/****************************************************************************** * * Copyright 2002-2012 Broadcom Corporation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ******************************************************************************/ /****************************************************************************** * * this file contains the connection interface functions * ******************************************************************************/ #include <stdio.h> #include <stdlib.h> #include <string.h> #include "bt_common.h" #include "bt_types.h" #include "l2c_api.h" #include "l2cdefs.h" #include "btm_api.h" #include "btm_int.h" #include "btu.h" #include "hiddefs.h" #include "bt_utils.h" #include "hidh_api.h" #include "hidh_int.h" #include "log/log.h" #include "osi/include/osi.h" static uint8_t find_conn_by_cid(uint16_t cid); static void hidh_conn_retry(uint8_t dhandle); /******************************************************************************/ /* L O C A L F U N C T I O N P R O T O T Y P E S */ /******************************************************************************/ static void hidh_l2cif_connect_ind(const RawAddress& bd_addr, uint16_t l2cap_cid, uint16_t psm, uint8_t l2cap_id); static void hidh_l2cif_connect_cfm(uint16_t l2cap_cid, uint16_t result); static void hidh_l2cif_config_ind(uint16_t l2cap_cid, tL2CAP_CFG_INFO* p_cfg); static void hidh_l2cif_config_cfm(uint16_t l2cap_cid, tL2CAP_CFG_INFO* p_cfg); static void hidh_l2cif_disconnect_ind(uint16_t l2cap_cid, bool ack_needed); static void hidh_l2cif_data_ind(uint16_t l2cap_cid, BT_HDR* p_msg); static void hidh_l2cif_disconnect_cfm(uint16_t l2cap_cid, uint16_t result); static void hidh_l2cif_cong_ind(uint16_t l2cap_cid, bool congested); static const tL2CAP_APPL_INFO hst_reg_info = { hidh_l2cif_connect_ind, hidh_l2cif_connect_cfm, NULL, hidh_l2cif_config_ind, hidh_l2cif_config_cfm, hidh_l2cif_disconnect_ind, hidh_l2cif_disconnect_cfm, NULL, hidh_l2cif_data_ind, hidh_l2cif_cong_ind, NULL, /* tL2CA_TX_COMPLETE_CB */ NULL /* tL2CA_CREDITS_RECEIVED_CB */}; /******************************************************************************* * * Function hidh_l2cif_reg * * Description This function initializes the SDP unit. * * Returns void * ******************************************************************************/ tHID_STATUS hidh_conn_reg(void) { int xx; /* Initialize the L2CAP configuration. We only care about MTU and flush */ memset(&hh_cb.l2cap_cfg, 0, sizeof(tL2CAP_CFG_INFO)); hh_cb.l2cap_cfg.mtu_present = true; hh_cb.l2cap_cfg.mtu = HID_HOST_MTU; hh_cb.l2cap_cfg.flush_to_present = true; hh_cb.l2cap_cfg.flush_to = HID_HOST_FLUSH_TO; /* Now, register with L2CAP */ if (!L2CA_Register(HID_PSM_CONTROL, (tL2CAP_APPL_INFO*)&hst_reg_info, false /* enable_snoop */)) { HIDH_TRACE_ERROR("HID-Host Control Registration failed"); return (HID_ERR_L2CAP_FAILED); } if (!L2CA_Register(HID_PSM_INTERRUPT, (tL2CAP_APPL_INFO*)&hst_reg_info, false /* enable_snoop */)) { L2CA_Deregister(HID_PSM_CONTROL); HIDH_TRACE_ERROR("HID-Host Interrupt Registration failed"); return (HID_ERR_L2CAP_FAILED); } for (xx = 0; xx < HID_HOST_MAX_DEVICES; xx++) { hh_cb.devices[xx].in_use = false; hh_cb.devices[xx].conn.conn_state = HID_CONN_STATE_UNUSED; } return (HID_SUCCESS); } /******************************************************************************* * * Function hidh_conn_disconnect * * Description This function disconnects a connection. * * Returns true if disconnect started, false if already disconnected * ******************************************************************************/ tHID_STATUS hidh_conn_disconnect(uint8_t dhandle) { tHID_CONN* p_hcon = &hh_cb.devices[dhandle].conn; HIDH_TRACE_EVENT("HID-Host disconnect"); if ((p_hcon->ctrl_cid != 0) || (p_hcon->intr_cid != 0)) { p_hcon->conn_state = HID_CONN_STATE_DISCONNECTING; /* Set l2cap