Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netbt/hci_link.c
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: hci_link.c,v 1.20.12.1 2010/11/21 21:36:07 riz Exp $ */ 2 3 /*- 4 * Copyright (c) 2005 Iain Hibbert. 5 * Copyright (c) 2006 Itronix Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. The name of Itronix Inc. may not be used to endorse 17 * or promote products derived from this software without specific 18 * prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY 24 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 27 * ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #include <sys/cdefs.h> 34 __KERNEL_RCSID(0, "$NetBSD: hci_link.c,v 1.20.12.1 2010/11/21 21:36:07 riz Exp $"); 35 36 #include <sys/param.h> 37 #include <sys/kernel.h> 38 #include <sys/malloc.h> 39 #include <sys/mbuf.h> 40 #include <sys/proc.h> 41 #include <sys/queue.h> 42 #include <sys/systm.h> 43 44 #include <netbt/bluetooth.h> 45 #include <netbt/hci.h> 46 #include <netbt/l2cap.h> 47 #include <netbt/sco.h> 48 49 /******************************************************************************* 50 * 51 * HCI ACL Connections 52 */ 53 54 /* 55 * Automatically expire unused ACL connections after this number of 56 * seconds (if zero, do not expire unused connections) [sysctl] 57 */ 58 int hci_acl_expiry = 10; /* seconds */ 59 60 /* 61 * hci_acl_open(unit, bdaddr) 62 * 63 * open ACL connection to remote bdaddr. Only one ACL connection is permitted 64 * between any two Bluetooth devices, so we look for an existing one before 65 * trying to start a new one. 66 */ 67 struct hci_link * 68 hci_acl_open(struct hci_unit *unit, bdaddr_t *bdaddr) 69 { 70 struct hci_link *link; 71 struct hci_memo *memo; 72 hci_create_con_cp cp; 73 int err; 74 75 KASSERT(unit != NULL); 76 KASSERT(bdaddr != NULL); 77 78 link = hci_link_lookup_bdaddr(unit, bdaddr, HCI_LINK_ACL); 79 if (link == NULL) { 80 link = hci_link_alloc(unit, bdaddr, HCI_LINK_ACL); 81 if (link == NULL) 82 return NULL; 83 } 84 85 switch(link->hl_state) { 86 case HCI_LINK_CLOSED: 87 /* 88 * open connection to remote device 89 */ 90 memset(&cp, 0, sizeof(cp)); 91 bdaddr_copy(&cp.bdaddr, bdaddr); 92 cp.pkt_type = htole16(unit->hci_packet_type); 93 94 memo = hci_memo_find(unit, bdaddr); 95 if (memo != NULL) { 96 cp.page_scan_rep_mode = memo->page_scan_rep_mode; 97 cp.page_scan_mode = memo->page_scan_mode; 98 cp.clock_offset = memo->clock_offset; 99 } 100 101 if (unit->hci_link_policy & HCI_LINK_POLICY_ENABLE_ROLE_SWITCH) 102 cp.accept_role_switch = 1; 103 104 err = hci_send_cmd(unit, HCI_CMD_CREATE_CON, &cp, sizeof(cp)); 105 if (err) { 106 hci_link_free(link, err); 107 return NULL; 108 } 109 110 link->hl_flags |= HCI_LINK_CREATE_CON; 111 link->hl_state = HCI_LINK_WAIT_CONNECT; 112 break; 113 114 case HCI_LINK_WAIT_CONNECT: 115 case HCI_LINK_WAIT_AUTH: 116 case HCI_LINK_WAIT_ENCRYPT: 117 case HCI_LINK_WAIT_SECURE: 118 /* 119 * somebody else already trying to connect, we just 120 * sit on the bench with them.. 121 */ 122 break; 123 124 case HCI_LINK_OPEN: 125 /* 126 * If already open, halt any expiry timeouts. We dont need 127 * to care about already invoking timeouts since refcnt >0 128 * will keep the link alive. 