unable to free psm 0x%x no more free slots",__func__, psm);
721 }
722 }
723
724 /*******************************************************************************
725 **
726 ** Function bta_jv_get_channel_id
727 **
728 ** Description Obtain a free SCN (Server Channel Number)
729 ** (RFCOMM channel or L2CAP PSM)
730 **
731 ** Returns void
732 **
733 *******************************************************************************/
bta_jv_get_channel_id(tBTA_JV_MSG * p_data)734 void bta_jv_get_channel_id(tBTA_JV_MSG *p_data)
735 {
736 UINT16 psm = 0;
737
738 switch (p_data->alloc_channel.type) {
739 case BTA_JV_CONN_TYPE_RFCOMM: {
740 INT32 channel = p_data->alloc_channel.channel;
741 UINT8 scn = 0;
742 if (channel > 0)
743 {
744 if (BTM_TryAllocateSCN(channel) == FALSE)
745 {
746 APPL_TRACE_ERROR("rfc channel:%d already in use or invalid", channel);
747 channel = 0;
748 }
749 } else if ((channel = BTM_AllocateSCN()) == 0) {
750 APPL_TRACE_ERROR("run out of rfc channels");
751 channel = 0;
752 }
753 if (channel != 0) {
754 bta_jv_cb.scn[channel-1] = TRUE;
755 scn = (UINT8) channel;
756 }
757 if (bta_jv_cb.p_dm_cback)
758 bta_jv_cb.p_dm_cback(BTA_JV_GET_SCN_EVT, (tBTA_JV *)&scn,
759 p_data->alloc_channel.user_data);
760 return;
761 }
762 case BTA_JV_CONN_TYPE_L2CAP:
763 psm = bta_jv_get_free_psm();
764 if (psm == 0) {
765 psm = L2CA_AllocatePSM();
766 APPL_TRACE_DEBUG("%s() returned PSM: 0x%04x", __func__, psm);
767 }
768 break;
769 case BTA_JV_CONN_TYPE_L2CAP_LE:
770 break;
771 default:
772 break;
773 }
774
775 if (bta_jv_cb.p_dm_cback)
776 bta_jv_cb.p_dm_cback(BTA_JV_GET_PSM_EVT, (tBTA_JV *)&psm, p_data->alloc_channel.user_data);
777 }
778
779 /*******************************************************************************
780 **
781 ** Function bta_jv_free_scn
782 **
783 ** Description free a SCN
784 **
785 ** Returns void
786 **
787 *******************************************************************************/
bta_jv_free_scn(tBTA_JV_MSG * p_data)788 void bta_jv_free_scn(tBTA_JV_MSG *p_data)
789 {
790 UINT16 scn = p_data->free_channel.scn;
791
792 switch (p_data->free_channel.type) {
793 case BTA_JV_CONN_TYPE_RFCOMM: {
794 if (scn > 0 && scn <= BTA_JV_MAX_SCN && bta_jv_cb.scn[scn-1])
795 {
796 /* this scn is used by JV */
797 bta_jv_cb.scn[scn-1] = FALSE;
798 BTM_FreeSCN(scn);
799 }
800 break;
801 }
802 case BTA_JV_CONN_TYPE_L2CAP:
803 bta_jv_set_free_psm(scn);
804 break;
805 case BTA_JV_CONN_TYPE_L2CAP_LE:
806 // TODO: Not yet implemented...
807 break;
808 default:
809 break;
810 }
811 }
shorten_sdp_uuid(const tBT_UUID * u)812 static inline tBT_UUID shorten_sdp_uuid(const tBT_UUID* u)
813 {
814 static uint8_t bt_base_uuid[] =
815 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB };
816
817 logu("in, uuid:", u->uu.uuid128);
818 APPL_TRACE_DEBUG("uuid len:%d", u->len);
819 if(u->len == 16)
820 {
821 if(memcmp(&u->uu.uuid128[4], &bt_base_uuid[4], 12) == 0)
822 {
823 tBT_UUID su;
824 memset(&su, 0, sizeof(su));
825 if(u->uu.uuid128[0] == 0 && u->uu.uuid128[1] == 0)
826 {
827 su.len = 2;
828 uint16_t u16;
829 memcpy(&u16, &u->uu.uuid128[2], sizeof(u16));
830 su.uu.uuid16 = ntohs(u16);
831 APPL_TRACE_DEBUG("shorten to 16 bits uuid: %x", su.uu.uuid16);
832 }
833 else
834 {
835 su.len = 4;
836 uint32_t u32;
837 memcpy(&u32, &u->uu.uuid128[0], sizeof(u32));
838 su.uu.uuid32 = ntohl(u32);
839 APPL_TRACE_DEBUG("shorten to 32 bits uuid: %x", su.uu.uuid32);
840 }
841 return su;
842 }
843 }
844 APPL_TRACE_DEBUG("cannot shorten none-reserved 128 bits uuid");
845 return *u;
846 }
847
848 /*******************************************************************************
849 **
850 ** Function bta_jv_start_discovery_cback
851 **
852 ** Description Callback for Start Discovery
853 **
854 ** Returns void
855 **
856 *******************************************************************************/
bta_jv_start_discovery_cback(UINT16 result,void * user_data)857 static void bta_jv_start_discovery_cback(UINT16 result, void * user_data)
858 {
859 tBTA_JV_STATUS status;
860
861 APPL_TRACE_DEBUG("bta_jv_start_discovery_cback res: 0x%x", result);
862
863 bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_NONE;
864 if(bta_jv_cb.p_dm_cback)
865 {
866 tBTA_JV_DISCOVERY_COMP dcomp;
867 dcomp.scn = 0;
868 status = BTA_JV_FAILURE;
869 if (result == SDP_SUCCESS || result == SDP_DB_FULL)
870 {
871 tSDP_DISC_REC *p_sdp_rec = NULL;
872 tSDP_PROTOCOL_ELEM pe;
873 logu("bta_jv_cb.uuid", bta_jv_cb.uuid.uu.uuid128);
874 tBT_UUID su = shorten_sdp_uuid(&bta_jv_cb.uuid);
875 logu("shorten uuid:", su.uu.uuid128);
876 p_sdp_rec = SDP_FindServiceUUIDInDb(p_bta_jv_cfg->p_sdp_db, &su, p_sdp_rec);
877 APPL_TRACE_DEBUG("p_sdp_rec:%p", p_sdp_rec);
878 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe))
879 {
880 dcomp.scn = (UINT8) pe.params[0];
881 status = BTA_JV_SUCCESS;
882 }
883 }
884
885 dcomp.status = status;
886 bta_jv_cb.p_dm_cback(BTA_JV_DISCOVERY_COMP_EVT, (tBTA_JV *)&dcomp, user_data);
887 }
888 }
889
890 /*******************************************************************************
891 **
892 ** Function bta_jv_start_discovery
893 **
894 ** Description Discovers services on a remote device
895 **
896 ** Returns void
897 **
898 *******************************************************************************/
bta_jv_start_discovery(tBTA_JV_MSG * p_data)899 void bta_jv_start_discovery(tBTA_JV_MSG *p_data)
900 {
901 tBTA_JV_STATUS status = BTA_JV_FAILURE;
902 APPL_TRACE_DEBUG("bta_jv_start_discovery in, sdp_active:%d", bta_jv_cb.sdp_active);
903 if (bta_jv_cb.sdp_active != BTA_JV_SDP_ACT_NONE)
904 {
905 /* SDP is still in progress */
906 status = BTA_JV_BUSY;
907 if(bta_jv_cb.p_dm_cback)
908 bta_jv_cb.p_dm_cback(BTA_JV_DISCOVERY_COMP_EVT, (tBTA_JV *)&status, p_data->start_discovery.user_data);
909 return;
910 }
911
912 /* init the database/set up the filter */
913 APPL_TRACE_DEBUG("call SDP_InitDiscoveryDb, p_data->start_discovery.num_uuid:%d",
914 p_data->start_discovery.num_uuid);
915 SDP_InitDiscoveryDb (p_bta_jv_cfg->p_sdp_db, p_bta_jv_cfg->sdp_db_size,
916 p_data->start_discovery.num_uuid, p_data->start_discovery.uuid_list, 0, NULL);
917
918 /* tell SDP to keep the raw data */
919 p_bta_jv_cfg->p_sdp_db->raw_data = p_bta_jv_cfg->p_sdp_raw_data;
920 p_bta_jv_cfg->p_sdp_db->raw_size = p_bta_jv_cfg->sdp_raw_size;
921
922 bta_jv_cb.p_sel_raw_data = 0;
923 bta_jv_cb.uuid = p_data->start_discovery.uuid_list[0];
924
925 bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_YES;
926 if (!SDP_ServiceSearchAttributeRequest2(p_data->start_discovery.bd_addr,
927 p_bta_jv_cfg->p_sdp_db,
928 bta_jv_start_discovery_cback, p_data->start_discovery.user_data))
929 {
930 bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_NONE;
931 /* failed to start SDP. report the failure right away */
932 if(bta_jv_cb.p_dm_cback)
933 bta_jv_cb.p_dm_cback(BTA_JV_DISCOVERY_COMP_EVT, (tBTA_JV *)&status, p_data->start_discovery.user_data);
934 }
935 /*
936 else report the result when the cback is called
937 */
938 }
939
940 /*******************************************************************************
941 **
942 ** Function bta_jv_create_record
943 **
944 ** Description Create an SDP record with the given attributes
945 **
946 ** Returns void
947 **
948 *******************************************************************************/
bta_jv_create_record(tBTA_JV_MSG * p_data)949 void bta_jv_create_record(tBTA_JV_MSG *p_data)
950 {
951 tBTA_JV_API_CREATE_RECORD *cr = &(p_data->create_record);
952 tBTA_JV_CREATE_RECORD evt_data;
953 evt_data.status = BTA_JV_SUCCESS;
954 if(bta_jv_cb.p_dm_cback)
955 //callback user immediately to create his own sdp record in stack thread context
956 bta_jv_cb.p_dm_cback(BTA_JV_CREATE_RECORD_EVT, (tBTA_JV *)&evt_data, cr->user_data);
957 }
958
959 /*******************************************************************************
960 **
961 ** Function bta_jv_delete_record
962 **
963 ** Description Delete an SDP record
964 **
965 **