idle timeout to 0 (so ACL link is disconnected * immediately after last channel is closed) */ L2CA_SetIdleTimeoutByBdAddr(hh_cb.devices[dhandle].addr, 0, BT_TRANSPORT_BR_EDR); /* Disconnect both interrupt and control channels */ if (p_hcon->intr_cid) L2CA_DisconnectReq(p_hcon->intr_cid); else if (p_hcon->ctrl_cid) L2CA_DisconnectReq(p_hcon->ctrl_cid); } else { p_hcon->conn_state = HID_CONN_STATE_UNUSED; } return (HID_SUCCESS); } /******************************************************************************* * * Function hidh_sec_check_complete_term * * Description HID security check complete callback function. * * Returns Send L2CA_ConnectRsp OK if secutiry check succeed; otherwise * send security block L2C connection response. * ******************************************************************************/ void hidh_sec_check_complete_term(UNUSED_ATTR const RawAddress* bd_addr, UNUSED_ATTR tBT_TRANSPORT transport, void* p_ref_data, uint8_t res) { tHID_HOST_DEV_CTB* p_dev = (tHID_HOST_DEV_CTB*)p_ref_data; if (res == BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) { p_dev->conn.disc_reason = HID_SUCCESS; /* Authentication passed. Reset disc_reason (from HID_ERR_AUTH_FAILED) */ p_dev->conn.conn_state = HID_CONN_STATE_CONNECTING_INTR; /* Send response to the L2CAP layer. */ L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid, L2CAP_CONN_OK, L2CAP_CONN_OK); /* Send a Configuration Request. */ L2CA_ConfigReq(p_dev->conn.ctrl_cid, &hh_cb.l2cap_cfg); } /* security check fail */ else if (res != BTM_SUCCESS) { p_dev->conn.disc_reason = HID_ERR_AUTH_FAILED; /* Save reason for disconnecting */ p_dev->conn.conn_state = HID_CONN_STATE_UNUSED; L2CA_ConnectRsp(p_dev->addr, p_dev->conn.ctrl_id, p_dev->conn.ctrl_cid, L2CAP_CONN_SECURITY_BLOCK, L2CAP_CONN_OK); } } /******************************************************************************* * * Function hidh_l2cif_connect_ind * * Description This function handles an inbound connection indication * from L2CAP. This is the case where we are acting as a * server. * * Returns void * ******************************************************************************/ static void hidh_l2cif_connect_ind(const RawAddress& bd_addr, uint16_t l2cap_cid, uint16_t psm, uint8_t l2cap_id) { tHID_CONN* p_hcon; bool bAccept = true; uint8_t i = HID_HOST_MAX_DEVICES; tHID_HOST_DEV_CTB* p_dev; HIDH_TRACE_EVENT("HID-Host Rcvd L2CAP conn ind, PSM: 0x%04x CID 0x%x", psm, l2cap_cid); /* always add incoming connection device into HID database by default */ if (HID_HostAddDev(bd_addr, HID_SEC_REQUIRED, &i) != HID_SUCCESS) { L2CA_ConnectRsp(bd_addr, l2cap_id, l2cap_cid, L2CAP_CONN_SECURITY_BLOCK, 0); return; } p_hcon = &hh_cb.devices[i].conn; p_dev = &hh_cb.devices[i]; /* Check we are in the correct state for this */ if (psm == HID_PSM_INTERRUPT) { if (p_hcon->ctrl_cid == 0) { HIDH_TRACE_WARNING( "HID-Host Rcvd INTR L2CAP conn ind, but no CTL channel"); bAccept = false; } if (p_hcon->conn_state != HID_CONN_STATE_CONNECTING_INTR) { HIDH_TRACE_WARNING("HID-Host Rcvd INTR L2CAP conn ind, wrong state: %d", p_hcon->conn_state); bAccept = false; } } else /* CTRL channel */ { #if (HID_HOST_ACPT_NEW_CONN == TRUE) p_hcon->ctrl_cid = p_hcon->intr_cid = 0; p_hcon->conn_state = HID_CONN_STATE_UNUSED; #else if (p_hcon->conn_state != HID_CONN_STATE_UNUSED) { HIDH_TRACE_WARNING("HID-Host - Rcvd CTL L2CAP conn ind, wrong state: %d", p_hcon->conn_state); bAccept = false; } #endif } if (!bAccept) { L2CA_ConnectRsp(bd_addr, l2cap_id, l2cap_cid, L2CAP_CONN_NO_RESOURCES, 0); return; } if (psm == HID_PSM_CONTROL) { p_hcon->conn_flags = 0; p_hcon->ctrl_cid = l2cap_cid; p_hcon->ctrl_id = l2cap_id; p_hcon->disc_reason = HID_L2CAP_CONN_FAIL; /* In case disconnection occurs before security is completed, then set CLOSE_EVT reason code to 'connection failure' */ p_hcon->conn_state = HID_CONN_STATE_SECURITY; if (btm_sec_mx_access_request( p_dev->addr, HID_PSM_CONTROL, false, BTM_SEC_PROTO_HID, (p_dev->attr_mask & HID_SEC_REQUIRED) ? HID_SEC_CHN : HID_NOSEC_CHN, &hidh_sec_check_complete_term, p_dev) == BTM_CMD_STARTED) { L2CA_ConnectRsp(bd_addr, l2cap_id, l2cap_cid, L2CAP_CONN_PENDING, L2CAP_CONN_OK); } return; } /* Transition to the next appropriate state, configuration */ p_hcon->conn_state = HID_CONN_STATE_CONFIG; p_hcon->intr_cid = l2cap_cid; /* Send response to the L2CAP layer. */ L2CA_ConnectRsp(bd_addr, l2cap_id, l2cap_cid, L2CAP_CONN_OK, L2CAP_CONN_OK); /* Send a Configuration Request. */ L2CA_ConfigReq(l2cap_cid, &hh_cb.l2cap_cfg); HIDH_TRACE_EVENT( "HID-Host Rcvd L2CAP conn ind, sent config req, PSM: 0x%04x CID 0x%x", psm, l2cap_cid); } void hidh_process_repage_timer_timeout(void* data) { uint8_t dhandle = PTR_TO_UINT(data); hidh_try_repage(dhandle); } /******************************************************************************* * * Function hidh_try_repage * * Description This function processes timeout (to page device). * * Returns void * ******************************************************************************/ void hidh_try_repage(uint8_t dhandle) { tHID_HOST_DEV_CTB* device; hidh_conn_initiate(dhandle); device = &hh_cb.devices[dhandle]; device->conn_tries++; hh_cb.callback(dhandle, device->addr, HID_HDEV_EVT_RETRYING, device->conn_tries, NULL); } /******************************************************************************* * * Function hidh_sec_check_complete_orig * * Description This function checks to see if security procedures are being * carried out or not.. * * Returns void * ******************************************************************************/ void hidh_sec_check_complete_orig(UNUSED_ATTR const RawAddress* bd_addr, UNUSED_ATTR tBT_TRANSPORT transport, void* p_ref_data, uint8_t res) { tHID_HOST_DEV_CTB* p_dev = (tHID_HOST_DEV_CTB*)p_ref_data; uint8_t dhandle; // TODO(armansito): This kind of math to determine a device handle is way // too dirty and unnecessary. Why can't |p_dev| store it's handle? dhandle = (PTR_TO_UINT(p_dev) - PTR_TO_UINT(&(hh_cb.devices[0]))) / sizeof(tHID_HOST_DEV_CTB); if (res == BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) { HIDH_TRACE_EVENT("HID-Host Originator security pass."); p_dev->conn.disc_reason = HID_SUCCESS; /* Authentication passed. Reset disc_reason (from HID_ERR_AUTH_FAILED) */ /* Transition to the next appropriate state, configuration */ p_dev->conn.conn_state = HID_CONN_STATE_CONFIG; L2CA_ConfigReq(p_dev->conn.ctrl_cid, &hh_cb.l2cap_cfg); HIDH_TRACE_EVENT("HID-Host Got Control conn cnf, sent cfg req, CID: 0x%x", p_dev->conn.ctrl_cid); } if (res != BTM_SUCCESS && p_dev->conn.conn_state == HID_CONN_STATE_SECURITY) { #if (HID_HOST_MAX_CONN_RETRY > 0) if (res == BTM_DEVICE_TIMEOUT) { if (p_dev->conn_tries <= HID_HOST_MAX_CONN_RETRY) { hidh_conn_retry(dhandle); return; } } #endif p_dev->conn.disc_reason = HID_ERR_AUTH_FAILED; /* Save reason for disconnecting */ hidh_conn_disconnect(dhandle); } } /******************************************************************************* * * Function hidh_l2cif_connect_cfm * * Description This function handles the connect confirm events * from L2CAP. This is the case when we are acting as a * client and have sent a connect request. * * Returns void * ******************************************************************************/ static void hidh_l2cif_connect_cfm(uint16_t l2cap_cid, uint16_t result) { uint8_t dhandle; tHID_CONN* p_hcon = NULL; uint32_t reason; tHID_HOST_DEV_CTB* p_dev = NULL; /* Find CCB based on CID, and verify we are in a state to accept this message */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) { p_dev = &hh_cb.devices[dhandle]; p_hcon = &hh_cb.devices[dhandle].conn; } if ((p_hcon == NULL) || (!