129 */ 130 callout_stop(&link->hl_expire); 131 break; 132 133 default: 134 UNKNOWN(link->hl_state); 135 return NULL; 136 } 137 138 /* open */ 139 link->hl_refcnt++; 140 141 return link; 142 } 143 144 /* 145 * Close ACL connection. When there are no more references to this link, 146 * we can either close it down or schedule a delayed closedown. 147 */ 148 void 149 hci_acl_close(struct hci_link *link, int err) 150 { 151 152 KASSERT(link != NULL); 153 154 if (--link->hl_refcnt == 0) { 155 if (link->hl_state == HCI_LINK_CLOSED) 156 hci_link_free(link, err); 157 else if (hci_acl_expiry > 0) 158 callout_schedule(&link->hl_expire, hci_acl_expiry * hz); 159 } 160 } 161 162 /* 163 * Incoming ACL connection. 164 * 165 * For now, we accept all connections but it would be better to check 166 * the L2CAP listen list and only accept when there is a listener 167 * available. 168 * 169 * There should not be a link to the same bdaddr already, we check 170 * anyway though its left unhandled for now. 171 */ 172 struct hci_link * 173 hci_acl_newconn(struct hci_unit *unit, bdaddr_t *bdaddr) 174 { 175 struct hci_link *link; 176 177 link = hci_link_lookup_bdaddr(unit, bdaddr, HCI_LINK_ACL); 178 if (link != NULL) 179 return NULL; 180 181 link = hci_link_alloc(unit, bdaddr, HCI_LINK_ACL); 182 if (link != NULL) { 183 link->hl_state = HCI_LINK_WAIT_CONNECT; 184 185 if (hci_acl_expiry > 0) 186 callout_schedule(&link->hl_expire, hci_acl_expiry * hz); 187 } 188 189 return link; 190 } 191 192 void 193 hci_acl_timeout(void *arg) 194 { 195 struct hci_link *link = arg; 196 hci_discon_cp cp; 197 int err; 198 199 mutex_enter(bt_lock); 200 callout_ack(&link->hl_expire); 201 202 if (link->hl_refcnt > 0) 203 goto out; 204 205 DPRINTF("link #%d expired\n", link->hl_handle); 206 207 switch (link->hl_state) { 208 case HCI_LINK_CLOSED: 209 case HCI_LINK_WAIT_CONNECT: 210 hci_link_free(link, ECONNRESET); 211 break; 212 213 case HCI_LINK_WAIT_AUTH: 214 case HCI_LINK_WAIT_ENCRYPT: 215 case HCI_LINK_WAIT_SECURE: 216 case HCI_LINK_OPEN: 217 cp.con_handle = htole16(link->hl_handle); 218 cp.reason = 0x13; /* "Remote User Terminated Connection" */ 219 220 err = hci_send_cmd(link->hl_unit, HCI_CMD_DISCONNECT, 221 &cp, sizeof(cp)); 222 223 if (err) { 224 DPRINTF("error %d sending HCI_CMD_DISCONNECT\n", 225 err); 226 } 227 228 break; 229 230 default: 231 UNKNOWN(link->hl_state); 232 break; 233 } 234 235 out: 236 mutex_exit(bt_lock); 237 } 238 239 /* 240 * Initiate any Link Mode change requests. 241 */ 242 int 243 hci_acl_setmode(struct hci_link *link) 244 { 245 int err; 246 247 KASSERT(link != NULL); 248 KASSERT(link->hl_unit != NULL); 249 250 if (link->hl_state != HCI_LINK_OPEN) 251 return EINPROGRESS; 252 253 if ((link->hl_flags & HCI_LINK_AUTH_REQ) 254 && !(link->hl_flags & HCI_LINK_AUTH)) { 255 hci_auth_req_cp cp; 256 257 DPRINTF("requesting auth for handle #%d\n", 258 link->hl_handle); 259 260 link->hl_state = HCI_LINK_WAIT_AUTH; 261 cp.con_handle = htole16(link->hl_handle); 262 err = hci_send_cmd(link->hl_unit, HCI_CMD_AUTH_REQ, 263 &cp, sizeof(cp)); 264 265 return (err == 0 ? EINPROGRESS : err); 266 } 267 268 if ((link->hl_flags & HCI_LINK_ENCRYPT_REQ) 269 && !