966 ** Returns void
967 **
968 *******************************************************************************/
bta_jv_delete_record(tBTA_JV_MSG * p_data)969 void bta_jv_delete_record(tBTA_JV_MSG *p_data)
970 {
971 tBTA_JV_API_ADD_ATTRIBUTE *dr = &(p_data->add_attr);
972 if(dr->handle)
973 {
974 /* this is a record created by btif layer*/
975 SDP_DeleteRecord(dr->handle);
976 }
977 }
978
979 /*******************************************************************************
980 **
981 ** Function bta_jv_l2cap_client_cback
982 **
983 ** Description handles the l2cap client events
984 **
985 ** Returns void
986 **
987 *******************************************************************************/
bta_jv_l2cap_client_cback(UINT16 gap_handle,UINT16 event)988 static void bta_jv_l2cap_client_cback(UINT16 gap_handle, UINT16 event)
989 {
990 tBTA_JV_L2C_CB *p_cb = &bta_jv_cb.l2c_cb[gap_handle];
991 tBTA_JV evt_data;
992
993 if (gap_handle >= BTA_JV_MAX_L2C_CONN && !p_cb->p_cback)
994 return;
995
996 APPL_TRACE_DEBUG( "%s: %d evt:x%x",__func__, gap_handle, event);
997 evt_data.l2c_open.status = BTA_JV_SUCCESS;
998 evt_data.l2c_open.handle = gap_handle;
999
1000 switch (event)
1001 {
1002 case GAP_EVT_CONN_OPENED:
1003 bdcpy(evt_data.l2c_open.rem_bda, GAP_ConnGetRemoteAddr(gap_handle));
1004 evt_data.l2c_open.tx_mtu = GAP_ConnGetRemMtuSize(gap_handle);
1005 p_cb->state = BTA_JV_ST_CL_OPEN;
1006 p_cb->p_cback(BTA_JV_L2CAP_OPEN_EVT, &evt_data, p_cb->user_data);
1007 break;
1008
1009 case GAP_EVT_CONN_CLOSED:
1010 p_cb->state = BTA_JV_ST_NONE;
1011 bta_jv_free_sec_id(&p_cb->sec_id);
1012 evt_data.l2c_close.async = TRUE;
1013 p_cb->p_cback(BTA_JV_L2CAP_CLOSE_EVT, &evt_data, p_cb->user_data);
1014 p_cb->p_cback = NULL;
1015 break;
1016
1017 case GAP_EVT_CONN_DATA_AVAIL:
1018 evt_data.data_ind.handle = gap_handle;
1019 /* Reset idle timer to avoid requesting sniff mode while receiving data */
1020 bta_jv_pm_conn_busy(p_cb->p_pm_cb);
1021 p_cb->p_cback(BTA_JV_L2CAP_DATA_IND_EVT, &evt_data, p_cb->user_data);
1022 bta_jv_pm_conn_idle(p_cb->p_pm_cb);
1023 break;
1024
1025 case GAP_EVT_TX_EMPTY:
1026 bta_jv_pm_conn_idle(p_cb->p_pm_cb);
1027 break;
1028
1029 case GAP_EVT_CONN_CONGESTED:
1030 case GAP_EVT_CONN_UNCONGESTED:
1031 p_cb->cong = (event == GAP_EVT_CONN_CONGESTED) ? TRUE : FALSE;
1032 evt_data.l2c_cong.cong = p_cb->cong;
1033 p_cb->p_cback(BTA_JV_L2CAP_CONG_EVT, &evt_data, p_cb->user_data);
1034 break;
1035
1036 default:
1037 break;
1038 }
1039 }
1040
1041 /*******************************************************************************
1042 **
1043 ** Function bta_jv_l2cap_connect
1044 **
1045 ** Description makes an l2cap client connection
1046 **
1047 ** Returns void
1048 **
1049 *******************************************************************************/
bta_jv_l2cap_connect(tBTA_JV_MSG * p_data)1050 void bta_jv_l2cap_connect(tBTA_JV_MSG *p_data)
1051 {
1052 tBTA_JV_L2C_CB *p_cb;
1053 tBTA_JV_L2CAP_CL_INIT evt_data;
1054 UINT16 handle=GAP_INVALID_HANDLE;
1055 UINT8 sec_id;
1056 tL2CAP_CFG_INFO cfg;
1057 tBTA_JV_API_L2CAP_CONNECT *cc = &(p_data->l2cap_connect);
1058 UINT8 chan_mode_mask = GAP_FCR_CHAN_OPT_BASIC;
1059 tL2CAP_ERTM_INFO *ertm_info = NULL;
1060
1061 memset(&cfg, 0, sizeof(tL2CAP_CFG_INFO));
1062
1063 if (cc->has_cfg == TRUE)
1064 {
1065 cfg = cc->cfg;
1066 if (cfg.fcr_present && cfg.fcr.mode == L2CAP_FCR_ERTM_MODE) {
1067 chan_mode_mask = GAP_FCR_CHAN_OPT_ERTM;
1068 }
1069 }
1070
1071 if (cc->has_ertm_info == TRUE)
1072 {
1073 ertm_info = &(cc->ertm_info);
1074 }
1075
1076 /* We need to use this value for MTU to be able to handle cases where cfg is not set in req. */
1077 cfg.mtu_present = TRUE;
1078 cfg.mtu = cc->rx_mtu;
1079
1080 /* TODO: DM role manager
1081 L2CA_SetDesireRole(cc->role);
1082 */
1083
1084 sec_id = bta_jv_alloc_sec_id();
1085 evt_data.sec_id = sec_id;
1086 evt_data.status = BTA_JV_FAILURE;
1087
1088 if (sec_id)
1089 {
1090 /* PSM checking is not required for LE COC */
1091 if ((cc->type != BTA_JV_CONN_TYPE_L2CAP) || (bta_jv_check_psm(cc->remote_psm))) /* allowed */
1092 {
1093 if ((handle = GAP_ConnOpen("", sec_id, 0, cc->peer_bd_addr, cc->remote_psm,
1094 &cfg, ertm_info, cc->sec_mask, chan_mode_mask,
1095 bta_jv_l2cap_client_cback, cc->type)) != GAP_INVALID_HANDLE )
1096 {
1097 evt_data.status = BTA_JV_SUCCESS;
1098 }
1099 }
1100 }
1101
1102 if (evt_data.status == BTA_JV_SUCCESS)
1103 {
1104 p_cb = &bta_jv_cb.l2c_cb[handle];
1105 p_cb->handle = handle;
1106 p_cb->p_cback = cc->p_cback;
1107 p_cb->user_data = cc->user_data;
1108 p_cb->psm = 0; /* not a server */
1109 p_cb->sec_id = sec_id;
1110 p_cb->state = BTA_JV_ST_CL_OPENING;
1111 }
1112 else
1113 {
1114 bta_jv_free_sec_id(&sec_id);
1115 }
1116
1117 evt_data.handle = handle;
1118 cc->p_cback(BTA_JV_L2CAP_CL_INIT_EVT, (tBTA_JV *)&evt_data, cc->user_data);
1119 }
1120
1121
1122 /*******************************************************************************
1123 **
1124 ** Function bta_jv_l2cap_close
1125 **
1126 ** Description Close an L2CAP client connection
1127 **
1128 ** Returns void
1129 **
1130 *******************************************************************************/
bta_jv_l2cap_close(tBTA_JV_MSG * p_data)1131 void bta_jv_l2cap_close(tBTA_JV_MSG *p_data)
1132 {
1133 tBTA_JV_L2CAP_CLOSE evt_data;
1134 tBTA_JV_API_L2CAP_CLOSE *cc = &(p_data->l2cap_close);
1135 tBTA_JV_L2CAP_CBACK *p_cback = cc->p_cb->p_cback;
1136 void *user_data = cc->p_cb->user_data;
1137
1138 evt_data.handle = cc->handle;
1139 evt_data.status = bta_jv_free_l2c_cb(cc->p_cb);
1140 evt_data.async = FALSE;
1141
1142 if (p_cback)
1143 p_cback(BTA_JV_L2CAP_CLOSE_EVT, (tBTA_JV *)&evt_data, user_data);
1144 }
1145
1146 /*******************************************************************************
1147 **
1148 ** Function bta_jv_l2cap_server_cback
1149 **
1150 ** Description handles the l2cap server callback
1151 **
1152 ** Returns void
1153 **
1154 *******************************************************************************/
bta_jv_l2cap_server_cback(UINT16 gap_handle,UINT16 event)1155 static void bta_jv_l2cap_server_cback(UINT16 gap_handle, UINT16 event)
1156 {
1157 tBTA_JV_L2C_CB *p_cb = &bta_jv_cb.l2c_cb[gap_handle];
1158 tBTA_JV evt_data;
1159 tBTA_JV_L2CAP_CBACK *p_cback;
1160 void *user_data;
1161
1162 if (gap_handle >= BTA_JV_MAX_L2C_CONN && !p_cb->p_cback)
1163 return;
1164
1165 APPL_TRACE_DEBUG( "%s: %d evt:x%x", __func__, gap_handle, event);
1166 evt_data.l2c_open.status = BTA_JV_SUCCESS;
1167 evt_data.l2c_open.handle = gap_handle;
1168
1169 switch (event)
1170 {
1171 case GAP_EVT_CONN_OPENED:
1172 bdcpy(evt_data.l2c_open.rem_bda, GAP_ConnGetRemoteAddr(gap_handle));
1173 evt_data.l2c_open.tx_mtu = GAP_ConnGetRemMtuSize(gap_handle);
1174 p_cb->state = BTA_JV_ST_SR_OPEN;
1175 p_cb->p_cback(BTA_JV_L2CAP_OPEN_EVT, &evt_data, p_cb->user_data);
1176 break;
1177
1178 case GAP_EVT_CONN_CLOSED:
1179 evt_data.l2c_close.async = TRUE;
1180 evt_data.l2c_close.handle = p_cb->handle;
1181 p_cback = p_cb->p_cback;
1182 user_data = p_cb->user_data;
1183 evt_data.l2c_close.status = bta_jv_free_l2c_cb(p_cb);
1184 p_cback(BTA_JV_L2CAP_CLOSE_EVT, &evt_data, user_data);
1185 break;
1186
1187 case GAP_EVT_CONN_DATA_AVAIL:
1188 evt_data.data_ind.handle = gap_handle;
1189 /* Reset idle timer to avoid requesting sniff mode while receiving data */
1190 bta_jv_pm_conn_busy(p_cb->p_pm_cb);
1191 p_cb->p_cback(BTA_JV_L2CAP_DATA_IND_EVT, &evt_data, p_cb->user_data);
1192 bta_jv_pm_conn_idle(p_cb->p_pm_cb);
1193 break;
1194
1195 case GAP_EVT_TX_EMPTY:
1196 bta_jv_pm_conn_idle(p_cb->p_pm_cb);
1197 break;
1198
1199 case GAP_EVT_CONN_CONGESTED:
1200 case GAP_EVT_CONN_UNCONGESTED:
1201 p_cb->cong = (event == GAP_EVT_CONN_CONGESTED) ? TRUE : FALSE;
1202 evt_data.l2c_cong.cong = p_cb->cong;
1203 p_cb->p_cback(BTA_JV_L2CAP_CONG_EVT, &evt_data, p_cb->user_data);
1204 break;
1205
1206 default:
1207 break;
1208 }
1209 }
1210
1211 /*******************************************************************************
