1/****************************************************************************** 2 * 3 * Copyright (C) 2008-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19/****************************************************************************** 20 * 21 * this file contains the main ATT functions 22 * 23 ******************************************************************************/ 24 25#include "bt_target.h" 26 27#if BLE_INCLUDED == TRUE 28 29#include "bt_common.h" 30#include "gatt_int.h" 31#include "l2c_api.h" 32#include "btm_int.h" 33#include "btm_ble_int.h" 34#include "bt_utils.h" 35 36/* Configuration flags. */ 37#define GATT_L2C_CFG_IND_DONE (1<<0) 38#define GATT_L2C_CFG_CFM_DONE (1<<1) 39 40/* minimum GATT MTU size over BR/EDR link 41*/ 42#define GATT_MIN_BR_MTU_SIZE 48 43 44/********************************************************************************/ 45/* L O C A L F U N C T I O N P R O T O T Y P E S */ 46/********************************************************************************/ 47static void gatt_le_connect_cback (UINT16 chan, BD_ADDR bd_addr, BOOLEAN connected, 48 UINT16 reason, tBT_TRANSPORT transport); 49static void gatt_le_data_ind (UINT16 chan, BD_ADDR bd_addr, BT_HDR *p_buf); 50static void gatt_le_cong_cback(BD_ADDR remote_bda, BOOLEAN congest); 51 52static void gatt_l2cif_connect_ind_cback (BD_ADDR bd_addr, UINT16 l2cap_cid, 53 UINT16 psm, UINT8 l2cap_id); 54static void gatt_l2cif_connect_cfm_cback (UINT16 l2cap_cid, UINT16 result); 55static void gatt_l2cif_config_ind_cback (UINT16 l2cap_cid, tL2CAP_CFG_INFO *p_cfg); 56static void gatt_l2cif_config_cfm_cback (UINT16 l2cap_cid, tL2CAP_CFG_INFO *p_cfg); 57static void gatt_l2cif_disconnect_ind_cback (UINT16 l2cap_cid, BOOLEAN ack_needed); 58static void gatt_l2cif_disconnect_cfm_cback (UINT16 l2cap_cid, UINT16 result); 59static void gatt_l2cif_data_ind_cback (UINT16 l2cap_cid, BT_HDR *p_msg); 60static void gatt_send_conn_cback (tGATT_TCB *p_tcb); 61static void gatt_l2cif_congest_cback (UINT16 cid, BOOLEAN congested); 62 63static const tL2CAP_APPL_INFO dyn_info = 64{ 65 gatt_l2cif_connect_ind_cback, 66 gatt_l2cif_connect_cfm_cback, 67 NULL, 68 gatt_l2cif_config_ind_cback, 69 gatt_l2cif_config_cfm_cback, 70 gatt_l2cif_disconnect_ind_cback, 71 gatt_l2cif_disconnect_cfm_cback, 72 NULL, 73 gatt_l2cif_data_ind_cback, 74 gatt_l2cif_congest_cback, 75 NULL 76} ; 77 78#if GATT_DYNAMIC_MEMORY == FALSE 79tGATT_CB gatt_cb; 80#endif 81 82/******************************************************************************* 83** 84** Function gatt_init 85** 86** Description This function is enable the GATT profile on the device. 87** It clears out the control blocks, and registers with L2CAP. 88** 89** Returns void 90** 91*******************************************************************************/ 92void gatt_init (void) 93{ 94 tL2CAP_FIXED_CHNL_REG fixed_reg; 95 96 GATT_TRACE_DEBUG("gatt_init()"); 97 98 memset (&gatt_cb, 0, sizeof(tGATT_CB)); 99 memset (&fixed_reg, 0, sizeof(tL2CAP_FIXED_CHNL_REG)); 100 101#if defined(GATT_INITIAL_TRACE_LEVEL) 102 gatt_cb.trace_level = GATT_INITIAL_TRACE_LEVEL; 103#else 104 gatt_cb.trace_level = BT_TRACE_LEVEL_NONE; /* No traces */ 105#endif 106 gatt_cb.def_mtu_size = GATT_DEF_BLE_MTU_SIZE; 107 gatt_cb.sign_op_queue = fixed_queue_new(SIZE_MAX); 108 gatt_cb.srv_chg_clt_q = fixed_queue_new(SIZE_MAX); 109 gatt_cb.pending_new_srv_start_q = fixed_queue_new(SIZE_MAX); 110 /* First, register fixed L2CAP channel for ATT over BLE */ 111 fixed_reg.fixed_chnl_opts.mode = L2CAP_FCR_BASIC_MODE; 112 fixed_reg.fixed_chnl_opts.max_transmit = 0xFF; 113 fixed_reg.fixed_chnl_opts.rtrans_tout = 2000; 114 fixed_reg.fixed_chnl_opts.mon_tout = 12000; 115 fixed_reg.fixed_chnl_opts.mps = 670; 116 fixed_reg.fixed_chnl_opts.tx_win_sz = 1; 117 118 fixed_reg.pL2CA_FixedConn_Cb = gatt_le_connect_cback; 119 fixed_reg.pL2CA_FixedData_Cb = gatt_le_data_ind; 120 fixed_reg.pL2CA_FixedCong_Cb = gatt_le_cong_cback; /* congestion callback */ 121 fixed_reg.default_idle_tout = 0xffff; /* 0xffff default idle timeout */ 122 123 L2CA_RegisterFixedChannel (L2CAP_ATT_CID, &fixed_reg); 124 125 /* Now, register with L2CAP for ATT PSM over BR/EDR */ 126 if (!L2CA_Register (BT_PSM_ATT, (tL2CAP_APPL_INFO *) &dyn_info)) 127 { 128 GATT_TRACE_ERROR ("ATT Dynamic Registration failed"); 129 } 130 131 BTM_SetSecurityLevel(TRUE, "", BTM_SEC_SERVICE_ATT, BTM_SEC_NONE, BT_PSM_ATT, 0, 0); 132 BTM_SetSecurityLevel(FALSE, "", BTM_SEC_SERVICE_ATT, BTM_SEC_NONE, BT_PSM_ATT, 0, 0); 133 134 gatt_cb.hdl_cfg.gatt_start_hdl = GATT_GATT_START_HANDLE; 135 gatt_cb.hdl_cfg.gap_start_hdl = GATT_GAP_START_HANDLE; 136 gatt_cb.hdl_cfg.app_start_hdl = GATT_APP_START_HANDLE; 137 gatt_profile_db_init(); 138 139} 140 141 142/******************************************************************************* 143** 144** Function gatt_free 145** 146** Description This function frees resources used by the GATT profile. 