(link->hl_flags & HCI_LINK_ENCRYPT)) { 270 hci_set_con_encryption_cp cp; 271 272 /* XXX we should check features for encryption capability */ 273 274 DPRINTF("requesting encryption for handle #%d\n", 275 link->hl_handle); 276 277 link->hl_state = HCI_LINK_WAIT_ENCRYPT; 278 cp.con_handle = htole16(link->hl_handle); 279 cp.encryption_enable = 0x01; 280 281 err = hci_send_cmd(link->hl_unit, HCI_CMD_SET_CON_ENCRYPTION, 282 &cp, sizeof(cp)); 283 284 return (err == 0 ? EINPROGRESS : err); 285 } 286 287 if ((link->hl_flags & HCI_LINK_SECURE_REQ)) { 288 hci_change_con_link_key_cp cp; 289 290 /* always change link key for SECURE requests */ 291 link->hl_flags &= ~HCI_LINK_SECURE; 292 293 DPRINTF("changing link key for handle #%d\n", 294 link->hl_handle); 295 296 link->hl_state = HCI_LINK_WAIT_SECURE; 297 cp.con_handle = htole16(link->hl_handle); 298 299 err = hci_send_cmd(link->hl_unit, HCI_CMD_CHANGE_CON_LINK_KEY, 300 &cp, sizeof(cp)); 301 302 return (err == 0 ? EINPROGRESS : err); 303 } 304 305 return 0; 306 } 307 308 /* 309 * Link Mode changed. 310 * 311 * This is called from event handlers when the mode change 312 * is complete. We notify upstream and restart the link. 313 */ 314 void 315 hci_acl_linkmode(struct hci_link *link) 316 { 317 struct l2cap_channel *chan, *next; 318 int err, mode = 0; 319 320 DPRINTF("handle #%d, auth %s, encrypt %s, secure %s\n", 321 link->hl_handle, 322 (link->hl_flags & HCI_LINK_AUTH ? "on" : "off"), 323 (link->hl_flags & HCI_LINK_ENCRYPT ? "on" : "off"), 324 (link->hl_flags & HCI_LINK_SECURE ? "on" : "off")); 325 326 if (link->hl_flags & HCI_LINK_AUTH) 327 mode |= L2CAP_LM_AUTH; 328 329 if (link->hl_flags & HCI_LINK_ENCRYPT) 330 mode |= L2CAP_LM_ENCRYPT; 331 332 if (link->hl_flags & HCI_LINK_SECURE) 333 mode |= L2CAP_LM_SECURE; 334 335 /* 336 * The link state will only be OPEN here if the mode change 337 * was successful. So, we can proceed with L2CAP connections, 338 * or notify already establshed channels, to allow any that 339 * are dissatisfied to disconnect before we restart. 340 */ 341 next = LIST_FIRST(&l2cap_active_list); 342 while ((chan = next) != NULL) { 343 next = LIST_NEXT(chan, lc_ncid); 344 345 if (chan->lc_link != link) 346 continue; 347 348 switch(chan->lc_state) { 349 case L2CAP_WAIT_SEND_CONNECT_REQ: /* we are connecting */ 350 if ((mode & chan->lc_mode) != chan->lc_mode) { 351 l2cap_close(chan, ECONNABORTED); 352 break; 353 } 354 355 chan->lc_state = L2CAP_WAIT_RECV_CONNECT_RSP; 356 err = l2cap_send_connect_req(chan); 357 if (err) { 358 l2cap_close(chan, err); 359 break; 360 } 361 break; 362 363 case L2CAP_WAIT_SEND_CONNECT_RSP: /* they are connecting */ 364 if ((mode & chan->lc_mode) != chan->lc_mode) { 365 l2cap_send_connect_rsp(link, chan->lc_ident, 366 0, chan->lc_rcid, 367 L2CAP_SECURITY_BLOCK); 368 369 l2cap_close(chan, ECONNABORTED); 370 break; 371 } 372 373 l2cap_send_connect_rsp(link, chan->lc_ident, 374 chan->lc_lcid, chan->lc_rcid, 375 L2CAP_SUCCESS); 376 377 chan->lc_state = L2CAP_WAIT_CONFIG; 378 chan->lc_flags |= (L2CAP_WAIT_CONFIG_RSP | L2CAP_WAIT_CONFIG_REQ); 379 err = l2cap_send_config_req(chan); 380 if (err) { 381 l2cap_close(chan, err); 382 break; 383 } 384 break; 385 386 case L2CAP_WAIT_RECV_CONNECT_RSP: 387 case L2CAP_WAIT_CONFIG: 388 case L2CAP_OPEN: /* already established */ 389 (*chan->lc_proto->linkmode)(chan->lc_upper, mode); 390 break; 391 392 default: 393 break; 394 } 395 } 396 397 link->hl_state = HCI_LINK_OPEN; 398 hci_acl_start(link); 399 } 400 401 /* 402 * Receive ACL Data 403 * 404 * we accumulate