1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the L2CAP API code
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_l2cap"
26
27 #include <base/logging.h>
28 #include <base/strings/stringprintf.h>
29 #include <cstdint>
30 #include <string>
31
32 #include "btm_sec.h"
33 #include "device/include/controller.h" // TODO Remove
34 #include "main/shim/l2c_api.h"
35 #include "main/shim/shim.h"
36 #include "osi/include/log.h"
37 #include "stack/include/l2c_api.h"
38 #include "stack/l2cap/l2c_int.h"
39
40 void btsnd_hcic_enhanced_flush(uint16_t handle,
41 uint8_t packet_type); // TODO Remove
42
43 using base::StringPrintf;
44
l2c_get_transport_from_fixed_cid(uint16_t fixed_cid)45 tBT_TRANSPORT l2c_get_transport_from_fixed_cid(uint16_t fixed_cid) {
46 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
47 return BT_TRANSPORT_LE;
48 return BT_TRANSPORT_BR_EDR;
49 }
50
L2CA_Register2(uint16_t psm,const tL2CAP_APPL_INFO & p_cb_info,bool enable_snoop,tL2CAP_ERTM_INFO * p_ertm_info,uint16_t my_mtu,uint16_t required_remote_mtu,uint16_t sec_level)51 uint16_t L2CA_Register2(uint16_t psm, const tL2CAP_APPL_INFO& p_cb_info,
52 bool enable_snoop, tL2CAP_ERTM_INFO* p_ertm_info,
53 uint16_t my_mtu, uint16_t required_remote_mtu,
54 uint16_t sec_level) {
55 auto ret = L2CA_Register(psm, p_cb_info, enable_snoop, p_ertm_info, my_mtu,
56 required_remote_mtu, sec_level);
57 BTM_SetSecurityLevel(false, "", 0, sec_level, psm, 0, 0);
58 return ret;
59 }
60
61 /*******************************************************************************
62 *
63 * Function L2CA_Register
64 *
65 * Description Other layers call this function to register for L2CAP
66 * services.
67 *
68 * Returns PSM to use or zero if error. Typically, the PSM returned
69 * is the same as was passed in, but for an outgoing-only
70 * connection to a dynamic PSM, a "virtual" PSM is returned
71 * and should be used in the calls to L2CA_ConnectReq(),
72 * L2CA_ErtmConnectReq() and L2CA_Deregister()
73 *
74 ******************************************************************************/
L2CA_Register(uint16_t psm,const tL2CAP_APPL_INFO & p_cb_info,bool enable_snoop,tL2CAP_ERTM_INFO * p_ertm_info,uint16_t my_mtu,uint16_t required_remote_mtu,uint16_t sec_level)75 uint16_t L2CA_Register(uint16_t psm, const tL2CAP_APPL_INFO& p_cb_info,
76 bool enable_snoop, tL2CAP_ERTM_INFO* p_ertm_info,
77 uint16_t my_mtu, uint16_t required_remote_mtu,
78 uint16_t sec_level) {
79 if (bluetooth::shim::is_gd_l2cap_enabled()) {
80 return bluetooth::shim::L2CA_Register(psm, p_cb_info, enable_snoop,
81 p_ertm_info, my_mtu,
82 required_remote_mtu, sec_level);
83 }
84
85 const bool config_cfm_cb = (p_cb_info.pL2CA_ConfigCfm_Cb != nullptr);
86 const bool config_ind_cb = (p_cb_info.pL2CA_ConfigInd_Cb != nullptr);
87 const bool data_ind_cb = (p_cb_info.pL2CA_DataInd_Cb != nullptr);
88 const bool disconnect_ind_cb = (p_cb_info.pL2CA_DisconnectInd_Cb != nullptr);
89
90 tL2C_RCB* p_rcb;
91 uint16_t vpsm = psm;
92
93 /* Verify that the required callback info has been filled in
94 ** Note: Connection callbacks are required but not checked
95 ** for here because it is possible to be only a client
96 ** or only a server.