147** 148** Returns void 149** 150*******************************************************************************/ 151void gatt_free(void) 152{ 153 int i; 154 GATT_TRACE_DEBUG("gatt_free()"); 155 156 fixed_queue_free(gatt_cb.sign_op_queue, NULL); 157 gatt_cb.sign_op_queue = NULL; 158 fixed_queue_free(gatt_cb.srv_chg_clt_q, NULL); 159 gatt_cb.srv_chg_clt_q = NULL; 160 fixed_queue_free(gatt_cb.pending_new_srv_start_q, NULL); 161 gatt_cb.pending_new_srv_start_q = NULL; 162 for (i = 0; i < GATT_MAX_PHY_CHANNEL; i++) 163 { 164 fixed_queue_free(gatt_cb.tcb[i].pending_enc_clcb, NULL); 165 gatt_cb.tcb[i].pending_enc_clcb = NULL; 166 167 fixed_queue_free(gatt_cb.tcb[i].pending_ind_q, NULL); 168 gatt_cb.tcb[i].pending_ind_q = NULL; 169 170 alarm_free(gatt_cb.tcb[i].conf_timer); 171 gatt_cb.tcb[i].conf_timer = NULL; 172 173 alarm_free(gatt_cb.tcb[i].ind_ack_timer); 174 gatt_cb.tcb[i].ind_ack_timer = NULL; 175 176 fixed_queue_free(gatt_cb.tcb[i].sr_cmd.multi_rsp_q, NULL); 177 gatt_cb.tcb[i].sr_cmd.multi_rsp_q = NULL; 178 } 179 for (i = 0; i < GATT_MAX_SR_PROFILES; i++) 180 { 181 gatt_free_hdl_buffer(&gatt_cb.hdl_list[i]); 182 } 183} 184 185/******************************************************************************* 186** 187** Function gatt_connect 188** 189** Description This function is called to initiate a connection to a peer device. 190** 191** Parameter rem_bda: remote device address to connect to. 192** 193** Returns TRUE if connection is started, otherwise return FALSE. 194** 195*******************************************************************************/ 196BOOLEAN gatt_connect (BD_ADDR rem_bda, tGATT_TCB *p_tcb, tBT_TRANSPORT transport) 197{ 198 BOOLEAN gatt_ret = FALSE; 199 200 if (gatt_get_ch_state(p_tcb) != GATT_CH_OPEN) 201 gatt_set_ch_state(p_tcb, GATT_CH_CONN); 202 203 if (transport == BT_TRANSPORT_LE) 204 { 205 p_tcb->att_lcid = L2CAP_ATT_CID; 206 gatt_ret = L2CA_ConnectFixedChnl (L2CAP_ATT_CID, rem_bda); 207 } 208 else 209 { 210 if ((p_tcb->att_lcid = L2CA_ConnectReq(BT_PSM_ATT, rem_bda)) != 0) 211 gatt_ret = TRUE; 212 } 213 214 return gatt_ret; 215} 216 217/******************************************************************************* 218** 219** Function gatt_disconnect 220** 221** Description This function is called to disconnect to an ATT device. 222** 223** Parameter p_tcb: pointer to the TCB to disconnect. 224** 225** Returns TRUE: if connection found and to be disconnected; otherwise 226** return FALSE. 227** 228*******************************************************************************/ 229BOOLEAN gatt_disconnect (tGATT_TCB *p_tcb) 230{ 231 BOOLEAN ret = FALSE; 232 tGATT_CH_STATE ch_state; 233 234 GATT_TRACE_EVENT ("%s", __func__); 235 236 if (p_tcb != NULL) 237 { 238 ret = TRUE; 239 if ( (ch_state = gatt_get_ch_state(p_tcb)) != GATT_CH_CLOSING ) 240 { 241 if (p_tcb->att_lcid == L2CAP_ATT_CID) 242 { 243 if (ch_state == GATT_CH_OPEN) 244 { 245 /* only LCB exist between remote device and local */ 246 ret = L2CA_RemoveFixedChnl (L2CAP_ATT_CID, p_tcb->peer_bda); 247 } 248 else 249 { 250 gatt_set_ch_state(p_tcb, GATT_CH_CLOSING); 251 ret = L2CA_CancelBleConnectReq (p_tcb->peer_bda); 252 } 253 } 254 else 255 { 256 if ((ch_state == GATT_CH_OPEN) || (ch_state == GATT_CH_CFG)) 257 ret = L2CA_DisconnectReq(p_tcb->att_lcid); 258 else 259 GATT_TRACE_DEBUG ("%s gatt_disconnect channel not opened", __func__); 260 } 261 } 262 else 263 { 264 GATT_TRACE_DEBUG ("%s already in closing state", __func__); 265 } 266 } 267 268 return ret; 269} 270 271/******************************************************************************* 272** 273** Function gatt_update_app_hold_link_status 274** 275** Description Update the application use link status 276** 277** Returns true if any modifications are made, false otherwise. 