1212 **
1213 ** Function bta_jv_l2cap_start_server
1214 **
1215 ** Description starts an L2CAP server
1216 **
1217 ** Returns void
1218 **
1219 *******************************************************************************/
bta_jv_l2cap_start_server(tBTA_JV_MSG * p_data)1220 void bta_jv_l2cap_start_server(tBTA_JV_MSG *p_data)
1221 {
1222 tBTA_JV_L2C_CB *p_cb;
1223 UINT8 sec_id;
1224 UINT16 handle;
1225 tL2CAP_CFG_INFO cfg;
1226 tBTA_JV_L2CAP_START evt_data;
1227 tBTA_JV_API_L2CAP_SERVER *ls = &(p_data->l2cap_server);
1228 UINT8 chan_mode_mask = GAP_FCR_CHAN_OPT_BASIC;
1229 tL2CAP_ERTM_INFO *ertm_info = NULL;
1230
1231 memset(&cfg, 0, sizeof(tL2CAP_CFG_INFO));
1232
1233 if (ls->has_cfg == TRUE) {
1234 cfg = ls->cfg;
1235 if (cfg.fcr_present && cfg.fcr.mode == L2CAP_FCR_ERTM_MODE) {
1236 chan_mode_mask = GAP_FCR_CHAN_OPT_ERTM;
1237 }
1238 }
1239
1240 if (ls->has_ertm_info == TRUE) {
1241 ertm_info = &(ls->ertm_info);
1242 }
1243
1244 //FIX: MTU=0 means not present
1245 if (ls->rx_mtu >0)
1246 {
1247 cfg.mtu_present = TRUE;
1248 cfg.mtu = ls->rx_mtu;
1249 }
1250 else
1251 {
1252 cfg.mtu_present = FALSE;
1253 cfg.mtu = 0;
1254 }
1255
1256 /* TODO DM role manager
1257 L2CA_SetDesireRole(ls->role);
1258 */
1259
1260 sec_id = bta_jv_alloc_sec_id();
1261 /* PSM checking is not required for LE COC */
1262 if (0 == sec_id || ((ls->type == BTA_JV_CONN_TYPE_L2CAP) && (FALSE == bta_jv_check_psm(ls->local_psm))) ||
1263 (handle = GAP_ConnOpen("JV L2CAP", sec_id, 1, 0, ls->local_psm, &cfg, ertm_info,
1264 ls->sec_mask, chan_mode_mask, bta_jv_l2cap_server_cback, ls->type)) == GAP_INVALID_HANDLE)
1265 {
1266 bta_jv_free_sec_id(&sec_id);
1267 evt_data.status = BTA_JV_FAILURE;
1268 }
1269 else
1270 {
1271 p_cb = &bta_jv_cb.l2c_cb[handle];
1272 evt_data.status = BTA_JV_SUCCESS;
1273 evt_data.handle = handle;
1274 evt_data.sec_id = sec_id;
1275 p_cb->p_cback = ls->p_cback;
1276 p_cb->user_data = ls->user_data;
1277 p_cb->handle = handle;
1278 p_cb->sec_id = sec_id;
1279 p_cb->state = BTA_JV_ST_SR_LISTEN;
1280 p_cb->psm = ls->local_psm;
1281 }
1282
1283 ls->p_cback(BTA_JV_L2CAP_START_EVT, (tBTA_JV *)&evt_data, ls->user_data);
1284 }
1285
1286 /*******************************************************************************
1287 **
1288 ** Function bta_jv_l2cap_stop_server
1289 **
1290 ** Description stops an L2CAP server
1291 **
1292 ** Returns void
1293 **
1294 *******************************************************************************/
bta_jv_l2cap_stop_server(tBTA_JV_MSG * p_data)1295 void bta_jv_l2cap_stop_server(tBTA_JV_MSG *p_data)
1296 {
1297 tBTA_JV_L2C_CB *p_cb;
1298 tBTA_JV_L2CAP_CLOSE evt_data;
1299 tBTA_JV_API_L2CAP_SERVER *ls = &(p_data->l2cap_server);
1300 tBTA_JV_L2CAP_CBACK *p_cback;
1301 void *user_data;
1302 for (int i = 0; i < BTA_JV_MAX_L2C_CONN; i++)
1303 {
1304 if (bta_jv_cb.l2c_cb[i].psm == ls->local_psm)
1305 {
1306 p_cb = &bta_jv_cb.l2c_cb[i];
1307 p_cback = p_cb->p_cback;
1308 user_data = p_cb->user_data;
1309 evt_data.handle = p_cb->handle;
1310 evt_data.status = bta_jv_free_l2c_cb(p_cb);
1311 evt_data.async = FALSE;
1312 p_cback(BTA_JV_L2CAP_CLOSE_EVT, (tBTA_JV *)&evt_data, user_data);
1313 break;
1314 }
1315 }
1316 }
1317
1318
1319
1320 /*******************************************************************************
1321 **
1322 ** Function bta_jv_l2cap_read
1323 **
1324 ** Description Read data from an L2CAP connection
1325 **
1326 ** Returns void
1327 **
1328 *******************************************************************************/
bta_jv_l2cap_read(tBTA_JV_MSG * p_data)1329 void bta_jv_l2cap_read(tBTA_JV_MSG *p_data)
1330 {
1331 tBTA_JV_L2CAP_READ evt_data;
1332 tBTA_JV_API_L2CAP_READ *rc = &(p_data->l2cap_read);
1333
1334 evt_data.status = BTA_JV_FAILURE;
1335 evt_data.handle = rc->handle;
1336 evt_data.req_id = rc->req_id;
1337 evt_data.p_data = rc->p_data;
1338 evt_data.len = 0;
1339
1340 if (BT_PASS == GAP_ConnReadData(rc->handle, rc->p_data, rc->len, &evt_data.len))
1341 {
1342 evt_data.status = BTA_JV_SUCCESS;
1343 }
1344
1345 rc->p_cback(BTA_JV_L2CAP_READ_EVT, (tBTA_JV *)&evt_data, rc->user_data);
1346 }
1347
1348
1349 /*******************************************************************************
1350 **
1351 ** Function bta_jv_l2cap_write
1352 **
1353 ** Description Write data to an L2CAP connection
1354 **
1355 ** Returns void
1356 **
1357 *******************************************************************************/
bta_jv_l2cap_write(tBTA_JV_MSG * p_data)1358 void bta_jv_l2cap_write(tBTA_JV_MSG *p_data)
1359 {
1360 tBTA_JV_L2CAP_WRITE evt_data;
1361 tBTA_JV_API_L2CAP_WRITE *ls = &(p_data->l2cap_write);
1362
1363 /* As we check this callback exists before the tBTA_JV_API_L2CAP_WRITE can be send through the
1364 * API this check should not be needed.
1365 * But the API is not designed to be used (safely at least) in a multi-threaded scheduler, hence
1366 * if the peer device disconnects the l2cap link after the API is called, but before this
1367 * message is handled, the ->p_cback will be cleared at this point. At first glanch this seems
1368 * highly unlikely, but for all obex-profiles with two channels connected - e.g. MAP, this
1369 * happens around 1 of 4 disconnects, as a disconnect on the server channel causes a disconnect
1370 * to be send on the client (notification) channel, but at the peer typically disconnects both
1371 * the OBEX disconnect request crosses the incoming l2cap disconnect.
1372 * If p_cback is cleared, we simply discard the data.
1373 * RISK: The caller must handle any cleanup based on another signal than BTA_JV_L2CAP_WRITE_EVT,
1374 * which is typically not possible, as the pointer to the allocated buffer is stored
1375 * in this message, and can therefore not be freed, hence we have a mem-leak-by-design.*/
1376 if (ls->p_cb->p_cback != NULL) {
1377 evt_data.status = BTA_JV_FAILURE;
1378 evt_data.handle = ls->handle;
1379 evt_data.req_id = ls->req_id;
1380 evt_data.cong = ls->p_cb->cong;
1381 evt_data.len = 0;
1382 bta_jv_pm_conn_busy(ls->p_cb->p_pm_cb);
1383 if (!evt_data.cong &&
1384 BT_PASS == GAP_ConnWriteData(ls->handle, ls->p_data, ls->len, &evt_data.len))
1385 {
1386 evt_data.status = BTA_JV_SUCCESS;
1387 }
1388 ls->p_cb->p_cback(BTA_JV_L2CAP_WRITE_EVT, (tBTA_JV *)&evt_data, ls->user_data);
1389 } else {
1390 /* As this pointer is checked in the API function, this occurs only when the channel is
1391 * disconnected after the API function is called, but before the message is handled. */
1392 APPL_TRACE_ERROR("%s() ls->p_cb->p_cback == NULL", __func__);
1393 }
1394 }
1395
1396 /*******************************************************************************
1397 **
1398 ** Function bta_jv_l2cap_write_fixed
1399 **
1400 ** Description Write data to an L2CAP connection using Fixed channels
1401 **
1402 ** Returns void
1403 **
1404 *******************************************************************************/
bta_jv_l2cap_write_fixed(tBTA_JV_MSG * p_data)1405 void bta_jv_l2cap_write_fixed(tBTA_JV_MSG *p_data)
1406 {
1407 tBTA_JV_L2CAP_WRITE_FIXED evt_data;
1408 tBTA_JV_API_L2CAP_WRITE_FIXED *ls = &(p_data->l2cap_write_fixed);
1409 BT_HDR *msg = (BT_HDR *)osi_malloc(sizeof(BT_HDR) + ls->len + L2CAP_MIN_OFFSET);
1410
1411 evt_data.status = BTA_JV_FAILURE;
1412 evt_data.channel = ls->channel;
1413 memcpy(evt_data.addr, ls->addr, sizeof(evt_data.addr));
1414 evt_data.req_id = ls->req_id;
1415 evt_data.len = 0;
1416
1417
1418 memcpy(((uint8_t*)(msg + 1)) + L2CAP_MIN_OFFSET, ls->p_data, ls->len);
1419 msg->len = ls->len;
1420 msg->offset = L2CAP_MIN_OFFSET;
1421
1422 L2CA_SendFixedChnlData(ls->channel, ls->addr, msg);
1423
1424 ls->p_cback(BTA_JV_L2CAP_WRITE_FIXED_EVT, (tBTA_JV *)&evt_data, ls->user_data);
1425 }
1426
1427 /*******************************************************************************
1428 **
1429 ** Function bta_jv_port_data_co_cback
1430 **
1431 ** Description port data callback function of rfcomm
1432 ** connections
