/******************************************************************************* ** ** Function rfc_port_sm_sabme_wait_ua ** ** Description This function handles events when SABME on the DLC was ** sent and SM is waiting for UA or DM. ** ** Returns void ** *******************************************************************************/ void rfc_port_sm_sabme_wait_ua (tPORT *p_port, UINT16 event, void *p_data) { switch (event) { case RFC_EVENT_OPEN: case RFC_EVENT_ESTABLISH_RSP: RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; case RFC_EVENT_CLOSE: rfc_port_timer_start (p_port, RFC_DISC_TIMEOUT); rfc_send_disc (p_port->rfc.p_mcb, p_port->dlci); p_port->rfc.expected_rsp = 0; p_port->rfc.state = RFC_STATE_DISC_WAIT_UA; return; case RFC_EVENT_CLEAR: rfc_port_closed (p_port); return; case RFC_EVENT_DATA: GKI_freebuf (p_data); break; case RFC_EVENT_UA: rfc_port_timer_stop (p_port); p_port->rfc.state = RFC_STATE_OPENED; PORT_DlcEstablishCnf (p_port->rfc.p_mcb, p_port->dlci, p_port->rfc.p_mcb->peer_l2cap_mtu, RFCOMM_SUCCESS); return; case RFC_EVENT_DM: p_port->rfc.p_mcb->is_disc_initiator = TRUE; PORT_DlcEstablishCnf (p_port->rfc.p_mcb, p_port->dlci, p_port->rfc.p_mcb->peer_l2cap_mtu, RFCOMM_ERROR); rfc_port_closed (p_port); return; case RFC_EVENT_DISC: rfc_send_ua (p_port->rfc.p_mcb, p_port->dlci); PORT_DlcEstablishCnf (p_port->rfc.p_mcb, p_port->dlci, p_port->rfc.p_mcb->peer_l2cap_mtu, RFCOMM_ERROR); rfc_port_closed (p_port); return; case RFC_EVENT_SABME: /* Continue to wait for the UA the SABME this side sent */ rfc_send_ua (p_port->rfc.p_mcb, p_port->dlci); return; case RFC_EVENT_UIH: GKI_freebuf (p_data); return; case RFC_EVENT_TIMEOUT: p_port->rfc.state = RFC_STATE_CLOSED; PORT_DlcEstablishCnf (p_port->rfc.p_mcb, p_port->dlci, p_port->rfc.p_mcb->peer_l2cap_mtu, RFCOMM_ERROR); return; } RFCOMM_TRACE_WARNING ("Port state sabme_wait_ua Event ignored %d", event); }
/******************************************************************************* ** ** Function rfc_port_sm_state_closed ** ** Description This function handles events when the port is in ** CLOSED state. This state exists when port is ** being initially established. ** ** Returns void ** *******************************************************************************/ void rfc_port_sm_state_closed (tPORT *p_port, UINT16 event, void *p_data) { switch (event) { case RFC_EVENT_OPEN: p_port->rfc.state = RFC_STATE_ORIG_WAIT_SEC_CHECK; btm_sec_mx_access_request (p_port->rfc.p_mcb->bd_addr, BT_PSM_RFCOMM, TRUE, BTM_SEC_PROTO_RFCOMM, (UINT32)(p_port->dlci / 2), &rfc_sec_check_complete, p_port); return; case RFC_EVENT_CLOSE: break; case RFC_EVENT_CLEAR: return; case RFC_EVENT_DATA: GKI_freebuf (p_data); break; case RFC_EVENT_SABME: /* make sure the multiplexer disconnect timer is not running (reconnect case) */ rfc_timer_stop(p_port->rfc.p_mcb ); /* Open will be continued after security checks are passed */ p_port->rfc.state = RFC_STATE_TERM_WAIT_SEC_CHECK; btm_sec_mx_access_request (p_port->rfc.p_mcb->bd_addr, BT_PSM_RFCOMM, FALSE, BTM_SEC_PROTO_RFCOMM, (UINT32)(p_port->dlci / 2), &rfc_sec_check_complete, p_port); return; case RFC_EVENT_UA: return; case RFC_EVENT_DM: rfc_port_closed (p_port); return; case RFC_EVENT_UIH: GKI_freebuf (p_data); rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, FALSE); return; case RFC_EVENT_DISC: rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, FALSE); return; case RFC_EVENT_TIMEOUT: Port_TimeOutCloseMux( p_port->rfc.p_mcb ) ; RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; } RFCOMM_TRACE_WARNING ("Port state closed Event ignored %d", event); return; }
