1 /* $NetBSD: l2cap_lower.c,v 1.9 2008/08/05 13:08:31 plunky Exp $ */ 2 3 /*- 4 * Copyright (c) 2005 Iain Hibbert. 5 * Copyright (c) 2006 Itronix Inc. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. The name of Itronix Inc. may not be used to endorse 17 * or promote products derived from this software without specific 18 * prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY 24 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 27 * ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #include <sys/cdefs.h> 34 __KERNEL_RCSID(0, "$NetBSD: l2cap_lower.c,v 1.9 2008/08/05 13:08:31 plunky Exp $"); 35 36 #include <sys/param.h> 37 #include <sys/kernel.h> 38 #include <sys/malloc.h> 39 #include <sys/mbuf.h> 40 #include <sys/proc.h> 41 #include <sys/queue.h> 42 #include <sys/systm.h> 43 44 #include <netbt/bluetooth.h> 45 #include <netbt/hci.h> 46 #include <netbt/l2cap.h> 47 48 /**************************************************************************** 49 * 50 * L2CAP Channel Lower Layer interface 51 */ 52 53 /* 54 * L2CAP channel is disconnected, could be: 55 * 56 * HCI layer received "Disconnect Complete" event for ACL link 57 * some Request timed out 58 * Config failed 59 * Other end reported invalid CID 60 * Normal disconnection 61 * Change link mode failed 62 */ 63 void 64 l2cap_close(struct l2cap_channel *chan, int err) 65 { 66 struct l2cap_pdu *pdu; 67 struct l2cap_req *req, *n; 68 69 if (chan->lc_state == L2CAP_CLOSED) 70 return; 71 72 /* 73 * Since any potential PDU could be half sent we just let it go, 74 * but disassociate ourselves from it as links deal with ownerless 75 * PDU's in any case. We could try harder to flush unsent packets 76 * but maybe its better to leave them in the queue? 77 */ 78 TAILQ_FOREACH(pdu, &chan->lc_link->hl_txq, lp_next) { 79 if (pdu->lp_chan == chan) 80 pdu->lp_chan = NULL; 81 } 82 83 /* 84 * and clear any outstanding requests.. 85 */ 86 req = TAILQ_FIRST(&chan->lc_link->hl_reqs); 87 while (req != NULL) { 88 n = TAILQ_NEXT(req, lr_next); 89 if (req->lr_chan == chan) 90 l2cap_request_free(req); 91 92 req = n; 93 } 94 95 chan->lc_pending = 0; 96 chan->lc_state = L2CAP_CLOSED; 97 hci_acl_close(chan->lc_link, err); 98 chan->lc_link = NULL; 99 100 (*chan->lc_proto->disconnected)(chan->lc_upper, err); 101 } 102 103 /* 104 * Process incoming L2CAP frame from ACL link. We take off the B-Frame 105 * header (which is present in all packets), verify the data length 106 * and distribute the rest of the frame to the relevant channel 107 * handler. 108 */ 109 void 110 l2cap_recv_frame(struct mbuf *m, struct hci_link *link) 111 { 112 struct l2cap_channel *chan; 113 l2cap_hdr_t hdr; 114 115 m_copydata(m, 0, sizeof(hdr), &hdr); 116 m_adj(m, sizeof(hdr)); 117 118 hdr.length = le16toh(hdr.length); 119 hdr.dcid = le16toh(hdr.dcid); 120 121 DPRINTFN(5, "(%s) received packet (%d bytes)\n", 122 device_xname(link->hl_unit->hci_dev), hdr.length); 123 124 if (hdr.length != m->m_pkthdr.len) 125 goto failed; 126 127 if (hdr.dcid == L2CAP_SIGNAL_CID) { 128 l2cap_recv_signal(m, link); 129 return; 130 } 131 132 if (hdr.dcid == L2CAP_CLT_CID) { 133 m_freem(m); /* TODO */ 134 return; 135 } 136 137 chan = l2cap_cid_lookup(hdr.dcid); 138 if (chan != NULL && chan->lc_link == link 139 && chan->lc_imtu >= hdr.length 140 && chan->lc_state == L2CAP_OPEN) { 141 (*chan->lc_proto->input)(chan->lc_upper, m); 142 return; 143 } 144 145 DPRINTF("(%s) invalid L2CAP packet dropped, CID #%d, length %d\n", 146 device_xname(link->hl_unit->hci_dev), hdr.dcid, hdr.length); 147 148 failed: 149 m_freem(m); 150 } 151 152 /* 153 * Start another L2CAP packet on its way. This is called from l2cap_send 154 * (when no PDU is pending) and hci_acl_start (when PDU has been placed on 155 * device queue). Thus we can have more than one PDU waiting at the device 156 * if space is available but no single channel will hog the link. 157 */ 158 int 159 l2cap_start(struct l2cap_channel *chan) 160 { 161 struct mbuf *m; 162 int err = 0; 163 164 if (chan->lc_state != L2CAP_OPEN) 165 return 0; 166 167 if (MBUFQ_FIRST(&chan->lc_txq) == NULL) { 168 DPRINTFN(5, "no data, pending = %d\n", chan->lc_pending); 169 /* 170 * If we are just waiting for the queue to flush 171 * and it has, we may disconnect.. 172 */ 173 if (chan->lc_flags & L2CAP_SHUTDOWN 174 && chan->lc_pending == 0) { 175 chan->lc_state = L2CAP_WAIT_DISCONNECT; 176 err = l2cap_send_disconnect_req(chan); 177 if (err) 178 l2cap_close(chan, err); 179 } 180 181 return err; 182 } 183 184 /* 185 * We could check QoS/RFC mode here and optionally not send 186 * the packet if we are not ready for any reason 187 * 188 * Also to support flush timeout then we might want to start 189 * the timer going? (would need to keep some kind of record 190 * of packets sent, possibly change it so that we allocate 191 * the l2cap_pdu and fragment the packet, then hand it down 192 * and get it back when its completed). Hm. 193 */ 194 195 MBUFQ_DEQUEUE(&chan->lc_txq, m); 196 197 KASSERT(chan->lc_link != NULL); 198 KASSERT(m != NULL); 199 200 DPRINTFN(5, "CID #%d sending packet (%d bytes)\n", 201 chan->lc_lcid, m->m_pkthdr.len); 202 203 chan->lc_pending++; 204 return hci_acl_send(m, chan->lc_link, chan); 205 } 206