packet fragments on the hci_link structure 405 * until a full L2CAP frame is ready, then send it on. 406 */ 407 void 408 hci_acl_recv(struct mbuf *m, struct hci_unit *unit) 409 { 410 struct hci_link *link; 411 hci_acldata_hdr_t hdr; 412 uint16_t handle, want; 413 int pb, got; 414 415 KASSERT(m != NULL); 416 KASSERT(unit != NULL); 417 418 KASSERT(m->m_pkthdr.len >= sizeof(hdr)); 419 m_copydata(m, 0, sizeof(hdr), &hdr); 420 m_adj(m, sizeof(hdr)); 421 422 #ifdef DIAGNOSTIC 423 if (hdr.type != HCI_ACL_DATA_PKT) { 424 aprint_error_dev(unit->hci_dev, "bad ACL packet type\n"); 425 goto bad; 426 } 427 428 if (m->m_pkthdr.len != le16toh(hdr.length)) { 429 aprint_error_dev(unit->hci_dev, 430 "bad ACL packet length (%d != %d)\n", 431 m->m_pkthdr.len, le16toh(hdr.length)); 432 goto bad; 433 } 434 #endif 435 436 hdr.length = le16toh(hdr.length); 437 hdr.con_handle = le16toh(hdr.con_handle); 438 handle = HCI_CON_HANDLE(hdr.con_handle); 439 pb = HCI_PB_FLAG(hdr.con_handle); 440 441 link = hci_link_lookup_handle(unit, handle); 442 if (link == NULL) { 443 hci_discon_cp cp; 444 445 DPRINTF("%s: dumping packet for unknown handle #%d\n", 446 device_xname(unit->hci_dev), handle); 447 448 /* 449 * There is no way to find out what this connection handle is 450 * for, just get rid of it. This may happen, if a USB dongle 451 * is plugged into a self powered hub and does not reset when 452 * the system is shut down. 453 * 454 * This can cause a problem with some Broadcom controllers 455 * which emit empty ACL packets during connection setup, so 456 * only disconnect where data is present. 457 */ 458 if (hdr.length > 0) { 459 cp.con_handle = htole16(handle); 460 cp.reason = 0x13;/*"Remote User Terminated Connection"*/ 461 hci_send_cmd(unit, HCI_CMD_DISCONNECT, &cp, sizeof(cp)); 462 } 463 goto bad; 464 } 465 466 switch (pb) { 467 case HCI_PACKET_START: 468 if (link->hl_rxp != NULL) 469 aprint_error_dev(unit->hci_dev, 470 "dropped incomplete ACL packet\n"); 471 472 if (m->m_pkthdr.len < sizeof(l2cap_hdr_t)) { 473 aprint_error_dev(unit->hci_dev, "short ACL packet\n"); 474 goto bad; 475 } 476 477 link->hl_rxp = m; 478 got = m->m_pkthdr.len; 479 break; 480 481 case HCI_PACKET_FRAGMENT: 482 if (link->hl_rxp == NULL) { 483 aprint_error_dev(unit->hci_dev, 484 "unexpected packet fragment\n"); 485 486 goto bad; 487 } 488 489 got = m->m_pkthdr.len + link->hl_rxp->m_pkthdr.len; 490 m_cat(link->hl_rxp, m); 491 m = link->hl_rxp; 492 m->m_pkthdr.len = got; 493 break; 494 495 default: 496 aprint_error_dev(unit->hci_dev, "unknown packet type\n"); 497 goto bad; 498 } 499 500 m_copydata(m, 0, sizeof(want), &want); 501 want = le16toh(want) + sizeof(l2cap_hdr_t) - got; 502 503 if (want > 0) 504 return; 505 506 link->hl_rxp = NULL; 507 508 if (want == 0) { 509 l2cap_recv_frame(m, link); 510 return; 511 } 512 513 bad: 514 m_freem(m); 515 } 516 517 /* 518 * Send ACL data on link 519 * 520 * We must fragment packets into chunks of less than unit->hci_max_acl_size and 521 * prepend a relevant ACL header to each fragment. We keep a PDU structure 522 * attached to the link, so that completed fragments can be marked off and 523 * more data requested from above once the PDU is sent. 524 */ 525 int 526 hci_acl_send(struct mbuf *m, struct hci_link *link, 527 struct l2cap_channel *chan) 528 { 529 struct