/******************************************************************************* ** ** Function RFCOMM_ConfigCnf ** ** Description This is a callback function called by L2CAP when ** L2CA_ConfigCnf received. Save L2CAP handle and dispatch ** event to the FSM. ** *******************************************************************************/ void RFCOMM_ConfigCnf (UINT16 lcid, tL2CAP_CFG_INFO *p_cfg) { tRFC_MCB *p_mcb = rfc_find_lcid_mcb (lcid); if (!p_mcb) { RFCOMM_TRACE_ERROR ("RFCOMM_ConfigCnf no MCB LCID:0x%x", lcid); return; } rfc_mx_sm_execute (p_mcb, RFC_MX_EVENT_CONF_CNF, (void *)p_cfg); }
/******************************************************************************* ** ** Function rfc_port_sm_orig_wait_sec_check ** ** Description This function handles events for the port in the ** ORIG_WAIT_SEC_CHECK state. RFCOMM is waiting for Security ** manager to finish before sending SABME to the peer ** ** Returns void ** *******************************************************************************/ void rfc_port_sm_orig_wait_sec_check (tPORT *p_port, UINT16 event, void *p_data) { switch (event) { case RFC_EVENT_SEC_COMPLETE: if (*((UINT8 *)p_data) != BTM_SUCCESS) { p_port->rfc.p_mcb->is_disc_initiator = TRUE; PORT_DlcEstablishCnf (p_port->rfc.p_mcb, p_port->dlci, 0, RFCOMM_SECURITY_ERR); rfc_port_closed (p_port); return; } rfc_send_sabme (p_port->rfc.p_mcb, p_port->dlci); rfc_port_timer_start (p_port, RFC_PORT_T1_TIMEOUT); p_port->rfc.state = RFC_STATE_SABME_WAIT_UA; return; case RFC_EVENT_OPEN: case RFC_EVENT_SABME: /* Peer should not use the same dlci */ RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; case RFC_EVENT_CLOSE: btm_sec_abort_access_req (p_port->rfc.p_mcb->bd_addr); rfc_port_closed (p_port); return; case RFC_EVENT_DATA: RFCOMM_TRACE_ERROR ("Port error state Orig Wait Sec event Data"); GKI_freebuf (p_data); return; case RFC_EVENT_UIH: GKI_freebuf (p_data); return; } RFCOMM_TRACE_WARNING ("Port state orig_wait_sec_check Event ignored %d", event); }
/******************************************************************************* ** ** Function RFCOMM_CongestionStatusInd ** ** Description This is a callback function called by L2CAP when ** data RFCOMM L2CAP congestion status changes ** *******************************************************************************/ void RFCOMM_CongestionStatusInd (UINT16 lcid, BOOLEAN is_congested) { tRFC_MCB *p_mcb = rfc_find_lcid_mcb (lcid); if (!p_mcb) { RFCOMM_TRACE_ERROR ("RFCOMM_CongestionStatusInd dropped LCID:0x%x", lcid); return; } else { RFCOMM_TRACE_EVENT ("RFCOMM_CongestionStatusInd LCID:0x%x", lcid); } rfc_process_l2cap_congestion (p_mcb, is_congested); }
/******************************************************************************* ** ** Function rfc_port_sm_disc_wait_ua ** ** Description This function handles events when DISC on the DLC was ** sent and SM is waiting for UA or DM. ** ** Returns void ** *******************************************************************************/ void rfc_port_sm_disc_wait_ua (tPORT *p_port, UINT16 event, void *p_data) { switch (event) { case RFC_EVENT_OPEN: case RFC_EVENT_ESTABLISH_RSP: RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; case RFC_EVENT_CLEAR: rfc_port_closed (p_port); return; case RFC_EVENT_DATA: GKI_freebuf (p_data); return; case RFC_EVENT_UA: p_port->rfc.p_mcb->is_disc_initiator = TRUE; /* Case falls through */ case RFC_EVENT_DM: rfc_port_closed (p_port); return; case RFC_EVENT_SABME: rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, TRUE); return; case RFC_EVENT_DISC: rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, TRUE); return; case RFC_EVENT_UIH: GKI_freebuf (p_data); rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, FALSE); return; case RFC_EVENT_TIMEOUT: rfc_port_closed (p_port); return; } RFCOMM_TRACE_WARNING ("Port state disc_wait_ua Event ignored %d", event); }