1433 **
1434 ** Returns void
1435 **
1436 *******************************************************************************/
bta_jv_port_data_co_cback(UINT16 port_handle,UINT8 * buf,UINT16 len,int type)1437 static int bta_jv_port_data_co_cback(UINT16 port_handle, UINT8 *buf, UINT16 len, int type)
1438 {
1439 tBTA_JV_RFC_CB *p_cb = bta_jv_rfc_port_to_cb(port_handle);
1440 tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
1441 APPL_TRACE_DEBUG("%s, p_cb:%p, p_pcb:%p, len:%d, type:%d", __func__, p_cb, p_pcb, len, type);
1442 if (p_pcb != NULL)
1443 {
1444 switch(type)
1445 {
1446 case DATA_CO_CALLBACK_TYPE_INCOMING:
1447 return bta_co_rfc_data_incoming(p_pcb->user_data, (BT_HDR*)buf);
1448 case DATA_CO_CALLBACK_TYPE_OUTGOING_SIZE:
1449 return bta_co_rfc_data_outgoing_size(p_pcb->user_data, (int*)buf);
1450 case DATA_CO_CALLBACK_TYPE_OUTGOING:
1451 return bta_co_rfc_data_outgoing(p_pcb->user_data, buf, len);
1452 default:
1453 APPL_TRACE_ERROR("unknown callout type:%d", type);
1454 break;
1455 }
1456 }
1457 return 0;
1458 }
1459
1460 /*******************************************************************************
1461 **
1462 ** Function bta_jv_port_mgmt_cl_cback
1463 **
1464 ** Description callback for port mamangement function of rfcomm
1465 ** client connections
1466 **
1467 ** Returns void
1468 **
1469 *******************************************************************************/
bta_jv_port_mgmt_cl_cback(UINT32 code,UINT16 port_handle)1470 static void bta_jv_port_mgmt_cl_cback(UINT32 code, UINT16 port_handle)
1471 {
1472 tBTA_JV_RFC_CB *p_cb = bta_jv_rfc_port_to_cb(port_handle);
1473 tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
1474 tBTA_JV evt_data;
1475 BD_ADDR rem_bda;
1476 UINT16 lcid;
1477 tBTA_JV_RFCOMM_CBACK *p_cback; /* the callback function */
1478
1479 APPL_TRACE_DEBUG( "bta_jv_port_mgmt_cl_cback:code:%d, port_handle%d", code, port_handle);
1480 if(NULL == p_cb || NULL == p_cb->p_cback)
1481 return;
1482
1483 APPL_TRACE_DEBUG( "bta_jv_port_mgmt_cl_cback code=%d port_handle:%d handle:%d",
1484 code, port_handle, p_cb->handle);
1485
1486 PORT_CheckConnection(port_handle, rem_bda, &lcid);
1487
1488 if(code == PORT_SUCCESS)
1489 {
1490 evt_data.rfc_open.handle = p_cb->handle;
1491 evt_data.rfc_open.status = BTA_JV_SUCCESS;
1492 bdcpy(evt_data.rfc_open.rem_bda, rem_bda);
1493 p_pcb->state = BTA_JV_ST_CL_OPEN;
1494 p_cb->p_cback(BTA_JV_RFCOMM_OPEN_EVT, &evt_data, p_pcb->user_data);
1495 }
1496 else
1497 {
1498 evt_data.rfc_close.handle = p_cb->handle;
1499 evt_data.rfc_close.status = BTA_JV_FAILURE;
1500 evt_data.rfc_close.port_status = code;
1501 evt_data.rfc_close.async = TRUE;
1502 if (p_pcb->state == BTA_JV_ST_CL_CLOSING)
1503 {
1504 evt_data.rfc_close.async = FALSE;
1505 }
1506 //p_pcb->state = BTA_JV_ST_NONE;
1507 //p_pcb->cong = FALSE;
1508 p_cback = p_cb->p_cback;
1509 p_cback(BTA_JV_RFCOMM_CLOSE_EVT, &evt_data, p_pcb->user_data);
1510 //bta_jv_free_rfc_cb(p_cb, p_pcb);
1511 }
1512
1513 }
1514
1515 /*******************************************************************************
1516 **
1517 ** Function bta_jv_port_event_cl_cback
1518 **
1519 ** Description Callback for RFCOMM client port events
1520 **
1521 ** Returns void
1522 **
1523 *******************************************************************************/
bta_jv_port_event_cl_cback(UINT32 code,UINT16 port_handle)1524 static void bta_jv_port_event_cl_cback(UINT32 code, UINT16 port_handle)
1525 {
1526 tBTA_JV_RFC_CB *p_cb = bta_jv_rfc_port_to_cb(port_handle);
1527 tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
1528 tBTA_JV evt_data;
1529
1530 APPL_TRACE_DEBUG( "bta_jv_port_event_cl_cback:%d", port_handle);
1531 if (NULL == p_cb || NULL == p_cb->p_cback)
1532 return;
1533
1534 APPL_TRACE_DEBUG( "bta_jv_port_event_cl_cback code=x%x port_handle:%d handle:%d",
1535 code, port_handle, p_cb->handle);
1536 if (code & PORT_EV_RXCHAR)
1537 {
1538 evt_data.data_ind.handle = p_cb->handle;
1539 p_cb->p_cback(BTA_JV_RFCOMM_DATA_IND_EVT, &evt_data, p_pcb->user_data);
1540 }
1541
1542 if (code & PORT_EV_FC)
1543 {
1544 p_pcb->cong = (code & PORT_EV_FCS) ? FALSE : TRUE;
1545 evt_data.rfc_cong.cong = p_pcb->cong;
1546 evt_data.rfc_cong.handle = p_cb->handle;
1547 evt_data.rfc_cong.status = BTA_JV_SUCCESS;
1548 p_cb->p_cback(BTA_JV_RFCOMM_CONG_EVT, &evt_data, p_pcb->user_data);
1549 }
1550
1551 if (code & PORT_EV_TXEMPTY)
1552 {
1553 bta_jv_pm_conn_idle(p_pcb->p_pm_cb);
1554 }
1555 }
1556
1557 /*******************************************************************************
1558 **
1559 ** Function bta_jv_rfcomm_connect
1560 **
1561 ** Description Client initiates an RFCOMM connection
1562 **
1563 ** Returns void
1564 **
1565 *******************************************************************************/
bta_jv_rfcomm_connect(tBTA_JV_MSG * p_data)1566 void bta_jv_rfcomm_connect(tBTA_JV_MSG *p_data)
1567 {
1568 UINT16 handle = 0;
1569 UINT32 event_mask = BTA_JV_RFC_EV_MASK;
1570 tPORT_STATE port_state;
1571 UINT8 sec_id = 0;
1572 tBTA_JV_RFC_CB *p_cb = NULL;
1573 tBTA_JV_PCB *p_pcb;
1574 tBTA_JV_API_RFCOMM_CONNECT *cc = &(p_data->rfcomm_connect);
1575 tBTA_JV_RFCOMM_CL_INIT evt_data;
1576
1577 /* TODO DM role manager
1578 L2CA_SetDesireRole(cc->role);
1579 */
1580
1581 sec_id = bta_jv_alloc_sec_id();
1582 memset(&evt_data, 0, sizeof(evt_data));
1583 evt_data.sec_id = sec_id;
1584 evt_data.status = BTA_JV_SUCCESS;
1585 if (0 == sec_id ||
1586 BTM_SetSecurityLevel(TRUE, "", sec_id, cc->sec_mask, BT_PSM_RFCOMM,
1587 BTM_SEC_PROTO_RFCOMM, cc->remote_scn) == FALSE)
1588 {
1589 evt_data.status = BTA_JV_FAILURE;
1590 APPL_TRACE_ERROR("sec_id:%d is zero or BTM_SetSecurityLevel failed, remote_scn:%d", sec_id, cc->remote_scn);
1591 }
1592
1593 if (evt_data.status == BTA_JV_SUCCESS &&
1594 RFCOMM_CreateConnection(UUID_SERVCLASS_SERIAL_PORT, cc->remote_scn, FALSE,
1595 BTA_JV_DEF_RFC_MTU, cc->peer_bd_addr, &handle, bta_jv_port_mgmt_cl_cback) != PORT_SUCCESS)
1596 {
1597 APPL_TRACE_ERROR("bta_jv_rfcomm_connect, RFCOMM_CreateConnection failed");
1598 evt_data.status = BTA_JV_FAILURE;
1599 }
1600 if (evt_data.status == BTA_JV_SUCCESS)
1601 {
1602 p_cb = bta_jv_alloc_rfc_cb(handle, &p_pcb);
1603 if(p_cb)
1604 {
1605 p_cb->p_cback = cc->p_cback;
1606 p_cb->sec_id = sec_id;
1607 p_cb->scn = 0;
1608 p_pcb->state = BTA_JV_ST_CL_OPENING;
1609 p_pcb->user_data = cc->user_data;
1610 evt_data.use_co = TRUE;
1611
1612 PORT_SetEventCallback(handle, bta_jv_port_event_cl_cback);
1613 PORT_SetEventMask(handle, event_mask);
1614 PORT_SetDataCOCallback (handle, bta_jv_port_data_co_cback);
1615
1616 PORT_GetState(handle, &port_state);
1617
1618 port_state.fc_type = (PORT_FC_CTS_ON_INPUT | PORT_FC_CTS_ON_OUTPUT);
1619
1620 /* coverity[uninit_use_in_call]
1621 FALSE-POSITIVE: port_state is initialized at PORT_GetState() */
1622 PORT_SetState(handle, &port_state);
1623
1624 evt_data.handle = p_cb->handle;
1625 }
1626 else
1627 {
1628 evt_data.status = BTA_JV_FAILURE;
1629 APPL_TRACE_ERROR("run out of rfc control block");
1630 }
1631 }
1632 cc->p_cback(BTA_JV_RFCOMM_CL_INIT_EVT, (tBTA_JV *)&evt_data, cc->user_data);
1633 if(evt_data.status == BTA_JV_FAILURE)
1634 {
1635 if(sec_id)
1636 bta_jv_free_sec_id(&sec_id);
1637 if(handle)
1638 RFCOMM_RemoveConnection(handle);
1639 }
1640 }
1641
find_rfc_pcb(void * user_data,tBTA_JV_RFC_CB ** cb,tBTA_JV_PCB ** pcb)1642 static int find_rfc_pcb(void* user_data, tBTA_JV_RFC_CB **cb, tBTA_JV_PCB **pcb)
1643 {
1644 *cb = NULL;
1645 *pcb = NULL;
1646 int i;
1647 for (i = 0; i < MAX_RFC_PORTS; i++)
1648 {
1649 UINT32 rfc_handle = bta_jv_cb.port_cb[i].handle & BTA_JV_RFC_HDL_MASK;
1650 rfc_handle &= ~BTA_JV_RFCOMM_MASK;
1651 if (rfc_handle && bta_jv_cb.port_cb[i].user_data == user_data)
1652 {
1653 *pcb = &bta_jv_cb.port_cb[i];
1654 *cb = &bta_jv_cb.rfc_cb[rfc_handle - 1];
1655 APPL_TRACE_DEBUG("find_rfc_pcb(): FOUND rfc_cb_handle 0x%x, port.jv_handle:"
1656 " 0x%x, state: %d, rfc_cb->handle: 0x%x", rfc_handle, (*pcb)->handle,