l2cap_pdu *pdu; 530 struct mbuf *n = NULL; 531 int plen, mlen, num = 0; 532 533 KASSERT(link != NULL); 534 KASSERT(m != NULL); 535 KASSERT(m->m_flags & M_PKTHDR); 536 KASSERT(m->m_pkthdr.len > 0); 537 538 if (link->hl_state == HCI_LINK_CLOSED) { 539 m_freem(m); 540 return ENETDOWN; 541 } 542 543 pdu = pool_get(&l2cap_pdu_pool, PR_NOWAIT); 544 if (pdu == NULL) 545 goto nomem; 546 547 pdu->lp_chan = chan; 548 pdu->lp_pending = 0; 549 MBUFQ_INIT(&pdu->lp_data); 550 551 plen = m->m_pkthdr.len; 552 mlen = link->hl_unit->hci_max_acl_size; 553 554 DPRINTFN(5, "%s: handle #%d, plen = %d, max = %d\n", 555 device_xname(link->hl_unit->hci_dev), link->hl_handle, plen, mlen); 556 557 while (plen > 0) { 558 if (plen > mlen) { 559 n = m_split(m, mlen, M_DONTWAIT); 560 if (n == NULL) 561 goto nomem; 562 } else { 563 mlen = plen; 564 } 565 566 if (num++ == 0) 567 m->m_flags |= M_PROTO1; /* tag first fragment */ 568 569 DPRINTFN(10, "chunk of %d (plen = %d) bytes\n", mlen, plen); 570 MBUFQ_ENQUEUE(&pdu->lp_data, m); 571 m = n; 572 plen -= mlen; 573 } 574 575 TAILQ_INSERT_TAIL(&link->hl_txq, pdu, lp_next); 576 link->hl_txqlen += num; 577 578 hci_acl_start(link); 579 580 return 0; 581 582 nomem: 583 if (m) m_freem(m); 584 if (pdu) { 585 MBUFQ_DRAIN(&pdu->lp_data); 586 pool_put(&l2cap_pdu_pool, pdu); 587 } 588 589 return ENOMEM; 590 } 591 592 /* 593 * Start sending ACL data on link. 594 * 595 * This is called when the queue may need restarting: as new data 596 * is queued, after link mode changes have completed, or when device 597 * buffers have cleared. 598 * 599 * We may use all the available packet slots. The reason that we add 600 * the ACL encapsulation here rather than in hci_acl_send() is that L2CAP 601 * signal packets may be queued before the handle is given to us.. 602 */ 603 void 604 hci_acl_start(struct hci_link *link) 605 { 606 struct hci_unit *unit; 607 hci_acldata_hdr_t *hdr; 608 struct l2cap_pdu *pdu; 609 struct mbuf *m; 610 uint16_t handle; 611 612 KASSERT(link != NULL); 613 614 unit = link->hl_unit; 615 KASSERT(unit != NULL); 616 617 /* this is mainly to block ourselves (below) */ 618 if (link->hl_state != HCI_LINK_OPEN) 619 return; 620 621 if (link->hl_txqlen == 0 || unit->hci_num_acl_pkts == 0) 622 return; 623 624 /* find first PDU with data to send */ 625 pdu = TAILQ_FIRST(&link->hl_txq); 626 for (;;) { 627 if (pdu == NULL) 628 return; 629 630 if (MBUFQ_FIRST(&pdu->lp_data) != NULL) 631 break; 632 633 pdu = TAILQ_NEXT(pdu, lp_next); 634 } 635 636 while (unit->hci_num_acl_pkts > 0) { 637 MBUFQ_DEQUEUE(&pdu->lp_data, m); 638 KASSERT(m != NULL); 639 640 if (m->m_flags & M_PROTO1) 641 handle = HCI_MK_CON_HANDLE(link->hl_handle, 642 HCI_PACKET_START, 0); 643 else 644 handle = HCI_MK_CON_HANDLE(link->hl_handle, 645 HCI_PACKET_FRAGMENT, 0); 646 647 M_PREPEND(m, sizeof(*hdr), M_DONTWAIT); 648 if (m == NULL) 649 break; 650 651 hdr = mtod(m, hci_acldata_hdr_t *); 652 hdr->type = HCI_ACL_DATA_PKT; 653 hdr->con_handle = htole16(handle); 654 hdr->length = htole16(m->m_pkthdr.len - sizeof(*hdr)); 655 656 link->hl_txqlen--; 657 pdu->lp_pending++; 658 659 hci_output_acl(unit, m); 660 661 if (MBUFQ_FIRST(&pdu->lp_data) == NULL) { 662 if (pdu->lp_chan) { 663 /* 664 * This should enable streaming of PDUs - when 665 * we have placed all the fragments on the acl 666 * output queue, we trigger the L2CAP layer to 667 * send us down one more. Use a false state so 668 * we dont run into ourselves coming back from 669 * the future.. 