/******************************************************************************* ** ** Function rfc_find_lcid_mcb ** ** Description This function returns MCB block supporting local cid ** *******************************************************************************/ tRFC_MCB *rfc_find_lcid_mcb (UINT16 lcid) { tRFC_MCB *p_mcb; if (lcid - L2CAP_BASE_APPL_CID >= MAX_L2CAP_CHANNELS) { RFCOMM_TRACE_ERROR ("rfc_find_lcid_mcb LCID:0x%x", lcid); return (NULL); } else { if ((p_mcb = rfc_cb.rfc.p_rfc_lcid_mcb[lcid - L2CAP_BASE_APPL_CID]) != NULL) { if (p_mcb->lcid != lcid) { RFCOMM_TRACE_WARNING ("rfc_find_lcid_mcb LCID reused LCID:0x%x current:0x%x", lcid, p_mcb->lcid); return (NULL); } } } return (p_mcb); }
/******************************************************************************* ** ** Function rfc_check_send_cmd ** ** Description This function is called to send an RFCOMM command message ** or to handle the RFCOMM command message queue. ** ** Returns void ** *******************************************************************************/ void rfc_check_send_cmd(tRFC_MCB *p_mcb, BT_HDR *p_buf) { BT_HDR *p; /* if passed a buffer queue it */ if (p_buf != NULL) { if (p_mcb->cmd_q == NULL) { RFCOMM_TRACE_ERROR("%s: empty queue: p_mcb = %p p_mcb->lcid = %u cached p_mcb = %p", __func__, p_mcb, p_mcb->lcid, rfc_find_lcid_mcb(p_mcb->lcid)); } fixed_queue_enqueue(p_mcb->cmd_q, p_buf); } /* handle queue if L2CAP not congested */ while (p_mcb->l2cap_congested == FALSE) { if ((p = (BT_HDR *)fixed_queue_try_dequeue(p_mcb->cmd_q)) == NULL) { break; } L2CA_DataWrite (p_mcb->lcid, p); } }
/******************************************************************************* ** ** Function rfc_port_sm_opened ** ** Description This function handles events for the port in the OPENED ** state ** ** Returns void ** *******************************************************************************/ void rfc_port_sm_opened (tPORT *p_port, UINT16 event, void *p_data) { switch (event) { case RFC_EVENT_OPEN: RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; case RFC_EVENT_CLOSE: rfc_port_timer_start (p_port, RFC_DISC_TIMEOUT); rfc_send_disc (p_port->rfc.p_mcb, p_port->dlci); p_port->rfc.expected_rsp = 0; p_port->rfc.state = RFC_STATE_DISC_WAIT_UA; return; case RFC_EVENT_CLEAR: rfc_port_closed (p_port); return; case RFC_EVENT_DATA: /* Send credits in the frame. Pass them in the layer specific member of the hdr. */ /* There might be an initial case when we reduced rx_max and credit_rx is still */ /* bigger. Make sure that we do not send 255 */ if ((p_port->rfc.p_mcb->flow == PORT_FC_CREDIT) && (((BT_HDR *)p_data)->len < p_port->peer_mtu) && (!p_port->rx.user_fc) && (p_port->credit_rx_max > p_port->credit_rx)) { ((BT_HDR *)p_data)->layer_specific = (UINT8) (p_port->credit_rx_max - p_port->credit_rx); p_port->credit_rx = p_port->credit_rx_max; } else { ((BT_HDR *)p_data)->layer_specific = 0; } rfc_send_buf_uih (p_port->rfc.p_mcb, p_port->dlci, (BT_HDR *)p_data); rfc_dec_credit (p_port); return; case RFC_EVENT_UA: return; case RFC_EVENT_SABME: rfc_send_ua (p_port->rfc.p_mcb, p_port->dlci); return; case RFC_EVENT_DM: PORT_DlcReleaseInd (p_port->rfc.p_mcb, p_port->dlci); rfc_port_closed (p_port); return; case RFC_EVENT_DISC: p_port->rfc.state = RFC_STATE_CLOSED; rfc_send_ua (p_port->rfc.p_mcb, p_port->dlci); if (! fixed_queue_is_empty(p_port->rx.queue)) { /* give a chance to upper stack to close port properly */ RFCOMM_TRACE_DEBUG("port queue is not empty"); rfc_port_timer_start (p_port, RFC_DISC_TIMEOUT); } else { PORT_DlcReleaseInd (p_port->rfc.p_mcb, p_port->dlci); } return; case RFC_EVENT_UIH: rfc_port_uplink_data (p_port, (BT_HDR *)p_data); return; case RFC_EVENT_TIMEOUT: Port_TimeOutCloseMux( p_port->rfc.p_mcb ) ; RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; } RFCOMM_TRACE_WARNING ("Port state opened Event ignored %d", event); }