1657 (*pcb)->state, (*cb)->handle);
1658 return 1;
1659 }
1660 }
1661 APPL_TRACE_DEBUG("find_rfc_pcb: cannot find rfc_cb from user data: %u", PTR_TO_UINT(user_data));
1662 return 0;
1663 }
1664
1665 /*******************************************************************************
1666 **
1667 ** Function bta_jv_rfcomm_close
1668 **
1669 ** Description Close an RFCOMM connection
1670 **
1671 ** Returns void
1672 **
1673 *******************************************************************************/
bta_jv_rfcomm_close(tBTA_JV_MSG * p_data)1674 void bta_jv_rfcomm_close(tBTA_JV_MSG *p_data)
1675 {
1676 tBTA_JV_API_RFCOMM_CLOSE *cc = &(p_data->rfcomm_close);
1677 tBTA_JV_RFC_CB *p_cb = NULL;
1678 tBTA_JV_PCB *p_pcb = NULL;
1679 APPL_TRACE_DEBUG("bta_jv_rfcomm_close, rfc handle:%d", cc->handle);
1680 if (!cc->handle)
1681 {
1682 APPL_TRACE_ERROR("bta_jv_rfcomm_close, rfc handle is null");
1683 return;
1684 }
1685
1686 void* user_data = cc->user_data;
1687 if (!find_rfc_pcb(user_data, &p_cb, &p_pcb))
1688 return;
1689 bta_jv_free_rfc_cb(p_cb, p_pcb);
1690 APPL_TRACE_DEBUG("bta_jv_rfcomm_close: sec id in use:%d, rfc_cb in use:%d",
1691 get_sec_id_used(), get_rfc_cb_used());
1692 }
1693
1694 /*******************************************************************************
1695 **
1696 ** Function bta_jv_port_mgmt_sr_cback
1697 **
1698 ** Description callback for port mamangement function of rfcomm
1699 ** server connections
1700 **
1701 ** Returns void
1702 **
1703 *******************************************************************************/
bta_jv_port_mgmt_sr_cback(UINT32 code,UINT16 port_handle)1704 static void bta_jv_port_mgmt_sr_cback(UINT32 code, UINT16 port_handle)
1705 {
1706 tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
1707 tBTA_JV_RFC_CB *p_cb = bta_jv_rfc_port_to_cb(port_handle);
1708 tBTA_JV evt_data;
1709 BD_ADDR rem_bda;
1710 UINT16 lcid;
1711 APPL_TRACE_DEBUG("bta_jv_port_mgmt_sr_cback, code:%d, port_handle:%d", code, port_handle);
1712 if (NULL == p_cb || NULL == p_cb->p_cback)
1713 {
1714 APPL_TRACE_ERROR("bta_jv_port_mgmt_sr_cback, p_cb:%p, p_cb->p_cback%p",
1715 p_cb, p_cb ? p_cb->p_cback : NULL);
1716 return;
1717 }
1718 void *user_data = p_pcb->user_data;
1719 APPL_TRACE_DEBUG( "bta_jv_port_mgmt_sr_cback code=%d port_handle:0x%x handle:0x%x, p_pcb:%p, user:%d",
1720 code, port_handle, p_cb->handle, p_pcb, p_pcb->user_data);
1721
1722 PORT_CheckConnection(port_handle, rem_bda, &lcid);
1723 int failed = TRUE;
1724 if (code == PORT_SUCCESS)
1725 {
1726 evt_data.rfc_srv_open.handle = p_pcb->handle;
1727 evt_data.rfc_srv_open.status = BTA_JV_SUCCESS;
1728 bdcpy(evt_data.rfc_srv_open.rem_bda, rem_bda);
1729 tBTA_JV_PCB *p_pcb_new_listen = bta_jv_add_rfc_port(p_cb, p_pcb);
1730 if (p_pcb_new_listen)
1731 {
1732 evt_data.rfc_srv_open.new_listen_handle = p_pcb_new_listen->handle;
1733 p_pcb_new_listen->user_data = p_cb->p_cback(BTA_JV_RFCOMM_SRV_OPEN_EVT, &evt_data, user_data);
1734 APPL_TRACE_DEBUG("PORT_SUCCESS: curr_sess:%d, max_sess:%d", p_cb->curr_sess, p_cb->max_sess);
1735 failed = FALSE;
1736 }
1737 else
1738 APPL_TRACE_ERROR("bta_jv_add_rfc_port failed to create new listen port");
1739 }
1740 if (failed)
1741 {
1742 evt_data.rfc_close.handle = p_cb->handle;
1743 evt_data.rfc_close.status = BTA_JV_FAILURE;
1744 evt_data.rfc_close.async = TRUE;
1745 evt_data.rfc_close.port_status = code;
1746 p_pcb->cong = FALSE;
1747
1748 tBTA_JV_RFCOMM_CBACK *p_cback = p_cb->p_cback;
1749 APPL_TRACE_DEBUG("PORT_CLOSED before BTA_JV_RFCOMM_CLOSE_EVT: curr_sess:%d, max_sess:%d",
1750 p_cb->curr_sess, p_cb->max_sess);
1751 if (BTA_JV_ST_SR_CLOSING == p_pcb->state)
1752 {
1753 evt_data.rfc_close.async = FALSE;
1754 evt_data.rfc_close.status = BTA_JV_SUCCESS;
1755 }
1756 //p_pcb->state = BTA_JV_ST_NONE;
1757 p_cback(BTA_JV_RFCOMM_CLOSE_EVT, &evt_data, user_data);
1758 //bta_jv_free_rfc_cb(p_cb, p_pcb);
1759
1760 APPL_TRACE_DEBUG("PORT_CLOSED after BTA_JV_RFCOMM_CLOSE_EVT: curr_sess:%d, max_sess:%d",
1761 p_cb->curr_sess, p_cb->max_sess);
1762 }
1763 }
1764
1765 /*******************************************************************************
1766 **
1767 ** Function bta_jv_port_event_sr_cback
1768 **
1769 ** Description Callback for RFCOMM server port events
1770 **
1771 ** Returns void
1772 **
1773 *******************************************************************************/
bta_jv_port_event_sr_cback(UINT32 code,UINT16 port_handle)1774 static void bta_jv_port_event_sr_cback(UINT32 code, UINT16 port_handle)
1775 {
1776 tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
1777 tBTA_JV_RFC_CB *p_cb = bta_jv_rfc_port_to_cb(port_handle);
1778 tBTA_JV evt_data;
1779
1780 if (NULL == p_cb || NULL == p_cb->p_cback)
1781 return;
1782
1783 APPL_TRACE_DEBUG( "bta_jv_port_event_sr_cback code=x%x port_handle:%d handle:%d",
1784 code, port_handle, p_cb->handle);
1785
1786 void *user_data = p_pcb->user_data;
1787 if (code & PORT_EV_RXCHAR)
1788 {
1789 evt_data.data_ind.handle = p_cb->handle;
1790 p_cb->p_cback(BTA_JV_RFCOMM_DATA_IND_EVT, &evt_data, user_data);
1791 }
1792
1793 if (code & PORT_EV_FC)
1794 {
1795 p_pcb->cong = (code & PORT_EV_FCS) ? FALSE : TRUE;
1796 evt_data.rfc_cong.cong = p_pcb->cong;
1797 evt_data.rfc_cong.handle = p_cb->handle;
1798 evt_data.rfc_cong.status = BTA_JV_SUCCESS;
1799 p_cb->p_cback(BTA_JV_RFCOMM_CONG_EVT, &evt_data, user_data);
1800 }
1801
1802 if (code & PORT_EV_TXEMPTY)
1803 {
1804 bta_jv_pm_conn_idle(p_pcb->p_pm_cb);
1805 }
1806 }
1807
1808 /*******************************************************************************
1809 **
1810 ** Function bta_jv_add_rfc_port
1811 **
1812 ** Description add a port for server when the existing posts is open
1813 **
1814 ** Returns return a pointer to tBTA_JV_PCB just added
1815 **
1816 *******************************************************************************/
bta_jv_add_rfc_port(tBTA_JV_RFC_CB * p_cb,tBTA_JV_PCB * p_pcb_open)1817 static tBTA_JV_PCB * bta_jv_add_rfc_port(tBTA_JV_RFC_CB *p_cb, tBTA_JV_PCB *p_pcb_open)
1818 {
1819 UINT8 used = 0, i, listen=0;
1820 UINT32 si = 0;
1821 tPORT_STATE port_state;
1822 UINT32 event_mask = BTA_JV_RFC_EV_MASK;
1823 tBTA_JV_PCB *p_pcb = NULL;
1824 if (p_cb->max_sess > 1)
1825 {
1826 for (i=0; i < p_cb->max_sess; i++)
1827 {
1828 if (p_cb->rfc_hdl[i] != 0)
1829 {
1830 p_pcb = &bta_jv_cb.port_cb[p_cb->rfc_hdl[i] - 1];
1831 if (p_pcb->state == BTA_JV_ST_SR_LISTEN)
1832 {
1833 listen++;
1834 if (p_pcb_open == p_pcb)
1835 {
1836 APPL_TRACE_DEBUG("bta_jv_add_rfc_port, port_handle:%d, change the listen port to open state",
1837 p_pcb->port_handle);
1838 p_pcb->state = BTA_JV_ST_SR_OPEN;
1839
1840 }
1841 else
1842 {
1843 APPL_TRACE_ERROR("bta_jv_add_rfc_port, open pcb not matching listen one,"
1844 "listen count:%d, listen pcb handle:%d, open pcb:%d",
1845 listen, p_pcb->port_handle, p_pcb_open->handle);
1846 return NULL;
1847 }
1848 }
1849 used++;
1850 }
1851 else if (si == 0)
1852 {
1853 si = i + 1;
1854 }
1855 }
1856
1857 APPL_TRACE_DEBUG("bta_jv_add_rfc_port max_sess=%d used:%d curr_sess:%d, listen:%d si:%d",
1858 p_cb->max_sess, used, p_cb->curr_sess, listen, si);
1859 if (used < p_cb->max_sess && listen == 1 && si)
1860 {
1861 si--;
1862 if (RFCOMM_CreateConnection(p_cb->sec_id, p_cb->scn, TRUE,
1863 BTA_JV_DEF_RFC_MTU, (UINT8 *) bd_addr_any, &(p_cb->rfc_hdl[si]), bta_jv_port_mgmt_sr_cback) == PORT_SUCCESS)
1864 {
1865 p_cb->curr_sess++;
1866 p_pcb = &bta_jv_cb.port_cb[p_cb->rfc_hdl[si] - 1];
1867 p_pcb->state = BTA_JV_ST_SR_LISTEN;
1868 p_pcb->port_handle = p_cb->rfc_hdl[si];
1869 p_pcb->user_data = p_pcb_open->user_data;
1870
1871 PORT_ClearKeepHandleFlag(p_pcb->port_handle);
1872 PORT_SetEventCallback(p_pcb->port_handle, bta_jv_port_event_sr_cback);
1873 PORT_SetDataCOCallback (p_pcb->port_handle, bta_jv_port_data_co_cback);
1874 PORT_SetEventMask(p_pcb->port_handle, event_mask);
1875 PORT_GetState(p_pcb->port_handle, &port_state);
1876
1877 port_state.fc_type = (PORT_FC_CTS_ON_INPUT | PORT_FC_CTS_ON_OUTPUT);