670 */ 671 link->hl_state = HCI_LINK_BLOCK; 672 l2cap_start(pdu->lp_chan); 673 link->hl_state = HCI_LINK_OPEN; 674 } 675 676 pdu = TAILQ_NEXT(pdu, lp_next); 677 if (pdu == NULL) 678 break; 679 } 680 } 681 682 /* 683 * We had our turn now, move to the back of the queue to let 684 * other links have a go at the output buffers.. 685 */ 686 if (TAILQ_NEXT(link, hl_next)) { 687 TAILQ_REMOVE(&unit->hci_links, link, hl_next); 688 TAILQ_INSERT_TAIL(&unit->hci_links, link, hl_next); 689 } 690 } 691 692 /* 693 * Confirm ACL packets cleared from Controller buffers. We scan our PDU 694 * list to clear pending fragments and signal upstream for more data 695 * when a PDU is complete. 696 */ 697 void 698 hci_acl_complete(struct hci_link *link, int num) 699 { 700 struct l2cap_pdu *pdu; 701 struct l2cap_channel *chan; 702 703 DPRINTFN(5, "handle #%d (%d)\n", link->hl_handle, num); 704 705 while (num > 0) { 706 pdu = TAILQ_FIRST(&link->hl_txq); 707 if (pdu == NULL) { 708 aprint_error_dev(link->hl_unit->hci_dev, 709 "%d packets completed on handle #%x but none pending!\n", 710 num, link->hl_handle); 711 712 return; 713 } 714 715 if (num >= pdu->lp_pending) { 716 num -= pdu->lp_pending; 717 pdu->lp_pending = 0; 718 719 if (MBUFQ_FIRST(&pdu->lp_data) == NULL) { 720 TAILQ_REMOVE(&link->hl_txq, pdu, lp_next); 721 chan = pdu->lp_chan; 722 if (chan != NULL) { 723 chan->lc_pending--; 724 (*chan->lc_proto->complete) 725 (chan->lc_upper, 1); 726 727 if (chan->lc_pending == 0) 728 l2cap_start(chan); 729 } 730 731 pool_put(&l2cap_pdu_pool, pdu); 732 } 733 } else { 734 pdu->lp_pending -= num; 735 num = 0; 736 } 737 } 738 } 739 740 /******************************************************************************* 741 * 742 * HCI SCO Connections 743 */ 744 745 /* 746 * Incoming SCO Connection. We check the list for anybody willing 747 * to take it. 748 */ 749 struct hci_link * 750 hci_sco_newconn(struct hci_unit *unit, bdaddr_t *bdaddr) 751 { 752 struct sockaddr_bt laddr, raddr; 753 struct sco_pcb *pcb, *new; 754 struct hci_link *sco, *acl; 755 756 memset(&laddr, 0, sizeof(laddr)); 757 laddr.bt_len = sizeof(laddr); 758 laddr.bt_family = AF_BLUETOOTH; 759 bdaddr_copy(&laddr.bt_bdaddr, &unit->hci_bdaddr); 760 761 memset(&raddr, 0, sizeof(raddr)); 762 raddr.bt_len = sizeof(raddr); 763 raddr.bt_family = AF_BLUETOOTH; 764 bdaddr_copy(&raddr.bt_bdaddr, bdaddr); 765 766 /* 767 * There should already be an ACL link up and running before 768 * the controller sends us SCO connection requests, but you 769 * never know.. 770 */ 771 acl = hci_link_lookup_bdaddr(unit, bdaddr, HCI_LINK_ACL); 772 if (acl == NULL || acl->hl_state != HCI_LINK_OPEN) 773 return NULL; 774 775 LIST_FOREACH(pcb, &sco_pcb, sp_next) { 776 if ((pcb->sp_flags & SP_LISTENING) == 0) 777 continue; 778 779 new = (*pcb->sp_proto->newconn)(pcb->sp_upper, &laddr, &raddr); 780 if (new == NULL) 781 continue; 782 783 /* 784 * Ok, got new pcb so we can start a new link and fill 785 * in all the details. 