278** 279*******************************************************************************/ 280BOOLEAN gatt_update_app_hold_link_status(tGATT_IF gatt_if, tGATT_TCB *p_tcb, BOOLEAN is_add) 281{ 282 for (int i=0; i<GATT_MAX_APPS; i++) { 283 if (p_tcb->app_hold_link[i] == 0 && is_add) { 284 p_tcb->app_hold_link[i] = gatt_if; 285 GATT_TRACE_DEBUG("%s: added gatt_if=%d idx=%d ", __func__, gatt_if, i); 286 return TRUE; 287 } else if (p_tcb->app_hold_link[i] == gatt_if && !is_add) { 288 p_tcb->app_hold_link[i] = 0; 289 GATT_TRACE_DEBUG("%s: removed gatt_if=%d idx=%d", __func__, gatt_if, i); 290 return TRUE; 291 } 292 } 293 294 GATT_TRACE_DEBUG("%s: gatt_if=%d not found; is_add=%d", __func__, gatt_if, is_add); 295 return FALSE; 296} 297 298/******************************************************************************* 299** 300** Function gatt_update_app_use_link_flag 301** 302** Description Update the application use link flag and optional to check the acl link 303** if the link is up then set the idle time out accordingly 304** 305** Returns void. 306** 307*******************************************************************************/ 308void gatt_update_app_use_link_flag(tGATT_IF gatt_if, tGATT_TCB *p_tcb, BOOLEAN is_add, 309 BOOLEAN check_acl_link) 310{ 311 GATT_TRACE_DEBUG("%s: is_add=%d chk_link=%d", __func__, is_add, check_acl_link); 312 313 if (!p_tcb) 314 return; 315 316 // If we make no modification, i.e. kill app that was never connected to a device, 317 // skip updating the device state. 318 if (!gatt_update_app_hold_link_status(gatt_if, p_tcb, is_add)) 319 return; 320 321 if (!check_acl_link || 322 p_tcb->att_lcid != L2CAP_ATT_CID || /* only update link idle timer for fixed channel */ 323 (BTM_GetHCIConnHandle(p_tcb->peer_bda, p_tcb->transport) == GATT_INVALID_ACL_HANDLE)) { 324 return; 325 } 326 327 if (is_add) { 328 GATT_TRACE_DEBUG("%s: disable link idle timer", __func__); 329 /* acl link is connected disable the idle timeout */ 330 GATT_SetIdleTimeout(p_tcb->peer_bda, GATT_LINK_NO_IDLE_TIMEOUT, p_tcb->transport); 331 } else { 332 if (!gatt_num_apps_hold_link(p_tcb)) { 333 /* acl link is connected but no application needs to use the link 334 so set the timeout value to GATT_LINK_IDLE_TIMEOUT_WHEN_NO_APP seconds */ 335 GATT_TRACE_DEBUG("%s: start link idle timer =%d sec", __func__, 336 GATT_LINK_IDLE_TIMEOUT_WHEN_NO_APP); 337 GATT_SetIdleTimeout(p_tcb->peer_bda, GATT_LINK_IDLE_TIMEOUT_WHEN_NO_APP, 338 p_tcb->transport); 339 } 340 } 341} 342 343/******************************************************************************* 344** 345** Function gatt_act_connect 346** 347** Description GATT connection initiation. 348** 349** Returns void. 350** 351*******************************************************************************/ 352BOOLEAN gatt_act_connect (tGATT_REG *p_reg, BD_ADDR bd_addr, 353 tBT_TRANSPORT transport, BOOLEAN opportunistic) 354{ 355 BOOLEAN ret = FALSE; 356 tGATT_TCB *p_tcb; 357 UINT8 st; 358 359 if ((p_tcb = gatt_find_tcb_by_addr(bd_addr, transport)) != NULL) 360 { 361 ret = TRUE; 362 st = gatt_get_ch_state(p_tcb); 363 364 /* before link down, another app try to open a GATT connection */ 365 if(st == GATT_CH_OPEN && gatt_num_apps_hold_link(p_tcb) == 0 && 366 transport == BT_TRANSPORT_LE ) 367 { 368 if (!gatt_connect(bd_addr, p_tcb, transport)) 369 ret = FALSE; 370 } 371 else if(st == GATT_CH_CLOSING) 372 { 373 /* need to complete the closing first */ 374 ret = FALSE; 375 } 376 } 377 else 378 { 379 if ((p_tcb = gatt_allocate_tcb_by_bdaddr(bd_addr, transport)) != NULL) 380 { 381 if (!gatt_connect(bd_addr, p_tcb, transport)) 382 { 383 GATT_TRACE_ERROR("gatt_connect failed"); 384 fixed_queue_free(p_tcb->pending_enc_clcb, NULL); 385 fixed_queue_free(p_tcb->pending_ind_q, NULL); 386 memset(p_tcb, 0, sizeof(tGATT_TCB)); 387 } 388 else 389 ret = TRUE; 390 } 391 else 392 { 393 ret = 0; 394 GATT_TRACE_ERROR("Max TCB for gatt_if [%d] reached.", p_reg->gatt_if); 395 } 396 } 397 398 if (ret) 399 { 400 if (!opportunistic) 401 gatt_update_app_use_link_flag(p_reg->gatt_if, p_tcb, TRUE, FALSE); 402 else 403 GATT_TRACE_DEBUG("%s: connection is opportunistic, not updating app usage", 404 __func__); 405 } 406 407 return ret; 408} 409 410/******************************************************************************* 411** 412** Function gatt_le_connect_cback 413** 414** Description This callback function is called by L2CAP to indicate that 415** the ATT fixed channel for LE is 416** connected (conn = TRUE)/disconnected (conn = FALSE). 417** 418*******************************************************************************/ 419static void gatt_le_connect_cback (UINT16 chan, BD_ADDR bd_addr, BOOLEAN connected, 420 UINT16 reason, tBT_TRANSPORT transport) 421{ 422 423 tGATT_TCB *p_tcb = gatt_find_tcb_by_addr(bd_addr, transport); 424 BOOLEAN check_srv_chg = FALSE; 425 tGATTS_SRV_CHG *p_srv_chg_clt=NULL; 426 427 /* ignore all fixed channel connect/disconnect on BR/EDR link for GATT */ 428 if (transport == BT_TRANSPORT_BR_EDR) 429 return; 430 431 GATT_TRACE_DEBUG ("GATT ATT protocol channel with BDA: %08x%04x is %s", 432 (bd_addr[0]<<24)+(bd_addr[1]<<16)+(bd_addr[2]<<8)+bd_addr[3], 433 (bd_addr[4]<<8)+bd_addr[5], (connected) ? "connected" : "disconnected"); 434 435 if ((p_srv_chg_clt = gatt_is_bda_in_the_srv_chg_clt_list(bd_addr)) != NULL) 436 { 437 check_srv_chg = TRUE; 438 } 439 else 440 { 441 if (btm_sec_is_a_bonded_dev(bd_addr)) 442 gatt_add_a_bonded_dev_for_srv_chg(bd_addr); 443 } 444 445 if (connected) 446 { 447 /* do we have a channel initiating a connection? */ 448 if (p_tcb) 449 { 450 /* we are initiating connection */ 451 if ( gatt_get_ch_state(p_tcb) == GATT_CH_CONN) 452 { 453 /* send callback */ 454 gatt_set_ch_state(p_tcb, GATT_CH_OPEN); 455 p_tcb->payload_size = GATT_DEF_BLE_MTU_SIZE; 456 457 gatt_send_conn_cback(p_tcb); 458 } 459 if (check_srv_chg) 460 gatt_chk_srv_chg (p_srv_chg_clt); 461 } 462 /* this is incoming connection or background connection callback */ 463 464 else 465 { 466 if ((p_tcb = gatt_allocate_tcb_by_bdaddr(bd_addr, BT_TRANSPORT_LE)) != NULL) 467 { 468 p_tcb->att_lcid = L2CAP_ATT_CID; 469 470 gatt_set_ch_state(p_tcb, GATT_CH_OPEN); 471 472 p_tcb->payload_size = GATT_DEF_BLE_MTU_SIZE; 473 474 gatt_send_conn_cback (p_tcb); 475 if (check_srv_chg) 476 { 477 gatt_chk_srv_chg (p_srv_chg_clt); 478 } 479 } 480 else 481 { 482 GATT_TRACE_ERROR("CCB max out, no rsources"); 483 } 484 } 485 } 486 else 487 { 488 gatt_cleanup_upon_disc(bd_addr, reason, transport); 489 GATT_TRACE_DEBUG ("ATT disconnected"); 490 } 491} 492 493/******************************************************************************* 494** 495** Function gatt_channel_congestion 496** 497** Description This function is called to process the congestion callback 498** from lcb 499** 500** Returns void 501** 502*******************************************************************************/ 503static void gatt_channel_congestion(tGATT_TCB *p_tcb, BOOLEAN congested) 504{ 505 UINT8 i = 0; 506 tGATT_REG *p_reg=NULL; 507 UINT16 conn_id; 508 509 /* if uncongested, check to see if there is any more pending data */ 510 if (p_tcb != NULL && congested == FALSE) 511 { 512 gatt_cl_send_next_cmd_inq(p_tcb); 513 } 514 /* notifying all applications for the connection up event */ 515 for (i = 0, p_reg = gatt_cb.cl_rcb ; i < GATT_MAX_APPS; i++, p_reg++) 516 { 517 if (p_reg->in_use) 518 { 519 if (p_reg->app_cb.p_congestion_cb) 520 { 521 conn_id = GATT_CREATE_CONN_ID(p_tcb->tcb_idx, p_reg->gatt_if); 522 (*p_reg->app_cb.p_congestion_cb)(conn_id, congested); 523 } 524 } 525 } 526} 527 528/******************************************************************************* 529** 530** Function gatt_le_cong_cback 531** 532** Description This function is called when GATT fixed channel is congested 533** or uncongested. 534** 535** Returns void 536** 537*******************************************************************************/ 538static void gatt_le_cong_cback(BD_ADDR remote_bda, BOOLEAN congested) 539{ 540 tGATT_TCB *p_tcb = gatt_find_tcb_by_addr(remote_bda, BT_TRANSPORT_LE); 541 542 /* if uncongested, check to see if there is any more pending data */ 543 if (p_tcb != NULL) 544 { 545 gatt_channel_congestion(p_tcb, congested); 546 } 547} 548 549/******************************************************************************* 550** 551** Function gatt_le_data_ind 552** 553** Description This function is called when data is received from L2CAP. 554** if we are the originator of the connection, we are the ATT 555** client, and the received message is queued up for the client. 556** 557** If we are the destination of the connection, we are the ATT 558** server, so the message is passed to the server processing 559** function. 560** 561** Returns void 562** 563*******************************************************************************/ 564static void gatt_le_data_ind (UINT16 chan, BD_ADDR bd_addr, BT_HDR *p_buf) 565{ 566 tGATT_TCB *p_tcb; 567 568 /* Find CCB based on bd addr */ 569 if ((p_tcb = gatt_find_tcb_by_addr (bd_addr, BT_TRANSPORT_LE)) != NULL && 570 gatt_get_ch_state(p_tcb) >= GATT_CH_OPEN) 571 { 572 gatt_data_process(p_tcb, p_buf); 573 } 574 else 575 { 576 osi_free(p_buf); 577 578 if (p_tcb != NULL) 579 { 580 GATT_TRACE_WARNING ("ATT - Ignored L2CAP data while in state: %d", 581 gatt_get_ch_state(p_tcb)); 582 } 583 } 584} 585 586/******************************************************************************* 587** 588** Function gatt_l2cif_connect_ind 589** 590** Description This function handles an inbound connection indication 591** from L2CAP. This is the case where we are acting as a 592** server. 