1878
1879 PORT_SetState(p_pcb->port_handle, &port_state);
1880 p_pcb->handle = BTA_JV_RFC_H_S_TO_HDL(p_cb->handle, si);
1881 APPL_TRACE_DEBUG("bta_jv_add_rfc_port: p_pcb->handle:0x%x, curr_sess:%d",
1882 p_pcb->handle, p_cb->curr_sess);
1883 }
1884 }
1885 else
1886 APPL_TRACE_ERROR("bta_jv_add_rfc_port, cannot create new rfc listen port");
1887 }
1888 APPL_TRACE_DEBUG("bta_jv_add_rfc_port: sec id in use:%d, rfc_cb in use:%d",
1889 get_sec_id_used(), get_rfc_cb_used());
1890 return p_pcb;
1891 }
1892
1893 /*******************************************************************************
1894 **
1895 ** Function bta_jv_rfcomm_start_server
1896 **
1897 ** Description waits for an RFCOMM client to connect
1898 **
1899 **
1900 ** Returns void
1901 **
1902 *******************************************************************************/
bta_jv_rfcomm_start_server(tBTA_JV_MSG * p_data)1903 void bta_jv_rfcomm_start_server(tBTA_JV_MSG *p_data)
1904 {
1905 UINT16 handle = 0;
1906 UINT32 event_mask = BTA_JV_RFC_EV_MASK;
1907 tPORT_STATE port_state;
1908 UINT8 sec_id = 0;
1909 tBTA_JV_RFC_CB *p_cb = NULL;
1910 tBTA_JV_PCB *p_pcb;
1911 tBTA_JV_API_RFCOMM_SERVER *rs = &(p_data->rfcomm_server);
1912 tBTA_JV_RFCOMM_START evt_data;
1913
1914 /* TODO DM role manager
1915 L2CA_SetDesireRole(rs->role);
1916 */
1917 memset(&evt_data, 0, sizeof(evt_data));
1918 evt_data.status = BTA_JV_FAILURE;
1919 APPL_TRACE_DEBUG("bta_jv_rfcomm_start_server: sec id in use:%d, rfc_cb in use:%d",
1920 get_sec_id_used(), get_rfc_cb_used());
1921
1922 do
1923 {
1924 sec_id = bta_jv_alloc_sec_id();
1925
1926 if (0 == sec_id ||
1927 BTM_SetSecurityLevel(FALSE, "JV PORT", sec_id, rs->sec_mask,
1928 BT_PSM_RFCOMM, BTM_SEC_PROTO_RFCOMM, rs->local_scn) == FALSE)
1929 {
1930 APPL_TRACE_ERROR("bta_jv_rfcomm_start_server, run out of sec_id");
1931 break;
1932 }
1933
1934 if (RFCOMM_CreateConnection(sec_id, rs->local_scn, TRUE,
1935 BTA_JV_DEF_RFC_MTU, (UINT8 *) bd_addr_any, &handle, bta_jv_port_mgmt_sr_cback) != PORT_SUCCESS)
1936 {
1937 APPL_TRACE_ERROR("bta_jv_rfcomm_start_server, RFCOMM_CreateConnection failed");
1938 break;
1939 }
1940
1941
1942 p_cb = bta_jv_alloc_rfc_cb(handle, &p_pcb);
1943 if (!p_cb)
1944 {
1945 APPL_TRACE_ERROR("bta_jv_rfcomm_start_server, run out of rfc control block");
1946 break;
1947 }
1948
1949 p_cb->max_sess = rs->max_session;
1950 p_cb->p_cback = rs->p_cback;
1951 p_cb->sec_id = sec_id;
1952 p_cb->scn = rs->local_scn;
1953 p_pcb->state = BTA_JV_ST_SR_LISTEN;
1954 p_pcb->user_data = rs->user_data;
1955 evt_data.status = BTA_JV_SUCCESS;
1956 evt_data.handle = p_cb->handle;
1957 evt_data.sec_id = sec_id;
1958 evt_data.use_co = TRUE;
1959
1960 PORT_ClearKeepHandleFlag(handle);
1961 PORT_SetEventCallback(handle, bta_jv_port_event_sr_cback);
1962 PORT_SetEventMask(handle, event_mask);
1963 PORT_GetState(handle, &port_state);
1964
1965 port_state.fc_type = (PORT_FC_CTS_ON_INPUT | PORT_FC_CTS_ON_OUTPUT);
1966
1967 PORT_SetState(handle, &port_state);
1968 } while (0);
1969
1970 rs->p_cback(BTA_JV_RFCOMM_START_EVT, (tBTA_JV *)&evt_data, rs->user_data);
1971 if (evt_data.status == BTA_JV_SUCCESS)
1972 {
1973 PORT_SetDataCOCallback (handle, bta_jv_port_data_co_cback);
1974 }
1975 else
1976 {
1977 if (sec_id)
1978 bta_jv_free_sec_id(&sec_id);
1979 if (handle)
1980 RFCOMM_RemoveConnection(handle);
1981 }
1982 }
1983
1984 /*******************************************************************************
1985 **
1986 ** Function bta_jv_rfcomm_stop_server
1987 **
1988 ** Description stops an RFCOMM server
1989 **
1990 ** Returns void
1991 **
1992 *******************************************************************************/
1993
bta_jv_rfcomm_stop_server(tBTA_JV_MSG * p_data)1994 void bta_jv_rfcomm_stop_server(tBTA_JV_MSG *p_data)
1995 {
1996 tBTA_JV_API_RFCOMM_SERVER *ls = &(p_data->rfcomm_server);
1997 tBTA_JV_RFC_CB *p_cb = NULL;
1998 tBTA_JV_PCB *p_pcb = NULL;
1999 APPL_TRACE_DEBUG("bta_jv_rfcomm_stop_server");
2000 if (!ls->handle)
2001 {
2002 APPL_TRACE_ERROR("bta_jv_rfcomm_stop_server, jv handle is null");
2003 return;
2004 }
2005 void* user_data = ls->user_data;
2006 if (!find_rfc_pcb(user_data, &p_cb, &p_pcb))
2007 return;
2008 APPL_TRACE_DEBUG("bta_jv_rfcomm_stop_server: p_pcb:%p, p_pcb->port_handle:%d",
2009 p_pcb, p_pcb->port_handle);
2010 bta_jv_free_rfc_cb(p_cb, p_pcb);
2011 APPL_TRACE_DEBUG("bta_jv_rfcomm_stop_server: sec id in use:%d, rfc_cb in use:%d",
2012 get_sec_id_used(), get_rfc_cb_used());
2013 }
2014
2015 /*******************************************************************************
2016 **
2017 ** Function bta_jv_rfcomm_write
2018 **
2019 ** Description write data to an RFCOMM connection
2020 **
2021 ** Returns void
2022 **
2023 *******************************************************************************/
bta_jv_rfcomm_write(tBTA_JV_MSG * p_data)2024 void bta_jv_rfcomm_write(tBTA_JV_MSG *p_data)
2025 {
2026 tBTA_JV_API_RFCOMM_WRITE *wc = &(p_data->rfcomm_write);
2027 tBTA_JV_RFC_CB *p_cb = wc->p_cb;
2028 tBTA_JV_PCB *p_pcb = wc->p_pcb;
2029 tBTA_JV_RFCOMM_WRITE evt_data;
2030
2031 evt_data.status = BTA_JV_FAILURE;
2032 evt_data.handle = p_cb->handle;
2033 evt_data.req_id = wc->req_id;
2034 evt_data.cong = p_pcb->cong;
2035 evt_data.len = 0;
2036 bta_jv_pm_conn_busy(p_pcb->p_pm_cb);
2037 if (!evt_data.cong &&
2038 PORT_WriteDataCO(p_pcb->port_handle, &evt_data.len) ==
2039 PORT_SUCCESS)
2040 {
2041 evt_data.status = BTA_JV_SUCCESS;
2042 }
2043 //update congestion flag
2044 evt_data.cong = p_pcb->cong;
2045 if (p_cb->p_cback)
2046 {
2047 p_cb->p_cback(BTA_JV_RFCOMM_WRITE_EVT, (tBTA_JV *)&evt_data, p_pcb->user_data);
2048 }
2049 else
2050 {
2051 APPL_TRACE_ERROR("bta_jv_rfcomm_write :: WARNING ! No JV callback set");
2052 }
2053 }
2054
2055 /*******************************************************************************
2056 **
2057 ** Function bta_jv_set_pm_profile
2058 **
2059 ** Description Set or free power mode profile for a JV application
2060 **
2061 ** Returns void
2062 **
2063 *******************************************************************************/
bta_jv_set_pm_profile(tBTA_JV_MSG * p_data)2064 void bta_jv_set_pm_profile(tBTA_JV_MSG *p_data)
2065 {
2066 tBTA_JV_STATUS status;
2067 tBTA_JV_PM_CB *p_cb;
2068
2069 APPL_TRACE_API("bta_jv_set_pm_profile(handle: 0x%x, app_id: %d, init_st: %d)",
2070 p_data->set_pm.handle, p_data->set_pm.app_id, p_data->set_pm.init_st);
2071
2072 /* clear PM control block */
2073 if (p_data->set_pm.app_id == BTA_JV_PM_ID_CLEAR)
2074 {
2075 status = bta_jv_free_set_pm_profile_cb(p_data->set_pm.handle);
2076
2077 if (status != BTA_JV_SUCCESS)
2078 {
2079 APPL_TRACE_WARNING("bta_jv_set_pm_profile() free pm cb failed: reason %d",
2080 status);
2081 }
2082 }
2083 else /* set PM control block */
2084 {
2085 p_cb = bta_jv_alloc_set_pm_profile_cb(p_data->set_pm.handle,
2086 p_data->set_pm.app_id);
2087
2088 if (NULL != p_cb)
2089 bta_jv_pm_state_change(p_cb, p_data->set_pm.init_st);
2090 else
2091 APPL_TRACE_WARNING("bta_jv_alloc_set_pm_profile_cb() failed");
2092 }
2093 }
2094
2095 /*******************************************************************************
2096 **
2097 ** Function bta_jv_change_pm_state
2098 **
2099 ** Description change jv pm connect state, used internally
2100 **
2101 ** Returns void
2102 **
2103 *******************************************************************************/
bta_jv_change_pm_state(tBTA_JV_MSG * p_data)2104 void bta_jv_change_pm_state(tBTA_JV_MSG *p_data)
2105 {
2106 tBTA_JV_API_PM_STATE_CHANGE *p_msg = (tBTA_JV_API_PM_STATE_CHANGE *)p_data;
2107
2108 if (p_msg->p_cb)
2109 bta_jv_pm_state_change(p_msg->p_cb, p_msg->state);
2110 }
2111
2112
2113 /*******************************************************************************
2114 **
2115 ** Function bta_jv_set_pm_conn_state
2116 **
2117 ** Description Send pm event state change to jv state machine to serialize jv pm changes
2118 ** in relation to other jv messages. internal API use mainly.