(p_hcon->conn_flags & HID_CONN_FLAGS_IS_ORIG)) || ((l2cap_cid == p_hcon->ctrl_cid) && (p_hcon->conn_state != HID_CONN_STATE_CONNECTING_CTRL)) || ((l2cap_cid == p_hcon->intr_cid) && (p_hcon->conn_state != HID_CONN_STATE_CONNECTING_INTR) && (p_hcon->conn_state != HID_CONN_STATE_DISCONNECTING))) { HIDH_TRACE_WARNING("HID-Host Rcvd unexpected conn cnf, CID 0x%x ", l2cap_cid); return; } if (result != L2CAP_CONN_OK) { if (l2cap_cid == p_hcon->ctrl_cid) p_hcon->ctrl_cid = 0; else p_hcon->intr_cid = 0; hidh_conn_disconnect(dhandle); #if (HID_HOST_MAX_CONN_RETRY > 0) if ((hh_cb.devices[dhandle].conn_tries <= HID_HOST_MAX_CONN_RETRY) && (result == HCI_ERR_CONNECTION_TOUT || result == HCI_ERR_UNSPECIFIED || result == HCI_ERR_PAGE_TIMEOUT)) { hidh_conn_retry(dhandle); } else #endif { reason = HID_L2CAP_CONN_FAIL | (uint32_t)result; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, reason, NULL); } return; } /* receive Control Channel connect confirmation */ if (l2cap_cid == p_hcon->ctrl_cid) { /* check security requirement */ p_hcon->conn_state = HID_CONN_STATE_SECURITY; p_hcon->disc_reason = HID_L2CAP_CONN_FAIL; /* In case disconnection occurs before security is completed, then set CLOSE_EVT reason code to "connection failure" */ btm_sec_mx_access_request( p_dev->addr, HID_PSM_CONTROL, true, BTM_SEC_PROTO_HID, (p_dev->attr_mask & HID_SEC_REQUIRED) ? HID_SEC_CHN : HID_NOSEC_CHN, &hidh_sec_check_complete_orig, p_dev); } else { p_hcon->conn_state = HID_CONN_STATE_CONFIG; /* Send a Configuration Request. */ L2CA_ConfigReq(l2cap_cid, &hh_cb.l2cap_cfg); HIDH_TRACE_EVENT("HID-Host got Interrupt conn cnf, sent cfg req, CID: 0x%x", l2cap_cid); } return; } /******************************************************************************* * * Function hidh_l2cif_config_ind * * Description This function processes the L2CAP configuration indication * event. * * Returns void * ******************************************************************************/ static void hidh_l2cif_config_ind(uint16_t l2cap_cid, tL2CAP_CFG_INFO* p_cfg) { uint8_t dhandle; tHID_CONN* p_hcon = NULL; uint32_t reason; /* Find CCB based on CID */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) { p_hcon = &hh_cb.devices[dhandle].conn; } if (p_hcon == NULL) { HIDH_TRACE_WARNING("HID-Host Rcvd L2CAP cfg ind, unknown CID: 0x%x", l2cap_cid); return; } HIDH_TRACE_EVENT("HID-Host Rcvd cfg ind, sent cfg cfm, CID: 0x%x", l2cap_cid); /* Remember the remote MTU size */ if ((!p_cfg->mtu_present) || (p_cfg->mtu > HID_HOST_MTU)) p_hcon->rem_mtu_size = HID_HOST_MTU; else p_hcon->rem_mtu_size = p_cfg->mtu; /* For now, always accept configuration from the other side */ p_cfg->flush_to_present = false; p_cfg->mtu_present = false; p_cfg->result = L2CAP_CFG_OK; L2CA_ConfigRsp(l2cap_cid, p_cfg); if (l2cap_cid == p_hcon->ctrl_cid) { p_hcon->conn_flags |= HID_CONN_FLAGS_HIS_CTRL_CFG_DONE; if ((p_hcon->conn_flags & HID_CONN_FLAGS_IS_ORIG) && (p_hcon->conn_flags & HID_CONN_FLAGS_MY_CTRL_CFG_DONE)) { /* Connect interrupt channel */ p_hcon->disc_reason = HID_L2CAP_CONN_FAIL; /* Reset initial reason for CLOSE_EVT: Connection Attempt was made but failed */ p_hcon->intr_cid = L2CA_ConnectReq(HID_PSM_INTERRUPT, hh_cb.devices[dhandle].addr); if (p_hcon->intr_cid == 0) { HIDH_TRACE_WARNING("HID-Host INTR Originate failed"); reason = HID_L2CAP_REQ_FAIL; p_hcon->conn_state = HID_CONN_STATE_UNUSED; hidh_conn_disconnect(dhandle); hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, reason, NULL); return; } else { /* Transition to the next appropriate state, waiting for connection * confirm on interrupt channel. */ p_hcon->conn_state = HID_CONN_STATE_CONNECTING_INTR; } } } else p_hcon->conn_flags |= HID_CONN_FLAGS_HIS_INTR_CFG_DONE; /* If all configuration is complete, change state and tell management we are * up */ if (((p_hcon->conn_flags & HID_CONN_FLAGS_ALL_CONFIGURED) == HID_CONN_FLAGS_ALL_CONFIGURED) && (p_hcon->conn_state == HID_CONN_STATE_CONFIG)) { p_hcon->conn_state = HID_CONN_STATE_CONNECTED; /* Reset disconnect reason to success, as connection successful */ p_hcon->disc_reason = HID_SUCCESS; hh_cb.devices[dhandle].state = HID_DEV_CONNECTED; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_OPEN, 0, NULL); } } /******************************************************************************* * * Function hidh_l2cif_config_cfm * * Description This function processes the L2CAP configuration confirmation * event. * * Returns void * ******************************************************************************/ static void hidh_l2cif_config_cfm(uint16_t l2cap_cid, tL2CAP_CFG_INFO* p_cfg) { uint8_t dhandle; tHID_CONN* p_hcon = NULL; uint32_t reason; HIDH_TRACE_EVENT("HID-Host Rcvd cfg cfm, CID: 0x%x Result: %d", l2cap_cid, p_cfg->result); /* Find CCB based on CID */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) p_hcon = &hh_cb.devices[dhandle].conn; if (p_hcon == NULL) { HIDH_TRACE_WARNING("HID-Host Rcvd L2CAP cfg ind, unknown CID: 0x%x", l2cap_cid); return; } /* If configuration failed, disconnect the channel(s) */ if (p_cfg->result != L2CAP_CFG_OK) { hidh_conn_disconnect(dhandle); reason = HID_L2CAP_CFG_FAIL | (uint32_t)p_cfg->result; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, reason, NULL); return; } if (l2cap_cid == p_hcon->ctrl_cid) { p_hcon->conn_flags |= HID_CONN_FLAGS_MY_CTRL_CFG_DONE; if ((p_hcon->conn_flags & HID_CONN_FLAGS_IS_ORIG) && (p_hcon->conn_flags & HID_CONN_FLAGS_HIS_CTRL_CFG_DONE)) { /* Connect interrupt channel */ p_hcon->disc_reason = HID_L2CAP_CONN_FAIL; /* Reset initial reason for CLOSE_EVT: Connection Attempt was made but failed */ p_hcon->intr_cid = L2CA_ConnectReq(HID_PSM_INTERRUPT, hh_cb.devices[dhandle].addr); if (p_hcon->intr_cid == 0) { HIDH_TRACE_WARNING("HID-Host INTR Originate failed"); reason = HID_L2CAP_REQ_FAIL; p_hcon->conn_state = HID_CONN_STATE_UNUSED; hidh_conn_disconnect(dhandle); hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, reason, NULL); return; } else { /* Transition to the next appropriate state, waiting for connection * confirm on interrupt channel. */ p_hcon->conn_state = HID_CONN_STATE_CONNECTING_INTR; } } } else p_hcon->conn_flags |= HID_CONN_FLAGS_MY_INTR_CFG_DONE; /* If all configuration is complete, change state and tell management we are * up */ if (((p_hcon->conn_flags & HID_CONN_FLAGS_ALL_CONFIGURED) == HID_CONN_FLAGS_ALL_CONFIGURED) && (p_hcon->conn_state == HID_CONN_STATE_CONFIG)) { p_hcon->conn_state = HID_CONN_STATE_CONNECTED; /* Reset disconnect reason to success, as connection successful */ p_hcon->disc_reason = HID_SUCCESS; hh_cb.devices[dhandle].state = HID_DEV_CONNECTED; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_OPEN, 0, NULL); } } /******************************************************************************* * * Function hidh_l2cif_disconnect_ind * * Description This function handles a disconnect event from L2CAP. If * requested to, we ack the disconnect before dropping the CCB * * Returns void * ******************************************************************************/ static void hidh_l2cif_disconnect_ind(uint16_t l2cap_cid, bool ack_needed) { uint8_t dhandle; tHID_CONN* p_hcon = NULL; uint16_t disc_res = HCI_SUCCESS; uint16_t hid_close_evt_reason; /* Find CCB based on CID */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) p_hcon = &hh_cb.devices[dhandle].conn; if (p_hcon == NULL) { HIDH_TRACE_WARNING("HID-Host Rcvd L2CAP disc, unknown CID: 0x%x", l2cap_cid); return; } if (ack_needed) L2CA_DisconnectRsp(l2cap_cid); HIDH_TRACE_EVENT("HID-Host Rcvd L2CAP disc, CID: 0x%x", l2cap_cid); p_hcon->conn_state = HID_CONN_STATE_DISCONNECTING; if (l2cap_cid == p_hcon->ctrl_cid) p_hcon->ctrl_cid = 0; else p_hcon->intr_cid = 0; if ((p_hcon->ctrl_cid == 0) && (p_hcon->intr_cid == 0)) { hh_cb.devices[dhandle].state = HID_DEV_NO_CONN; p_hcon->conn_state = HID_CONN_STATE_UNUSED; if (!ack_needed) disc_res = btm_get_acl_disc_reason_code(); #if (HID_HOST_MAX_CONN_RETRY > 0) if ((disc_res == HCI_ERR_CONNECTION_TOUT || disc_res == HCI_ERR_UNSPECIFIED) && (!