593** 594** Returns void 595** 596*******************************************************************************/ 597static void gatt_l2cif_connect_ind_cback (BD_ADDR bd_addr, UINT16 lcid, UINT16 psm, UINT8 id) 598{ 599 /* do we already have a control channel for this peer? */ 600 UINT8 result = L2CAP_CONN_OK; 601 tL2CAP_CFG_INFO cfg; 602 tGATT_TCB *p_tcb = gatt_find_tcb_by_addr(bd_addr, BT_TRANSPORT_BR_EDR); 603 UNUSED(psm); 604 605 GATT_TRACE_ERROR("Connection indication cid = %d", lcid); 606 /* new connection ? */ 607 if (p_tcb == NULL) 608 { 609 /* allocate tcb */ 610 if ((p_tcb = gatt_allocate_tcb_by_bdaddr(bd_addr, BT_TRANSPORT_BR_EDR)) == NULL) 611 { 612 /* no tcb available, reject L2CAP connection */ 613 result = L2CAP_CONN_NO_RESOURCES; 614 } 615 else 616 p_tcb->att_lcid = lcid; 617 618 } 619 else /* existing connection , reject it */ 620 { 621 result = L2CAP_CONN_NO_RESOURCES; 622 } 623 624 /* Send L2CAP connect rsp */ 625 L2CA_ConnectRsp(bd_addr, id, lcid, result, 0); 626 627 /* if result ok, proceed with connection */ 628 if (result == L2CAP_CONN_OK) 629 { 630 /* transition to configuration state */ 631 gatt_set_ch_state(p_tcb, GATT_CH_CFG); 632 633 /* Send L2CAP config req */ 634 memset(&cfg, 0, sizeof(tL2CAP_CFG_INFO)); 635 cfg.mtu_present = TRUE; 636 cfg.mtu = GATT_MAX_MTU_SIZE; 637 638 L2CA_ConfigReq(lcid, &cfg); 639 } 640} 641 642/******************************************************************************* 643** 644** Function gatt_l2c_connect_cfm_cback 645** 646** Description This is the L2CAP connect confirm callback function. 647** 648** 649** Returns void 650** 651*******************************************************************************/ 652static void gatt_l2cif_connect_cfm_cback(UINT16 lcid, UINT16 result) 653{ 654 tGATT_TCB *p_tcb; 655 tL2CAP_CFG_INFO cfg; 656 657 /* look up clcb for this channel */ 658 if ((p_tcb = gatt_find_tcb_by_cid(lcid)) != NULL) 659 { 660 GATT_TRACE_DEBUG("gatt_l2c_connect_cfm_cback result: %d ch_state: %d, lcid:0x%x", result, gatt_get_ch_state(p_tcb), p_tcb->att_lcid); 661 662 /* if in correct state */ 663 if (gatt_get_ch_state(p_tcb) == GATT_CH_CONN) 664 { 665 /* if result successful */ 666 if (result == L2CAP_CONN_OK) 667 { 668 /* set channel state */ 669 gatt_set_ch_state(p_tcb, GATT_CH_CFG); 670 671 /* Send L2CAP config req */ 672 memset(&cfg, 0, sizeof(tL2CAP_CFG_INFO)); 673 cfg.mtu_present = TRUE; 674 cfg.mtu = GATT_MAX_MTU_SIZE; 675 L2CA_ConfigReq(lcid, &cfg); 676 } 677 /* else initiating connection failure */ 678 else 679 { 680 gatt_cleanup_upon_disc(p_tcb->peer_bda, result, GATT_TRANSPORT_BR_EDR); 681 } 682 } 683 else /* wrong state, disconnect it */ 684 { 685 if (result == L2CAP_CONN_OK) 686 { 687 /* just in case the peer also accepts our connection - Send L2CAP disconnect req */ 688 L2CA_DisconnectReq(lcid); 689 } 690 } 691 } 692} 693 694/******************************************************************************* 695** 696** Function gatt_l2cif_config_cfm_cback 697** 698** Description This is the L2CAP config confirm callback function. 699** 700** 701** Returns void 702** 703*******************************************************************************/ 704void gatt_l2cif_config_cfm_cback(UINT16 lcid, tL2CAP_CFG_INFO *p_cfg) 705{ 706 tGATT_TCB *p_tcb; 707 tGATTS_SRV_CHG *p_srv_chg_clt=NULL; 708 709 /* look up clcb for this channel */ 710 if ((p_tcb = gatt_find_tcb_by_cid(lcid)) != NULL) 711 { 712 /* if in correct state */ 713 if ( gatt_get_ch_state(p_tcb) == GATT_CH_CFG) 714 { 715 /* if result successful */ 716 if (p_cfg->result == L2CAP_CFG_OK) 717 { 718 /* update flags */ 719 p_tcb->ch_flags |= GATT_L2C_CFG_CFM_DONE; 720 721 /* if configuration complete */ 722 if (p_tcb->ch_flags & GATT_L2C_CFG_IND_DONE) 723 { 724 gatt_set_ch_state(p_tcb, GATT_CH_OPEN); 725 726 if ((p_srv_chg_clt = gatt_is_bda_in_the_srv_chg_clt_list(p_tcb->peer_bda)) != NULL) 727 { 728 gatt_chk_srv_chg(p_srv_chg_clt); 729 } 730 else 731 { 732 if (btm_sec_is_a_bonded_dev(p_tcb->peer_bda)) 733 gatt_add_a_bonded_dev_for_srv_chg(p_tcb->peer_bda); 734 } 735 736 /* send callback */ 737 gatt_send_conn_cback(p_tcb); 738 } 739 } 740 /* else failure */ 741 else 742 { 743 /* Send L2CAP disconnect req */ 744 L2CA_DisconnectReq(lcid); 745 } 746 } 747 } 748} 749 750/******************************************************************************* 751** 752** Function gatt_l2cif_config_ind_cback 753** 754** Description This is the L2CAP config indication callback function. 