2119 **
2120 ** Params: p_cb: jv pm control block, NULL pointer returns failure
2121 ** new_state: new PM connections state, setting is forced by action function
2122 **
2123 ** Returns BTA_JV_SUCCESS, BTA_JV_FAILURE (buffer allocation, or NULL ptr!)
2124 **
2125 *******************************************************************************/
bta_jv_set_pm_conn_state(tBTA_JV_PM_CB * p_cb,const tBTA_JV_CONN_STATE new_st)2126 tBTA_JV_STATUS bta_jv_set_pm_conn_state(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE
2127 new_st)
2128 {
2129 if (p_cb == NULL)
2130 return BTA_JV_FAILURE;
2131
2132 APPL_TRACE_API("%s: handle:0x%x, state: %d", __func__, p_cb->handle,
2133 new_st);
2134
2135 tBTA_JV_API_PM_STATE_CHANGE *p_msg =
2136 (tBTA_JV_API_PM_STATE_CHANGE *)osi_malloc(sizeof(tBTA_JV_API_PM_STATE_CHANGE));
2137 p_msg->hdr.event = BTA_JV_API_PM_STATE_CHANGE_EVT;
2138 p_msg->p_cb = p_cb;
2139 p_msg->state = new_st;
2140
2141 bta_sys_sendmsg(p_msg);
2142
2143 return BTA_JV_SUCCESS;
2144 }
2145
2146 /*******************************************************************************
2147 **
2148 ** Function bta_jv_pm_conn_busy
2149 **
2150 ** Description set pm connection busy state (input param safe)
2151 **
2152 ** Params p_cb: pm control block of jv connection
2153 **
2154 ** Returns void
2155 **
2156 *******************************************************************************/
bta_jv_pm_conn_busy(tBTA_JV_PM_CB * p_cb)2157 static void bta_jv_pm_conn_busy(tBTA_JV_PM_CB *p_cb)
2158 {
2159 if ((NULL != p_cb) && (BTA_JV_PM_IDLE_ST == p_cb->state))
2160 bta_jv_pm_state_change(p_cb, BTA_JV_CONN_BUSY);
2161 }
2162
2163 /*******************************************************************************
2164 **
2165 ** Function bta_jv_pm_conn_busy
2166 **
2167 ** Description set pm connection busy state (input param safe)
2168 **
2169 ** Params p_cb: pm control block of jv connection
2170 **
2171 ** Returns void
2172 **
2173 *******************************************************************************/
bta_jv_pm_conn_idle(tBTA_JV_PM_CB * p_cb)2174 static void bta_jv_pm_conn_idle(tBTA_JV_PM_CB *p_cb)
2175 {
2176 if ((NULL != p_cb) && (BTA_JV_PM_IDLE_ST != p_cb->state))
2177 bta_jv_pm_state_change(p_cb, BTA_JV_CONN_IDLE);
2178 }
2179
2180 /*******************************************************************************
2181 **
2182 ** Function bta_jv_pm_state_change
2183 **
2184 ** Description Notify power manager there is state change
2185 **
2186 ** Params p_cb: must be NONE NULL
2187 **
2188 ** Returns void
2189 **
2190 *******************************************************************************/
bta_jv_pm_state_change(tBTA_JV_PM_CB * p_cb,const tBTA_JV_CONN_STATE state)2191 static void bta_jv_pm_state_change(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE state)
2192 {
2193 APPL_TRACE_API("bta_jv_pm_state_change(p_cb: 0x%x, handle: 0x%x, busy/idle_state: %d"
2194 ", app_id: %d, conn_state: %d)", p_cb, p_cb->handle, p_cb->state,
2195 p_cb->app_id, state);
2196
2197 switch (state)
2198 {
2199 case BTA_JV_CONN_OPEN:
2200 bta_sys_conn_open(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2201 break;
2202
2203 case BTA_JV_CONN_CLOSE:
2204 bta_sys_conn_close(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2205 break;
2206
2207 case BTA_JV_APP_OPEN:
2208 bta_sys_app_open(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2209 break;
2210
2211 case BTA_JV_APP_CLOSE:
2212 bta_sys_app_close(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2213 break;
2214
2215 case BTA_JV_SCO_OPEN:
2216 bta_sys_sco_open(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2217 break;
2218
2219 case BTA_JV_SCO_CLOSE:
2220 bta_sys_sco_close(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2221 break;
2222
2223 case BTA_JV_CONN_IDLE:
2224 p_cb->state = BTA_JV_PM_IDLE_ST;
2225 bta_sys_idle(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2226 break;
2227
2228 case BTA_JV_CONN_BUSY:
2229 p_cb->state = BTA_JV_PM_BUSY_ST;
2230 bta_sys_busy(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
2231 break;
2232
2233 default:
2234 APPL_TRACE_WARNING("bta_jv_pm_state_change(state: %d): Invalid state", state);
2235 break;
2236 }
2237 }
2238 /**********************************************************************************************/
2239
2240
fcchan_get(uint16_t chan,char create)2241 static struct fc_channel *fcchan_get(uint16_t chan, char create)
2242 {
2243 struct fc_channel *t = fc_channels;
2244 static tL2CAP_FIXED_CHNL_REG fcr = {
2245 .pL2CA_FixedConn_Cb = fcchan_conn_chng_cbk,
2246 .pL2CA_FixedData_Cb = fcchan_data_cbk,
2247 .default_idle_tout = 0xffff,
2248 .fixed_chnl_opts = {
2249 .mode = L2CAP_FCR_BASIC_MODE,
2250 .max_transmit = 0xFF,
2251 .rtrans_tout = 2000,
2252 .mon_tout = 12000,
2253 .mps = 670,
2254 .tx_win_sz = 1,
2255 },
2256 };
2257
2258 while (t && t->chan != chan)
2259 t = t->next;
2260
2261 if (t)
2262 return t;
2263 else if (!create)
2264 return NULL; /* we cannot alloc a struct if not asked to */
2265
2266 t = osi_calloc(sizeof(*t));
2267 t->chan = chan;
2268
2269 if (!L2CA_RegisterFixedChannel(chan, &fcr)) {
2270 osi_free(t);
2271 return NULL;
2272 }
2273
2274 //link it in
2275 t->next = fc_channels;
2276 fc_channels = t;
2277
2278 return t;
2279 }
2280
2281 /* pass NULL to find servers */
fcclient_find_by_addr(struct fc_client * start,BD_ADDR addr)2282 static struct fc_client *fcclient_find_by_addr(struct fc_client *start, BD_ADDR addr)
2283 {
2284 struct fc_client *t = start;
2285
2286 while (t) {
2287
2288 /* match client if have addr */
2289 if (addr && !memcmp(addr, &t->remote_addr, sizeof(t->remote_addr)))
2290 break;
2291
2292 /* match server if do not have addr */
2293 if (!addr && t->server)
2294 break;
2295
2296 t = t->next_all_list;
2297 }
2298
2299 return t;
2300 }
2301
fcclient_find_by_id(uint32_t id)2302 static struct fc_client *fcclient_find_by_id(uint32_t id)
2303 {
2304 struct fc_client *t = fc_clients;
2305
2306 while (t && t->id != id)
2307 t = t->next_all_list;
2308
2309 return t;
2310 }
2311
fcclient_alloc(uint16_t chan,char server,const uint8_t * sec_id_to_use)2312 static struct fc_client *fcclient_alloc(uint16_t chan, char server, const uint8_t *sec_id_to_use)
2313 {
2314 struct fc_channel *fc = fcchan_get(chan, TRUE);
2315 struct fc_client *t;
2316 uint8_t sec_id;
2317
2318 if (!fc)
2319 return NULL;
2320
2321 if (fc->has_server && server)
2322 return NULL; /* no way to have multiple servers on same channel */
2323
2324 if (sec_id_to_use)
2325 sec_id = *sec_id_to_use;
2326 else
2327 sec_id = bta_jv_alloc_sec_id();
2328
2329 t = osi_calloc(sizeof(*t));
2330 // Allocate it a unique ID
2331 do {
2332 t->id = ++fc_next_id;
2333 } while (!t->id || fcclient_find_by_id(t->id));
2334
2335 // Populate some params
2336 t->chan = chan;
2337 t->server = server;
2338
2339 // Get a security id
2340 t->sec_id = sec_id;
2341
2342 // Link it in to global list
2343 t->next_all_list = fc_clients;
2344 fc_clients = t;
2345
2346 // Link it in to channel list
2347 t->next_chan_list = fc->clients;
2348 fc->clients = t;
2349
2350 // Update channel if needed
2351 if (server)
2352 fc->has_server = TRUE;
2353
2354 return t;
2355 }
2356
fcclient_free(struct fc_client * fc)2357 static void fcclient_free(struct fc_client *fc)
2358 {
2359 struct fc_client *t = fc_clients;
2360 struct fc_channel *tc = fcchan_get(fc->chan, FALSE);
2361
2362 //remove from global list
2363 while (t && t->next_all_list != fc)
2364 t = t->next_all_list;
2365
2366 if (!t && fc != fc_clients)
2367 return; /* prevent double-free */
2368
2369 if (t)
2370 t->next_all_list = fc->next_all_list;
2371 else
2372 fc_clients = fc->next_all_list;
2373
2374 //remove from channel list
2375 if (tc) {
2376 t = tc->clients;
2377
2378 while (t && t->next_chan_list != fc)
2379 t = t->next_chan_list;
2380
2381 if (t)
2382 t->next_chan_list = fc->next_chan_list;
2383 else
2384 tc->clients = fc->next_chan_list;
2385
2386 //if was server then channel no longer has a server