786 */ 787 bdaddr_copy(&new->sp_laddr, &unit->hci_bdaddr); 788 bdaddr_copy(&new->sp_raddr, bdaddr); 789 790 sco = hci_link_alloc(unit, bdaddr, HCI_LINK_SCO); 791 if (sco == NULL) { 792 sco_detach(&new); 793 return NULL; 794 } 795 796 sco->hl_link = hci_acl_open(unit, bdaddr); 797 KASSERT(sco->hl_link == acl); 798 799 sco->hl_sco = new; 800 new->sp_link = sco; 801 802 new->sp_mtu = unit->hci_max_sco_size; 803 return sco; 804 } 805 806 return NULL; 807 } 808 809 /* 810 * receive SCO packet, we only need to strip the header and send 811 * it to the right handler 812 */ 813 void 814 hci_sco_recv(struct mbuf *m, struct hci_unit *unit) 815 { 816 struct hci_link *link; 817 hci_scodata_hdr_t hdr; 818 uint16_t handle; 819 820 KASSERT(m != NULL); 821 KASSERT(unit != NULL); 822 823 KASSERT(m->m_pkthdr.len >= sizeof(hdr)); 824 m_copydata(m, 0, sizeof(hdr), &hdr); 825 m_adj(m, sizeof(hdr)); 826 827 #ifdef DIAGNOSTIC 828 if (hdr.type != HCI_SCO_DATA_PKT) { 829 aprint_error_dev(unit->hci_dev, "bad SCO packet type\n"); 830 goto bad; 831 } 832 833 if (m->m_pkthdr.len != hdr.length) { 834 aprint_error_dev(unit->hci_dev, 835 "bad SCO packet length (%d != %d)\n", 836 m->m_pkthdr.len, hdr.length); 837 838 goto bad; 839 } 840 #endif 841 842 hdr.con_handle = le16toh(hdr.con_handle); 843 handle = HCI_CON_HANDLE(hdr.con_handle); 844 845 link = hci_link_lookup_handle(unit, handle); 846 if (link == NULL || link->hl_type == HCI_LINK_ACL) { 847 DPRINTF("%s: dumping packet for unknown handle #%d\n", 848 device_xname(unit->hci_dev), handle); 849 850 goto bad; 851 } 852 853 (*link->hl_sco->sp_proto->input)(link->hl_sco->sp_upper, m); 854 return; 855 856 bad: 857 m_freem(m); 858 } 859 860 void 861 hci_sco_start(struct hci_link *link) 862 { 863 } 864 865 /* 866 * SCO packets have completed at the controller, so we can 867 * signal up to free the buffer space. 868 */ 869 void 870 hci_sco_complete(struct hci_link *link, int num) 871 { 872 873 DPRINTFN(5, "handle #%d (num=%d)\n", link->hl_handle, num); 874 link->hl_sco->sp_pending--; 875 (*link->hl_sco->sp_proto->complete)(link->hl_sco->sp_upper, num); 876 } 877 878 /******************************************************************************* 879 * 880 * Generic HCI Connection alloc/free/lookup etc 881 */ 882 883 struct hci_link * 884 hci_link_alloc(struct hci_unit *unit, bdaddr_t *bdaddr, uint8_t type) 885 { 886 struct hci_link *link; 887 888 KASSERT(unit != NULL); 889 890 link = malloc(sizeof(struct hci_link), M_BLUETOOTH, M_NOWAIT | M_ZERO); 891 if (link == NULL) 892 return NULL; 893 894 link->hl_unit = unit; 895 link->hl_type = type; 896 link->hl_state = HCI_LINK_CLOSED; 897 bdaddr_copy(&link->hl_bdaddr, bdaddr); 898 899 /* init ACL portion */ 900 callout_init(&link->hl_expire, 0); 901 callout_setfunc(&link->hl_expire, hci_acl_timeout, link); 902 903 TAILQ_INIT(&link->hl_txq); /* outgoing packets */ 904 TAILQ_INIT(&link->hl_reqs); /* request queue */ 905 906 link->hl_mtu = L2CAP_MTU_DEFAULT; /* L2CAP signal mtu */ 907 link->hl_flush = L2CAP_FLUSH_TIMO_DEFAULT; /* flush timeout */ 908 909 /* init SCO portion */ 910 MBUFQ_INIT(&link->hl_data); 911 912 /* attach to unit */ 913 TAILQ_INSERT_TAIL(&unit->hci_links, link, hl_next); 914 return link; 915 } 916 917 void 918 hci_link_free(struct hci_link *link, int err) 919 { 920 struct l2cap_req *req; 921 struct l2cap_pdu *pdu; 922 struct l2cap_channel *chan, *next; 923 924 KASSERT(link != NULL); 925 926 DPRINTF("#%d, type = %d, state = %d, refcnt = %d\n", 927 link->hl_handle, link->hl_type, 928 link->hl_state, link->hl_refcnt); 929 930 /* ACL reference count */ 931 if (link->hl_refcnt > 0) { 932 next = LIST_FIRST(&l2cap_active_list); 933 while ((chan = next) != NULL) { 934 next = LIST_NEXT(chan, lc_ncid); 935 if (chan->lc_link == link) 936 l2cap_close(chan, err); 937 } 938 } 939 KASSERT(link->hl_refcnt == 0); 940 941 /* ACL L2CAP requests.. */ 942 while ((req = TAILQ_FIRST(&link->hl_reqs)) != NULL) 943 l2cap_request_free(req); 944 945 KASSERT(TAILQ_EMPTY(&link->hl_reqs)); 946 947 /* ACL outgoing data queue */ 948 while ((pdu = TAILQ_FIRST(&link->hl_txq)) != NULL) { 949 TAILQ_REMOVE(&link->hl_txq, pdu, lp_next); 950 MBUFQ_DRAIN(&pdu->lp_data); 951 if (pdu->lp_pending) 952 link->hl_unit->hci_num_acl_pkts += pdu->lp_pending; 953 954 pool_put(&l2cap_pdu_pool, pdu); 955 } 956 957 KASSERT(TAILQ_EMPTY(&link->hl_txq)); 958 959 /* ACL incoming data packet */ 960 if (link->hl_rxp != NULL) { 961 m_freem(link->hl_rxp); 962 link->hl_rxp = NULL; 963 } 964 965 /* SCO master ACL link */ 966 if (link->hl_link != NULL) { 967 hci_acl_close(link->hl_link, err); 968 link->hl_link = NULL; 969 } 970 971 /* SCO pcb */ 972 if (link->hl_sco != NULL) { 973 struct sco_pcb *pcb; 974 975 pcb = link->hl_sco; 976 pcb->sp_link = NULL; 977 link->hl_sco = NULL; 978 (*pcb->sp_proto->disconnected)(pcb->sp_upper, err); 979 } 980 981 /* flush any SCO data */ 982 MBUFQ_DRAIN(&link->hl_data); 983 984 /* 985 * Halt the callout - if its already running we cannot free the 986 * link structure but the timeout function will call us back in 987 * any case. 988 */ 989 link->hl_state = HCI_LINK_CLOSED; 990 callout_stop(&link->hl_expire); 991 if (callout_invoking(&link->hl_expire)) 992 return; 993 994 callout_destroy(&link->hl_expire); 995 996 /* 997 * If we made a note of clock offset, keep it in a memo 998 * to facilitate reconnections to this device 999 */ 1000 if (link->hl_clock != 0) { 1001 struct hci_memo *memo; 1002 1003 memo = hci_memo_new(link->hl_unit, &link->hl_bdaddr); 1004 if (memo != NULL) 1005 memo->clock_offset = link->hl_clock; 1006 } 1007 1008 TAILQ_REMOVE(&link->hl_unit->hci_links, link, hl_next); 1009 free(link, M_BLUETOOTH); 1010 } 1011 1012 /* 1013 * Lookup HCI link by address and type. Note that for SCO links there may 1014 * be more than one link per address, so we only return links with no 1015 * handle (ie new links) 1016 */ 1017 struct hci_link * 1018 hci_link_lookup_bdaddr(struct hci_unit *unit, bdaddr_t *bdaddr, uint8_t type) 1019 { 1020 struct hci_link *link; 1021 1022 KASSERT(unit != NULL); 1023 KASSERT(bdaddr != NULL); 1024 1025 TAILQ_FOREACH(link, &unit->hci_links, hl_next) { 1026 if (link->hl_type != type) 1027 continue; 1028 1029 if (type == HCI_LINK_SCO && link->hl_handle != 0) 1030 continue; 1031 1032 if (bdaddr_same(&link->hl_bdaddr, bdaddr)) 1033 break; 1034 } 1035 1036 return link; 1037 } 1038 1039 struct hci_link * 1040 hci_link_lookup_handle(struct hci_unit *unit, uint16_t handle) 1041 { 1042 struct hci_link *link; 1043 1044 KASSERT(unit != NULL); 1045 1046 TAILQ_FOREACH(link, &unit->hci_links, hl_next) { 1047 if (handle == link->hl_handle) 1048 break; 1049 } 1050 1051 return link; 1052 }
Cache object: d2ff20895c4c47bd5d9fa8a7d7e7618e
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]