755** 756** 757** Returns void 758** 759*******************************************************************************/ 760void gatt_l2cif_config_ind_cback(UINT16 lcid, tL2CAP_CFG_INFO *p_cfg) 761{ 762 tGATT_TCB *p_tcb; 763 tGATTS_SRV_CHG *p_srv_chg_clt=NULL; 764 /* look up clcb for this channel */ 765 if ((p_tcb = gatt_find_tcb_by_cid(lcid)) != NULL) 766 { 767 /* GATT uses the smaller of our MTU and peer's MTU */ 768 if ( p_cfg->mtu_present && 769 (p_cfg->mtu >= GATT_MIN_BR_MTU_SIZE && p_cfg->mtu < L2CAP_DEFAULT_MTU)) 770 p_tcb->payload_size = p_cfg->mtu; 771 else 772 p_tcb->payload_size = L2CAP_DEFAULT_MTU; 773 774 /* send L2CAP configure response */ 775 memset(p_cfg, 0, sizeof(tL2CAP_CFG_INFO)); 776 p_cfg->result = L2CAP_CFG_OK; 777 L2CA_ConfigRsp(lcid, p_cfg); 778 779 /* if first config ind */ 780 if ((p_tcb->ch_flags & GATT_L2C_CFG_IND_DONE) == 0) 781 { 782 /* update flags */ 783 p_tcb->ch_flags |= GATT_L2C_CFG_IND_DONE; 784 785 /* if configuration complete */ 786 if (p_tcb->ch_flags & GATT_L2C_CFG_CFM_DONE) 787 { 788 gatt_set_ch_state(p_tcb, GATT_CH_OPEN); 789 if ((p_srv_chg_clt = gatt_is_bda_in_the_srv_chg_clt_list(p_tcb->peer_bda)) != NULL) 790 { 791 gatt_chk_srv_chg(p_srv_chg_clt); 792 } 793 else 794 { 795 if (btm_sec_is_a_bonded_dev(p_tcb->peer_bda)) 796 gatt_add_a_bonded_dev_for_srv_chg(p_tcb->peer_bda); 797 } 798 799 /* send callback */ 800 gatt_send_conn_cback(p_tcb); 801 } 802 } 803 } 804} 805 806/******************************************************************************* 807** 808** Function gatt_l2cif_disconnect_ind_cback 809** 810** Description This is the L2CAP disconnect indication callback function. 811** 812** 813** Returns void 814** 815*******************************************************************************/ 816void gatt_l2cif_disconnect_ind_cback(UINT16 lcid, BOOLEAN ack_needed) 817{ 818 tGATT_TCB *p_tcb; 819 UINT16 reason; 820 821 /* look up clcb for this channel */ 822 if ((p_tcb = gatt_find_tcb_by_cid(lcid)) != NULL) 823 { 824 if (ack_needed) 825 { 826 /* send L2CAP disconnect response */ 827 L2CA_DisconnectRsp(lcid); 828 } 829 if (gatt_is_bda_in_the_srv_chg_clt_list(p_tcb->peer_bda) == NULL) 830 { 831 if (btm_sec_is_a_bonded_dev(p_tcb->peer_bda)) 832 gatt_add_a_bonded_dev_for_srv_chg(p_tcb->peer_bda); 833 } 834 /* if ACL link is still up, no reason is logged, l2cap is disconnect from peer */ 835 if ((reason = L2CA_GetDisconnectReason(p_tcb->peer_bda, p_tcb->transport)) == 0) 836 reason = GATT_CONN_TERMINATE_PEER_USER; 837 838 /* send disconnect callback */ 839 gatt_cleanup_upon_disc(p_tcb->peer_bda, reason, GATT_TRANSPORT_BR_EDR); 840 } 841} 842 843/******************************************************************************* 844** 845** Function gatt_l2cif_disconnect_cfm_cback 846** 847** Description This is the L2CAP disconnect confirm callback function. 848** 849** 850** Returns void 851** 852*******************************************************************************/ 853static void gatt_l2cif_disconnect_cfm_cback(UINT16 lcid, UINT16 result) 854{ 855 tGATT_TCB *p_tcb; 856 UINT16 reason; 857 UNUSED(result); 858 859 /* look up clcb for this channel */ 860 if ((p_tcb = gatt_find_tcb_by_cid(lcid)) != NULL) 861 { 862 /* If the device is not in the service changed client list, add it... */ 863 if (gatt_is_bda_in_the_srv_chg_clt_list(p_tcb->peer_bda) == NULL) 864 { 865 if (btm_sec_is_a_bonded_dev(p_tcb->peer_bda)) 866 gatt_add_a_bonded_dev_for_srv_chg(p_tcb->peer_bda); 867 } 868 869 /* send disconnect callback */ 870 /* if ACL link is still up, no reason is logged, l2cap is disconnect from peer */ 871 if ((reason = L2CA_GetDisconnectReason(p_tcb->peer_bda, p_tcb->transport)) == 0) 872 reason = GATT_CONN_TERMINATE_LOCAL_HOST; 873 874 gatt_cleanup_upon_disc(p_tcb->peer_bda, reason, GATT_TRANSPORT_BR_EDR); 875 } 876} 877 878/******************************************************************************* 879** 880** Function gatt_l2cif_data_ind_cback 881** 882** Description This is the L2CAP data indication callback function. 883** 884** 885** Returns void 886** 887*******************************************************************************/ 888static void gatt_l2cif_data_ind_cback(UINT16 lcid, BT_HDR *p_buf) 889{ 890 tGATT_TCB *p_tcb; 891 892 /* look up clcb for this channel */ 893 if ((p_tcb = gatt_find_tcb_by_cid(lcid)) != NULL && 894 gatt_get_ch_state(p_tcb) == GATT_CH_OPEN) 895 { 896 /* process the data */ 897 gatt_data_process(p_tcb, p_buf); 898 } 899 else /* prevent buffer leak */ 900 osi_free(p_buf); 901} 902 903/******************************************************************************* 904** 905** Function gatt_l2cif_congest_cback 906** 907** Description L2CAP congestion callback 908** 909** Returns void 910** 911*******************************************************************************/ 912static void gatt_l2cif_congest_cback (UINT16 lcid, BOOLEAN congested) 913{ 914 tGATT_TCB *p_tcb = gatt_find_tcb_by_cid(lcid); 915 916 if (p_tcb != NULL) 917 { 918 gatt_channel_congestion(p_tcb, congested); 919 } 920} 921 922/******************************************************************************* 923** 924** Function gatt_send_conn_cback 925** 926** Description Callback used to notify layer above about a connection. 