2387 if (fc->server)
2388 tc->has_server = FALSE;
2389 }
2390
2391 //free security id
2392 bta_jv_free_sec_id(&fc->sec_id);
2393
2394 osi_free(fc);
2395 }
2396
fcchan_conn_chng_cbk(UINT16 chan,BD_ADDR bd_addr,BOOLEAN connected,UINT16 reason,tBT_TRANSPORT transport)2397 static void fcchan_conn_chng_cbk(UINT16 chan, BD_ADDR bd_addr, BOOLEAN connected, UINT16 reason, tBT_TRANSPORT transport)
2398 {
2399 tBTA_JV init_evt;
2400 tBTA_JV open_evt;
2401 struct fc_channel *tc;
2402 struct fc_client *t = NULL, *new_conn;
2403 tBTA_JV_L2CAP_CBACK *p_cback = NULL;
2404 char call_init = FALSE;
2405 void *user_data = NULL;
2406
2407
2408 tc = fcchan_get(chan, FALSE);
2409 if (tc) {
2410 t = fcclient_find_by_addr(tc->clients, bd_addr); // try to find an open socked for that addr
2411 if (t) {
2412 p_cback = t->p_cback;
2413 user_data = t->user_data;
2414 } else {
2415 t = fcclient_find_by_addr(tc->clients, NULL); // try to find a listening socked for that channel
2416 if (t) {
2417 //found: create a normal connection socket and assign the connection to it
2418 new_conn = fcclient_alloc(chan, FALSE, &t->sec_id);
2419 if (new_conn){
2420
2421 memcpy(&new_conn->remote_addr, bd_addr, sizeof(new_conn->remote_addr));
2422 new_conn->p_cback = NULL; //for now
2423 new_conn->init_called = TRUE; /*nop need to do it again */
2424
2425 p_cback = t->p_cback;
2426 user_data = t->user_data;
2427
2428 t = new_conn;
2429 }
2430 } else {
2431 //drop it
2432 return;
2433 }
2434 }
2435 }
2436
2437 if (t) {
2438
2439 if (!t->init_called) {
2440
2441 call_init = TRUE;
2442 t->init_called = TRUE;
2443
2444 init_evt.l2c_cl_init.handle = t->id;
2445 init_evt.l2c_cl_init.status = BTA_JV_SUCCESS;
2446 init_evt.l2c_cl_init.sec_id = t->sec_id;
2447 }
2448
2449 open_evt.l2c_open.handle = t->id;
2450 open_evt.l2c_open.tx_mtu = 23; /* 23, why not ?*/
2451 memcpy(&open_evt.l2c_le_open.rem_bda, &t->remote_addr, sizeof(open_evt.l2c_le_open.rem_bda));
2452 open_evt.l2c_le_open.p_p_cback = (void**)&t->p_cback;
2453 open_evt.l2c_le_open.p_user_data = &t->user_data;
2454 open_evt.l2c_le_open.status = BTA_JV_SUCCESS;
2455
2456 if (connected) {
2457 open_evt.l2c_open.status = BTA_JV_SUCCESS;
2458 } else {
2459 fcclient_free(t);
2460 open_evt.l2c_open.status = BTA_JV_FAILURE;
2461 }
2462 }
2463
2464 if (call_init)
2465 p_cback(BTA_JV_L2CAP_CL_INIT_EVT, &init_evt, user_data);
2466
2467 //call this with lock taken so socket does not disappear from under us */
2468 if (p_cback) {
2469 p_cback(BTA_JV_L2CAP_OPEN_EVT, &open_evt, user_data);
2470 if (!t->p_cback) /* no callback set, means they do not want this one... */
2471 fcclient_free(t);
2472 }
2473 }
2474
fcchan_data_cbk(UINT16 chan,BD_ADDR bd_addr,BT_HDR * p_buf)2475 static void fcchan_data_cbk(UINT16 chan, BD_ADDR bd_addr, BT_HDR *p_buf)
2476 {
2477 tBTA_JV evt_data;
2478 struct fc_channel *tc;
2479 struct fc_client *t = NULL;
2480 tBTA_JV_L2CAP_CBACK *sock_cback = NULL;
2481 void *sock_user_data;
2482
2483 tc = fcchan_get(chan, FALSE);
2484 if (tc) {
2485 t = fcclient_find_by_addr(tc->clients, bd_addr); // try to find an open socked for that addr and channel
2486 if (!t) {
2487 //no socket -> drop it
2488 return;
2489 }
2490 }
2491
2492 sock_cback = t->p_cback;
2493 sock_user_data = t->user_data;
2494 evt_data.le_data_ind.handle = t->id;
2495 evt_data.le_data_ind.p_buf = p_buf;
2496
2497 if (sock_cback)
2498 sock_cback(BTA_JV_L2CAP_DATA_IND_EVT, &evt_data, sock_user_data);
2499 }
2500
2501
2502 /*******************************************************************************
2503 **
2504 ** Function bta_jv_l2cap_connect_le
2505 **
2506 ** Description makes an le l2cap client connection
2507 **
2508 ** Returns void
2509 **
2510 *******************************************************************************/
bta_jv_l2cap_connect_le(tBTA_JV_MSG * p_data)2511 void bta_jv_l2cap_connect_le(tBTA_JV_MSG *p_data)
2512 {
2513 tBTA_JV_API_L2CAP_CONNECT *cc = &(p_data->l2cap_connect);
2514 tBTA_JV evt;
2515 uint32_t id;
2516 char call_init_f = TRUE;
2517 struct fc_client *t;
2518
2519 evt.l2c_cl_init.handle = GAP_INVALID_HANDLE;
2520 evt.l2c_cl_init.status = BTA_JV_FAILURE;
2521
2522 t = fcclient_alloc(cc->remote_chan, FALSE, NULL);
2523 if (!t) {
2524 cc->p_cback(BTA_JV_L2CAP_CL_INIT_EVT, &evt, cc->user_data);
2525 return;
2526 }
2527
2528 t->p_cback = cc->p_cback;
2529 t->user_data = cc->user_data;
2530 memcpy(&t->remote_addr, &cc->peer_bd_addr, sizeof(t->remote_addr));
2531 id = t->id;
2532 t->init_called = FALSE;
2533
2534 if (L2CA_ConnectFixedChnl(t->chan, t->remote_addr)) {
2535
2536 evt.l2c_cl_init.status = BTA_JV_SUCCESS;
2537 evt.l2c_cl_init.handle = id;
2538 }
2539
2540 //it could have been deleted/moved from under us, so re-find it */
2541 t = fcclient_find_by_id(id);
2542 if (t) {
2543 if (evt.l2c_cl_init.status == BTA_JV_SUCCESS)
2544 call_init_f = !t->init_called;
2545 else
2546 fcclient_free(t);
2547 }
2548 if (call_init_f)
2549 cc->p_cback(BTA_JV_L2CAP_CL_INIT_EVT, &evt, cc->user_data);
2550 t->init_called = TRUE;
2551 }
2552
2553
2554 /*******************************************************************************
2555 **
2556 ** Function bta_jv_l2cap_stop_server_le
2557 **
2558 ** Description stops an LE L2CAP server
2559 **
2560 ** Returns void
2561 **
2562 *******************************************************************************/
bta_jv_l2cap_stop_server_le(tBTA_JV_MSG * p_data)2563 void bta_jv_l2cap_stop_server_le(tBTA_JV_MSG *p_data)
2564 {
2565 tBTA_JV evt;
2566 tBTA_JV_API_L2CAP_SERVER *ls = &(p_data->l2cap_server);
2567 tBTA_JV_L2CAP_CBACK *p_cback = NULL;
2568 struct fc_channel *fcchan;
2569 struct fc_client *fcclient;
2570 void *user_data;
2571
2572 evt.l2c_close.status = BTA_JV_FAILURE;
2573 evt.l2c_close.async = FALSE;
2574 evt.l2c_close.handle = GAP_INVALID_HANDLE;
2575
2576 fcchan = fcchan_get(ls->local_chan, FALSE);
2577 if (fcchan) {
2578 while((fcclient = fcchan->clients)) {
2579 p_cback = fcclient->p_cback;
2580 user_data = fcclient->user_data;
2581
2582 evt.l2c_close.handle = fcclient->id;
2583 evt.l2c_close.status = BTA_JV_SUCCESS;
2584 evt.l2c_close.async = FALSE;
2585
2586 fcclient_free(fcclient);
2587
2588 if (p_cback)
2589 p_cback(BTA_JV_L2CAP_CLOSE_EVT, &evt, user_data);
2590 }
2591 }
2592 }
2593
2594 /*******************************************************************************
2595 **
2596 ** Function bta_jv_l2cap_start_server_le
2597 **
2598 ** Description starts an LE L2CAP server
2599 **
2600 ** Returns void
2601 **
2602 *******************************************************************************/
bta_jv_l2cap_start_server_le(tBTA_JV_MSG * p_data)2603 void bta_jv_l2cap_start_server_le(tBTA_JV_MSG *p_data)
2604 {
2605 tBTA_JV_API_L2CAP_SERVER *ss = &(p_data->l2cap_server);
2606 tBTA_JV_L2CAP_START evt_data;
2607 struct fc_client *t;
2608
2609 evt_data.handle = GAP_INVALID_HANDLE;
2610 evt_data.status = BTA_JV_FAILURE;
2611
2612
2613 t = fcclient_alloc(ss->local_chan, TRUE, NULL);
2614 if (!t)
2615 goto out;
2616
2617 t->p_cback = ss->p_cback;
2618 t->user_data = ss->user_data;
2619
2620 //if we got here, we're registered...
2621 evt_data.status = BTA_JV_SUCCESS;
2622 evt_data.handle = t->id;
2623 evt_data.sec_id = t->sec_id;
2624
2625 out:
2626 ss->p_cback(BTA_JV_L2CAP_START_EVT, (tBTA_JV *)&evt_data, ss->user_data);
2627 }
2628
2629 /*******************************************************************************
2630 **
2631 ** Function bta_jv_l2cap_close_fixed
2632 **
2633 ** Description close a fixed channel connection. calls no callbacks. idempotent
2634 **
2635 ** Returns void
2636 **
2637 *******************************************************************************/
bta_jv_l2cap_close_fixed(tBTA_JV_MSG * p_data)2638 extern void bta_jv_l2cap_close_fixed (tBTA_JV_MSG *p_data)
2639 {
2640 tBTA_JV_API_L2CAP_CLOSE *cc = &(p_data->l2cap_close);
2641 struct fc_client *t;
2642
2643 t = fcclient_find_by_id(cc->handle);
2644 if (t)
2645 fcclient_free(t);
2646 }
2647