/******************************************************************************* ** ** Function rfc_port_sm_term_wait_sec_check ** ** Description This function handles events for the port in the ** WAIT_SEC_CHECK state. SABME has been received from the ** peer and Security Manager verifes BD_ADDR, before we can ** send ESTABLISH_IND to the Port entity ** ** Returns void ** *******************************************************************************/ void rfc_port_sm_term_wait_sec_check (tPORT *p_port, UINT16 event, void *p_data) { switch (event) { case RFC_EVENT_SEC_COMPLETE: if (*((UINT8 *)p_data) != BTM_SUCCESS) { /* Authentication/authorization failed. If link is still */ /* up send DM and check if we need to start inactive timer */ if (p_port->rfc.p_mcb) { rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, TRUE); p_port->rfc.p_mcb->is_disc_initiator = TRUE; port_rfc_closed (p_port, PORT_SEC_FAILED); } } else { PORT_DlcEstablishInd (p_port->rfc.p_mcb, p_port->dlci, p_port->rfc.p_mcb->peer_l2cap_mtu); } return; case RFC_EVENT_OPEN: case RFC_EVENT_CLOSE: RFCOMM_TRACE_ERROR ("Port error state %d event %d", p_port->rfc.state, event); return; case RFC_EVENT_CLEAR: btm_sec_abort_access_req (p_port->rfc.p_mcb->bd_addr); rfc_port_closed (p_port); return; case RFC_EVENT_DATA: RFCOMM_TRACE_ERROR ("Port error state Term Wait Sec event Data"); osi_free (p_data); return; case RFC_EVENT_SABME: /* Ignore SABME retransmission if client dares to do so */ return; case RFC_EVENT_DISC: btm_sec_abort_access_req (p_port->rfc.p_mcb->bd_addr); p_port->rfc.state = RFC_STATE_CLOSED; rfc_send_ua (p_port->rfc.p_mcb, p_port->dlci); PORT_DlcReleaseInd (p_port->rfc.p_mcb, p_port->dlci); return; case RFC_EVENT_UIH: osi_free (p_data); return; case RFC_EVENT_ESTABLISH_RSP: if (*((UINT8 *)p_data) != RFCOMM_SUCCESS) { if (p_port->rfc.p_mcb) { rfc_send_dm (p_port->rfc.p_mcb, p_port->dlci, TRUE); } } else { rfc_send_ua (p_port->rfc.p_mcb, p_port->dlci); p_port->rfc.state = RFC_STATE_OPENED; } return; } RFCOMM_TRACE_WARNING ("Port state term_wait_sec_check Event ignored %d", event); }
/******************************************************************************* ** ** Function RFCOMM_ConnectCnf ** ** Description This is a callback function called by L2CAP when ** L2CA_ConnectCnf received. Save L2CAP handle and dispatch ** event to the FSM. ** *******************************************************************************/ void RFCOMM_ConnectCnf (UINT16 lcid, UINT16 result) { tRFC_MCB *p_mcb = rfc_find_lcid_mcb (lcid); if (!p_mcb) { RFCOMM_TRACE_ERROR ("RFCOMM_ConnectCnf LCID:0x%x", lcid); return; } if (p_mcb->pending_lcid) { /* if peer rejects our connect request but peer's connect request is pending */ if (result != L2CAP_CONN_OK ) { UINT16 i; UINT8 idx; RFCOMM_TRACE_DEBUG ("RFCOMM_ConnectCnf retry as acceptor on pending LCID(0x%x)", p_mcb->pending_lcid); /* remove mcb from mapping table */ rfc_save_lcid_mcb (NULL, p_mcb->lcid); p_mcb->lcid = p_mcb->pending_lcid; p_mcb->is_initiator = FALSE; p_mcb->state = RFC_MX_STATE_IDLE; /* store mcb into mapping table */ rfc_save_lcid_mcb (p_mcb, p_mcb->lcid); /* update direction bit */ for (i = 0; i < RFCOMM_MAX_DLCI; i += 2) { if ((idx = p_mcb->port_inx[i]) != 0) { p_mcb->port_inx[i] = 0; p_mcb->port_inx[i+1] = idx; rfc_cb.port.port[idx - 1].dlci += 1; RFCOMM_TRACE_DEBUG ("RFCOMM MX - DLCI:%d -> %d", i, rfc_cb.port.port[idx - 1].dlci); } } rfc_mx_sm_execute (p_mcb, RFC_MX_EVENT_CONN_IND, &(p_mcb->pending_id)); return; } else { RFCOMM_TRACE_DEBUG ("RFCOMM_ConnectCnf peer gave up pending LCID(0x%x)", p_mcb->pending_lcid); /* Peer gave up his connection request, make sure cleaning up L2CAP channel */ L2CA_ConnectRsp (p_mcb->bd_addr, p_mcb->pending_id, p_mcb->pending_lcid, L2CAP_CONN_NO_RESOURCES, 0); p_mcb->pending_lcid = 0; } } /* Save LCID to be used in all consecutive calls to L2CAP */ p_mcb->lcid = lcid; rfc_mx_sm_execute (p_mcb, RFC_MX_EVENT_CONN_CNF, &result); }
/******************************************************************************* ** ** Function PORT_DataInd ** ** Description This function is called from the RFCOMM layer when data ** buffer is received from the peer. ** *******************************************************************************/ void PORT_DataInd (tRFC_MCB *p_mcb, UINT8 dlci, BT_HDR *p_buf) { tPORT *p_port = port_find_mcb_dlci_port (p_mcb, dlci); UINT8 rx_char1; UINT32 events = 0; UINT8 *p; int i; RFCOMM_TRACE_EVENT("PORT_DataInd with data length %d, p_mcb:%p,p_port:%p,dlci:%d", p_buf->len, p_mcb, p_port, dlci); if (!p_port) { GKI_freebuf (p_buf); return; } /* If client registered callout callback with flow control we can just deliver receive data */ if (p_port->p_data_co_callback) { /* Another packet is delivered to user. Send credits to peer if required */ if(p_port->p_data_co_callback(p_port->inx, (UINT8*)p_buf, -1, DATA_CO_CALLBACK_TYPE_INCOMING)) port_flow_control_peer(p_port, TRUE, 1); else port_flow_control_peer(p_port, FALSE, 0); //GKI_freebuf (p_buf); return; } else RFCOMM_TRACE_ERROR("PORT_DataInd, p_port:%p, p_data_co_callback is null", p_port); /* If client registered callback we can just deliver receive data */ if (p_port->p_data_callback) { /* Another packet is delivered to user. Send credits to peer if required */ port_flow_control_peer(p_port, TRUE, 1); p_port->p_data_callback (p_port->inx, (UINT8 *)(p_buf + 1) + p_buf->offset, p_buf->len); GKI_freebuf (p_buf); return; } /* Check if rx queue exceeds the limit */ if ((p_port->rx.queue_size + p_buf->len > PORT_RX_CRITICAL_WM) || (GKI_queue_length(&p_port->rx.queue) + 1 > p_port->rx_buf_critical)) { RFCOMM_TRACE_EVENT ("PORT_DataInd. Buffer over run. Dropping the buffer"); GKI_freebuf (p_buf); RFCOMM_LineStatusReq (p_mcb, dlci, LINE_STATUS_OVERRUN); return; } /* If user registered to receive notification when a particular byte is */ /* received we mast check all received bytes */ if (((rx_char1 = p_port->user_port_pars.rx_char1) != 0) && (p_port->ev_mask & PORT_EV_RXFLAG)) { for (i = 0, p = (UINT8 *)(p_buf + 1) + p_buf->offset; i < p_buf->len; i++) { if (*p++ == rx_char1) { events |= PORT_EV_RXFLAG; break; } } } PORT_SCHEDULE_LOCK; GKI_enqueue (&p_port->rx.queue, p_buf); p_port->rx.queue_size += p_buf->len; PORT_SCHEDULE_UNLOCK; /* perform flow control procedures if necessary */ port_flow_control_peer(p_port, FALSE, 0); /* If user indicated flow control can not deliver any notifications to him */ if (p_port->rx.user_fc) { if (events & PORT_EV_RXFLAG) p_port->rx_flag_ev_pending = TRUE; return; } events |= PORT_EV_RXCHAR; /* Mask out all events that are not of interest to user */ events &= p_port->ev_mask; if (p_port->p_callback && events) p_port->p_callback (events, p_port->inx); }