927** 928** 929** Returns void 930** 931*******************************************************************************/ 932static void gatt_send_conn_cback(tGATT_TCB *p_tcb) 933{ 934 UINT8 i; 935 tGATT_REG *p_reg; 936 tGATT_BG_CONN_DEV *p_bg_dev=NULL; 937 UINT16 conn_id; 938 939 p_bg_dev = gatt_find_bg_dev(p_tcb->peer_bda); 940 941 /* notifying all applications for the connection up event */ 942 for (i = 0, p_reg = gatt_cb.cl_rcb ; i < GATT_MAX_APPS; i++, p_reg++) 943 { 944 if (p_reg->in_use) 945 { 946 if (p_bg_dev && gatt_is_bg_dev_for_app(p_bg_dev, p_reg->gatt_if)) 947 gatt_update_app_use_link_flag(p_reg->gatt_if, p_tcb, TRUE, TRUE); 948 949 if (p_reg->app_cb.p_conn_cb) 950 { 951 conn_id = GATT_CREATE_CONN_ID(p_tcb->tcb_idx, p_reg->gatt_if); 952 (*p_reg->app_cb.p_conn_cb)(p_reg->gatt_if, p_tcb->peer_bda, conn_id, 953 TRUE, 0, p_tcb->transport); 954 } 955 } 956 } 957 958 959 if (gatt_num_apps_hold_link(p_tcb) && p_tcb->att_lcid == L2CAP_ATT_CID ) 960 { 961 /* disable idle timeout if one or more clients are holding the link disable the idle timer */ 962 GATT_SetIdleTimeout(p_tcb->peer_bda, GATT_LINK_NO_IDLE_TIMEOUT, p_tcb->transport); 963 } 964} 965 966/******************************************************************************* 967** 968** Function gatt_le_data_ind 969** 970** Description This function is called when data is received from L2CAP. 971** if we are the originator of the connection, we are the ATT 972** client, and the received message is queued up for the client. 973** 974** If we are the destination of the connection, we are the ATT 975** server, so the message is passed to the server processing 976** function. 977** 978** Returns void 979** 980*******************************************************************************/ 981void gatt_data_process (tGATT_TCB *p_tcb, BT_HDR *p_buf) 982{ 983 UINT8 *p = (UINT8 *)(p_buf + 1) + p_buf->offset; 984 UINT8 op_code, pseudo_op_code; 985 UINT16 msg_len; 986 987 988 if (p_buf->len > 0) 989 { 990 msg_len = p_buf->len - 1; 991 STREAM_TO_UINT8(op_code, p); 992 993 /* remove the two MSBs associated with sign write and write cmd */ 994 pseudo_op_code = op_code & (~GATT_WRITE_CMD_MASK); 995 996 if (pseudo_op_code < GATT_OP_CODE_MAX) 997 { 998 if (op_code == GATT_SIGN_CMD_WRITE) 999 { 1000 gatt_verify_signature(p_tcb, p_buf); 1001 } 1002 else 1003 { 1004 /* message from client */ 1005 if ((op_code % 2) == 0) 1006 gatt_server_handle_client_req (p_tcb, op_code, msg_len, p); 1007 else 1008 gatt_client_handle_server_rsp (p_tcb, op_code, msg_len, p); 1009 } 1010 } 1011 else 1012 { 1013 GATT_TRACE_ERROR ("ATT - Rcvd L2CAP data, unknown cmd: 0x%x", op_code); 1014 } 1015 } 1016 else 1017 { 1018 GATT_TRACE_ERROR ("invalid data length, ignore"); 1019 } 1020 1021 osi_free(p_buf); 1022} 1023 1024/******************************************************************************* 1025** 1026** Function gatt_add_a_bonded_dev_for_srv_chg 1027** 1028** Description Add a bonded dev to the service changed client list 1029** 1030** Returns void 1031** 1032*******************************************************************************/ 1033void gatt_add_a_bonded_dev_for_srv_chg (BD_ADDR bda) 1034{ 1035 tGATTS_SRV_CHG_REQ req; 1036 tGATTS_SRV_CHG srv_chg_clt; 1037 1038 memcpy(srv_chg_clt.bda, bda, BD_ADDR_LEN); 1039 srv_chg_clt.srv_changed = FALSE; 1040 if (gatt_add_srv_chg_clt(&srv_chg_clt) != NULL) 1041 { 1042 memcpy(req.srv_chg.bda, bda, BD_ADDR_LEN); 1043 req.srv_chg.srv_changed = FALSE; 1044 if (gatt_cb.cb_info.p_srv_chg_callback) 1045 (*gatt_cb.cb_info.p_srv_chg_callback)(GATTS_SRV_CHG_CMD_ADD_CLIENT, &req, NULL); 1046 } 1047} 1048 1049/******************************************************************************* 1050** 1051** Function gatt_send_srv_chg_ind 1052** 1053** Description This function is called to send a service chnaged indication to 1054** the specified bd address 1055** 1056** Returns void 1057** 1058*******************************************************************************/ 1059void gatt_send_srv_chg_ind (BD_ADDR peer_bda) 1060{ 1061 UINT8 handle_range[GATT_SIZE_OF_SRV_CHG_HNDL_RANGE]; 1062 UINT8 *p = handle_range; 1063 UINT16 conn_id; 1064 1065 GATT_TRACE_DEBUG("gatt_send_srv_chg_ind"); 1066 1067 if (gatt_cb.handle_of_h_r) 1068 { 1069 if ((conn_id = gatt_profile_find_conn_id_by_bd_addr(peer_bda)) != GATT_INVALID_CONN_ID) 1070 { 1071 UINT16_TO_STREAM (p, 1); 1072 UINT16_TO_STREAM (p, 0xFFFF); 1073 GATTS_HandleValueIndication (conn_id, 1074 gatt_cb.handle_of_h_r, 1075 GATT_SIZE_OF_SRV_CHG_HNDL_RANGE, 