(hh_cb.devices[dhandle].attr_mask & HID_RECONN_INIT)) && (hh_cb.devices[dhandle].attr_mask & HID_NORMALLY_CONNECTABLE)) { hh_cb.devices[dhandle].conn_tries = 0; uint64_t interval_ms = HID_HOST_REPAGE_WIN * 1000; alarm_set_on_mloop(hh_cb.devices[dhandle].conn.process_repage_timer, interval_ms, hidh_process_repage_timer_timeout, UINT_TO_PTR(dhandle)); hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, disc_res, NULL); } else #endif { /* Set reason code for HID_HDEV_EVT_CLOSE */ hid_close_evt_reason = p_hcon->disc_reason; /* If we got baseband sent HCI_DISCONNECT_COMPLETE_EVT due to security * failure, then set reason to HID_ERR_AUTH_FAILED */ if ((disc_res == HCI_ERR_AUTH_FAILURE) || (disc_res == HCI_ERR_KEY_MISSING) || (disc_res == HCI_ERR_HOST_REJECT_SECURITY) || (disc_res == HCI_ERR_PAIRING_NOT_ALLOWED) || (disc_res == HCI_ERR_UNIT_KEY_USED) || (disc_res == HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED) || (disc_res == HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE) || (disc_res == HCI_ERR_REPEATED_ATTEMPTS)) { hid_close_evt_reason = HID_ERR_AUTH_FAILED; } hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, hid_close_evt_reason, NULL); } } } /******************************************************************************* * * Function hidh_l2cif_disconnect_cfm * * Description This function handles a disconnect confirm event from L2CAP. * * Returns void * ******************************************************************************/ static void hidh_l2cif_disconnect_cfm(uint16_t l2cap_cid, UNUSED_ATTR uint16_t result) { uint8_t dhandle; tHID_CONN* p_hcon = NULL; /* Find CCB based on CID */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) p_hcon = &hh_cb.devices[dhandle].conn; if (p_hcon == NULL) { HIDH_TRACE_WARNING("HID-Host Rcvd L2CAP disc cfm, unknown CID: 0x%x", l2cap_cid); return; } HIDH_TRACE_EVENT("HID-Host Rcvd L2CAP disc cfm, CID: 0x%x", l2cap_cid); if (l2cap_cid == p_hcon->ctrl_cid) p_hcon->ctrl_cid = 0; else { p_hcon->intr_cid = 0; if (p_hcon->ctrl_cid) { HIDH_TRACE_EVENT("HID-Host Initiating L2CAP Ctrl disconnection"); L2CA_DisconnectReq(p_hcon->ctrl_cid); } } if ((p_hcon->ctrl_cid == 0) && (p_hcon->intr_cid == 0)) { hh_cb.devices[dhandle].state = HID_DEV_NO_CONN; p_hcon->conn_state = HID_CONN_STATE_UNUSED; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, p_hcon->disc_reason, NULL); } } /******************************************************************************* * * Function hidh_l2cif_cong_ind * * Description This function handles a congestion status event from L2CAP. * * Returns void * ******************************************************************************/ static void hidh_l2cif_cong_ind(uint16_t l2cap_cid, bool congested) { uint8_t dhandle; tHID_CONN* p_hcon = NULL; /* Find CCB based on CID */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) p_hcon = &hh_cb.devices[dhandle].conn; if (p_hcon == NULL) { HIDH_TRACE_WARNING( "HID-Host Rcvd L2CAP congestion status, unknown CID: 0x%x", l2cap_cid); return; } HIDH_TRACE_EVENT("HID-Host Rcvd L2CAP congestion status, CID: 0x%x Cong: %d", l2cap_cid, congested); if (congested) p_hcon->conn_flags |= HID_CONN_FLAGS_CONGESTED; else { p_hcon->conn_flags &= ~HID_CONN_FLAGS_CONGESTED; } } /******************************************************************************* * * Function hidh_l2cif_data_ind * * Description This function is called when data is received from L2CAP. * if we are the originator of the connection, we are the SDP * client, and the received message is queued up for the * client. * * If we are the destination of the connection, we are the SDP * server, so the message is passed to the server processing * function. * * Returns void * ******************************************************************************/ static void hidh_l2cif_data_ind(uint16_t l2cap_cid, BT_HDR* p_msg) { uint8_t* p_data = (uint8_t*)(p_msg + 1) + p_msg->offset; uint8_t ttype, param, rep_type, evt; uint8_t dhandle; tHID_CONN* p_hcon = NULL; HIDH_TRACE_DEBUG("HID-Host hidh_l2cif_data_ind [l2cap_cid=0x%04x]", l2cap_cid); /* Find CCB based on CID */ dhandle = find_conn_by_cid(l2cap_cid); if (dhandle < HID_HOST_MAX_DEVICES) p_hcon = &hh_cb.devices[dhandle].conn; if (p_hcon == NULL) { HIDH_TRACE_WARNING("HID-Host Rcvd L2CAP data, unknown CID: 0x%x", l2cap_cid); osi_free(p_msg); return; } if (p_msg->len < 1) { HIDH_TRACE_WARNING("Rcvd L2CAP data, invalid length %d, should be >= 1", p_msg->len); osi_free(p_msg); android_errorWriteLog(0x534e4554, "80493272"); return; } ttype = HID_GET_TRANS_FROM_HDR(*p_data); param = HID_GET_PARAM_FROM_HDR(*p_data); rep_type = param & HID_PAR_REP_TYPE_MASK; p_data++; /* Get rid of the data type */ p_msg->len--; p_msg->offset++; switch (ttype) { case HID_TRANS_HANDSHAKE: hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_HANDSHAKE, param, NULL); osi_free(p_msg); break; case HID_TRANS_CONTROL: switch (param) { case HID_PAR_CONTROL_VIRTUAL_CABLE_UNPLUG: hidh_conn_disconnect(dhandle); /* Device is unplugging from us. Tell USB */ hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_VC_UNPLUG, 0, NULL); break; default: break; } osi_free(p_msg); break; case HID_TRANS_DATA: evt = (hh_cb.devices[dhandle].conn.intr_cid == l2cap_cid) ? HID_HDEV_EVT_INTR_DATA : HID_HDEV_EVT_CTRL_DATA; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, evt, rep_type, p_msg); break; case HID_TRANS_DATAC: evt = (hh_cb.devices[dhandle].conn.intr_cid == l2cap_cid) ? HID_HDEV_EVT_INTR_DATC : HID_HDEV_EVT_CTRL_DATC; hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, evt, rep_type, p_msg); break; default: osi_free(p_msg); break; } } /******************************************************************************* * * Function hidh_conn_snd_data * * Description This function is sends out data. * * Returns tHID_STATUS * ******************************************************************************/ tHID_STATUS hidh_conn_snd_data(uint8_t dhandle, uint8_t trans_type, uint8_t param, uint16_t data, uint8_t report_id, BT_HDR* buf) { tHID_CONN* p_hcon = &hh_cb.devices[dhandle].conn; BT_HDR* p_buf; uint8_t* p_out; uint16_t bytes_copied; bool seg_req = false; uint16_t data_size; uint16_t cid; uint16_t buf_size; uint8_t use_data = 0; bool blank_datc = false; if (!BTM_IsAclConnectionUp(hh_cb.devices[dhandle].addr, BT_TRANSPORT_BR_EDR)) { osi_free(buf); return HID_ERR_NO_CONNECTION; } if (p_hcon->conn_flags & HID_CONN_FLAGS_CONGESTED) { osi_free(buf); return HID_ERR_CONGESTED; } switch (trans_type) { case HID_TRANS_CONTROL: case HID_TRANS_GET_REPORT: case HID_TRANS_SET_REPORT: case HID_TRANS_GET_PROTOCOL: case HID_TRANS_SET_PROTOCOL: case HID_TRANS_GET_IDLE: case HID_TRANS_SET_IDLE: cid = p_hcon->ctrl_cid; buf_size = HID_CONTROL_BUF_SIZE; break; case HID_TRANS_DATA: cid = p_hcon->intr_cid; buf_size = HID_INTERRUPT_BUF_SIZE; break; default: return (HID_ERR_INVALID_PARAM); } if (trans_type == HID_TRANS_SET_IDLE) use_data = 1; else if ((trans_type == HID_TRANS_GET_REPORT) && (param & 0x08)) use_data = 2; do { if (buf == NULL || blank_datc) { p_buf = (BT_HDR*)osi_malloc(buf_size); p_buf->offset = L2CAP_MIN_OFFSET; seg_req = false; data_size = 0; bytes_copied = 0; blank_datc = false; } else if ((buf->len > (p_hcon->rem_mtu_size - 1))) { p_buf = (BT_HDR*)osi_malloc(buf_size); p_buf->offset = L2CAP_MIN_OFFSET; seg_req = true; data_size = buf->len; bytes_copied = p_hcon->rem_mtu_size - 1; } else { p_buf = buf; p_buf->offset -= 1; seg_req = false; data_size = buf->len; bytes_copied = buf->len; } p_out = (uint8_t*)(p_buf + 1) + p_buf->offset; *p_out++ = HID_BUILD_HDR(trans_type, param); /* If report ID required for this device */ if ((trans_type == HID_TRANS_GET_REPORT) && (report_id != 0)) { *p_out = report_id; data_size = bytes_copied = 1; } if (seg_req) { memcpy(p_out, (((uint8_t*)(buf + 1)) + buf->offset), bytes_copied); buf->offset += bytes_copied; buf->len -= bytes_copied; } else if (use_data == 1) { *(p_out + bytes_copied) = data & 0xff; } else if (use_data == 2) { *(p_out + bytes_copied) = data & 0xff; *(p_out + bytes_copied + 1) = (data >> 8) & 0xff; } p_buf->len = bytes_copied + 1 + use_data; data_size -= bytes_copied; /* Send the buffer through L2CAP */ if ((p_hcon->conn_flags & HID_CONN_FLAGS_CONGESTED) || (!L2CA_DataWrite(cid, p_buf))) return (HID_ERR_CONGESTED); if (data_size) trans_type = HID_TRANS_DATAC; else if (bytes_copied == (p_hcon->rem_mtu_size - 1)) { trans_type = HID_TRANS_DATAC; blank_datc = true; } } while ((data_size != 0) || blank_datc); return (HID_SUCCESS); } /******************************************************************************* * * Function hidh_conn_initiate * * Description This function is called by the management to create a * connection. * * Returns void * ******************************************************************************/ tHID_STATUS hidh_conn_initiate(uint8_t dhandle) { uint8_t service_id = BTM_SEC_SERVICE_HIDH_NOSEC_CTRL; uint32_t mx_chan_id = HID_NOSEC_CHN; tHID_HOST_DEV_CTB* p_dev = &hh_cb.devices[dhandle]; if (p_dev->conn.conn_state != HID_CONN_STATE_UNUSED) return (HID_ERR_CONN_IN_PROCESS); p_dev->conn.ctrl_cid = 0; p_dev->conn.intr_cid = 0; p_dev->conn.disc_reason = HID_L2CAP_CONN_FAIL; /* Reset initial reason for CLOSE_EVT: Connection Attempt was made but failed */ /* We are the originator of this connection */ p_dev->conn.conn_flags = HID_CONN_FLAGS_IS_ORIG; if (p_dev->attr_mask & HID_SEC_REQUIRED) { service_id = BTM_SEC_SERVICE_HIDH_SEC_CTRL; mx_chan_id = HID_SEC_CHN; } BTM_SetOutService(p_dev->addr, service_id, mx_chan_id); /* Check if L2CAP started the connection process */ p_dev->conn.ctrl_cid = L2CA_ConnectReq(HID_PSM_CONTROL, p_dev->addr); if (p_dev->conn.ctrl_cid == 0) { HIDH_TRACE_WARNING("HID-Host Originate failed"); hh_cb.callback(dhandle, hh_cb.devices[dhandle].addr, HID_HDEV_EVT_CLOSE, HID_ERR_L2CAP_FAILED, NULL); } else { /* Transition to the next appropriate state, waiting for connection confirm * on control channel. */ p_dev->conn.conn_state = HID_CONN_STATE_CONNECTING_CTRL; } return (HID_SUCCESS); } /******************************************************************************* * * Function find_conn_by_cid * * Description This function finds a connection control block based on CID * * Returns address of control block, or NULL if not found * ******************************************************************************/ static uint8_t find_conn_by_cid(uint16_t cid) { uint8_t xx; for (xx = 0; xx < HID_HOST_MAX_DEVICES; xx++) { if ((hh_cb.devices[xx].in_use) && (hh_cb.devices[xx].conn.conn_state != HID_CONN_STATE_UNUSED) && ((hh_cb.devices[xx].conn.ctrl_cid == cid) || (hh_cb.devices[xx].conn.intr_cid == cid))) break; } return (xx); } void hidh_conn_dereg(void) { L2CA_Deregister(HID_PSM_CONTROL); L2CA_Deregister(HID_PSM_INTERRUPT); } /******************************************************************************* * * Function hidh_conn_retry * * Description This function is called to retry a failed connection. * * Returns void * ******************************************************************************/ static void hidh_conn_retry(uint8_t dhandle) { tHID_HOST_DEV_CTB* p_dev = &hh_cb.devices[dhandle]; p_dev->conn.conn_state = HID_CONN_STATE_UNUSED; #if (HID_HOST_REPAGE_WIN > 0) uint64_t interval_ms = HID_HOST_REPAGE_WIN * 1000; alarm_set_on_mloop(p_dev->conn.process_repage_timer, interval_ms, hidh_process_repage_timer_timeout, UINT_TO_PTR(dhandle)); #else hidh_try_repage(dhandle); #endif }