1076 handle_range); 1077 } 1078 else 1079 { 1080 GATT_TRACE_ERROR("Unable to find conn_id for %08x%04x ", 1081 (peer_bda[0]<<24)+(peer_bda[1]<<16)+(peer_bda[2]<<8)+peer_bda[3], 1082 (peer_bda[4]<<8)+peer_bda[5] ); 1083 } 1084 } 1085} 1086 1087/******************************************************************************* 1088** 1089** Function gatt_chk_srv_chg 1090** 1091** Description Check sending service chnaged Indication is required or not 1092** if required then send the Indication 1093** 1094** Returns void 1095** 1096*******************************************************************************/ 1097void gatt_chk_srv_chg(tGATTS_SRV_CHG *p_srv_chg_clt) 1098{ 1099 GATT_TRACE_DEBUG("gatt_chk_srv_chg srv_changed=%d", p_srv_chg_clt->srv_changed ); 1100 1101 if (p_srv_chg_clt->srv_changed) 1102 { 1103 gatt_send_srv_chg_ind(p_srv_chg_clt->bda); 1104 } 1105} 1106 1107/******************************************************************************* 1108** 1109** Function gatt_init_srv_chg 1110** 1111** Description This function is used to initialize the service changed 1112** attribute value 1113** 1114** Returns void 1115** 1116*******************************************************************************/ 1117void gatt_init_srv_chg (void) 1118{ 1119 tGATTS_SRV_CHG_REQ req; 1120 tGATTS_SRV_CHG_RSP rsp; 1121 BOOLEAN status; 1122 UINT8 num_clients,i; 1123 tGATTS_SRV_CHG srv_chg_clt; 1124 1125 GATT_TRACE_DEBUG("gatt_init_srv_chg"); 1126 if (gatt_cb.cb_info.p_srv_chg_callback) 1127 { 1128 status = (*gatt_cb.cb_info.p_srv_chg_callback)(GATTS_SRV_CHG_CMD_READ_NUM_CLENTS, NULL, &rsp); 1129 1130 if (status && rsp.num_clients) 1131 { 1132 GATT_TRACE_DEBUG("gatt_init_srv_chg num_srv_chg_clt_clients=%d", rsp.num_clients); 1133 num_clients = rsp.num_clients; 1134 i = 1; /* use one based index */ 1135 while ((i <= num_clients) && status) 1136 { 1137 req.client_read_index = i; 1138 if ((status = (*gatt_cb.cb_info.p_srv_chg_callback)(GATTS_SRV_CHG_CMD_READ_CLENT, &req, &rsp)) == TRUE) 1139 { 1140 memcpy(&srv_chg_clt, &rsp.srv_chg ,sizeof(tGATTS_SRV_CHG)); 1141 if (gatt_add_srv_chg_clt(&srv_chg_clt) == NULL) 1142 { 1143 GATT_TRACE_ERROR("Unable to add a service change client"); 1144 status = FALSE; 1145 } 1146 } 1147 i++; 1148 } 1149 } 1150 } 1151 else 1152 { 1153 GATT_TRACE_DEBUG("gatt_init_srv_chg callback not registered yet"); 1154 } 1155} 1156 1157/******************************************************************************* 1158** 1159** Function gatt_proc_srv_chg 1160** 1161** Description This function is process the service changed request 1162** 1163** Returns void 1164** 1165*******************************************************************************/ 1166void gatt_proc_srv_chg (void) 1167{ 1168 UINT8 start_idx, found_idx; 1169 BD_ADDR bda; 1170 BOOLEAN srv_chg_ind_pending=FALSE; 1171 tGATT_TCB *p_tcb; 1172 tBT_TRANSPORT transport; 1173 1174 GATT_TRACE_DEBUG ("gatt_proc_srv_chg"); 1175 1176 if (gatt_cb.cb_info.p_srv_chg_callback && gatt_cb.handle_of_h_r) 1177 { 1178 gatt_set_srv_chg(); 1179 start_idx =0; 1180 while (gatt_find_the_connected_bda(start_idx, bda, &found_idx, &transport)) 1181 { 1182 p_tcb = &gatt_cb.tcb[found_idx];; 1183 srv_chg_ind_pending = gatt_is_srv_chg_ind_pending(p_tcb); 1184 1185 if (!srv_chg_ind_pending) 1186 { 1187 gatt_send_srv_chg_ind(bda); 1188 } 1189 else 1190 { 1191 GATT_TRACE_DEBUG ("discard srv chg - already has one in the queue"); 1192 } 1193 start_idx = ++found_idx; 1194 } 1195 } 1196} 1197 1198/******************************************************************************* 1199** 1200** Function gatt_set_ch_state 1201** 1202** Description This function set the ch_state in tcb 1203** 1204** Returns none 1205** 1206*******************************************************************************/ 1207void gatt_set_ch_state(tGATT_TCB *p_tcb, tGATT_CH_STATE ch_state) 1208{ 1209 if (p_tcb) 1210 { 1211 GATT_TRACE_DEBUG ("gatt_set_ch_state: old=%d new=%d", p_tcb->ch_state, ch_state); 1212 p_tcb->ch_state = ch_state; 1213 } 1214} 1215 1216/******************************************************************************* 1217** 1218** Function gatt_get_ch_state 1219** 1220** Description This function get the ch_state in tcb 1221** 1222** Returns none 1223** 1224*******************************************************************************/ 1225tGATT_CH_STATE gatt_get_ch_state(tGATT_TCB *p_tcb) 1226{ 1227 tGATT_CH_STATE ch_state = GATT_CH_CLOSE; 1228 if (p_tcb) 1229 { 1230 GATT_TRACE_DEBUG ("gatt_get_ch_state: ch_state=%d", p_tcb->ch_state); 1231 ch_state = p_tcb->ch_state; 1232 } 1233 return ch_state; 1234} 1235 1236#endif /* BLE_INCLUDED */ 1237