97 */
98 if (!config_cfm_cb || !data_ind_cb || !disconnect_ind_cb) {
99 LOG_ERROR(
100 "L2CAP - no cb registering PSM: 0x%04x cfg_cfm:%u cfg_ind:%u"
101 " data_ind:%u discon_int:%u",
102 psm, config_cfm_cb, config_ind_cb, data_ind_cb, disconnect_ind_cb);
103 return (0);
104 }
105
106 /* Verify PSM is valid */
107 if (L2C_INVALID_PSM(psm)) {
108 LOG_ERROR("L2CAP - invalid PSM value, PSM: 0x%04x", psm);
109 return (0);
110 }
111
112 /* Check if this is a registration for an outgoing-only connection to */
113 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
114 if ((psm >= 0x1001) && (p_cb_info.pL2CA_ConnectInd_Cb == NULL)) {
115 for (vpsm = 0x1002; vpsm < 0x8000; vpsm += 2) {
116 p_rcb = l2cu_find_rcb_by_psm(vpsm);
117 if (p_rcb == NULL) break;
118 }
119
120 LOG_DEBUG("L2CAP - Real PSM: 0x%04x Virtual PSM: 0x%04x", psm, vpsm);
121 }
122
123 /* If registration block already there, just overwrite it */
124 p_rcb = l2cu_find_rcb_by_psm(vpsm);
125 if (p_rcb == NULL) {
126 p_rcb = l2cu_allocate_rcb(vpsm);
127 if (p_rcb == NULL) {
128 LOG_WARN("L2CAP - no RCB available, PSM: 0x%04x vPSM: 0x%04x", psm,
129 vpsm);
130 return (0);
131 }
132 }
133
134 LOG_INFO("L2CAP Registered service classic PSM: 0x%04x", psm);
135 p_rcb->log_packets = enable_snoop;
136 p_rcb->api = p_cb_info;
137 p_rcb->real_psm = psm;
138 p_rcb->ertm_info = p_ertm_info == nullptr
139 ? tL2CAP_ERTM_INFO{L2CAP_FCR_BASIC_MODE}
140 : *p_ertm_info;
141 p_rcb->my_mtu = my_mtu;
142 p_rcb->required_remote_mtu =
143 std::max<uint16_t>(required_remote_mtu, L2CAP_MIN_MTU);
144
145 return (vpsm);
146 }
147
148 /*******************************************************************************
149 *
150 * Function L2CA_Deregister
151 *
152 * Description Other layers call this function to de-register for L2CAP
153 * services.
154 *
155 * Returns void
156 *
157 ******************************************************************************/
L2CA_Deregister(uint16_t psm)158 void L2CA_Deregister(uint16_t psm) {
159 if (bluetooth::shim::is_gd_l2cap_enabled()) {
160 return bluetooth::shim::L2CA_Deregister(psm);
161 }
162
163 tL2C_RCB* p_rcb;
164 tL2C_CCB* p_ccb;
165 tL2C_LCB* p_lcb;
166 int ii;
167
168 L2CAP_TRACE_API("L2CAP - L2CA_Deregister() called for PSM: 0x%04x", psm);
169
170 p_rcb = l2cu_find_rcb_by_psm(psm);
171 if (p_rcb != NULL) {
172 p_lcb = &l2cb.lcb_pool[0];
173 for (ii = 0; ii < MAX_L2CAP_LINKS; ii++, p_lcb++) {
174 if (p_lcb->in_use) {
175 p_ccb = p_lcb->ccb_queue.p_first_ccb;
176 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) {
177 continue;
178 }
179
180 if ((p_ccb->in_use) &&
181 ((p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP) ||
182 (p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))) {
183 continue;
184 }
185
186 if (p_ccb->p_rcb == p_rcb) {
187 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
188 }
189 }
190 }
191 l2cu_release_rcb(p_rcb);
192 } else {
193 L2CAP_TRACE_WARNING("L2CAP - PSM: 0x%04x not found for deregistration",
194 psm);
195 }
196 }
197
198 /*******************************************************************************
199 *
200 * Function L2CA_AllocateLePSM
201 *
202 * Description To find an unused LE PSM for L2CAP services.
203 *
204 * Returns LE_PSM to use if success. Otherwise returns 0.
205 *
206 ******************************************************************************/
L2CA_AllocateLePSM(void)207 uint16_t L2CA_AllocateLePSM(void) {
208 if (bluetooth::shim::is_gd_l2cap_enabled()) {
209 return bluetooth::shim::L2CA_AllocateLePSM();
210 }
211
212 bool done = false;
213 uint16_t psm = l2cb.le_dyn_psm;
214 uint16_t count = 0;
215
216 L2CAP_TRACE_API("%s: last psm=%d", __func__, psm);
217 while (!done) {
218 count++;
219 if (count > LE_DYNAMIC_PSM_RANGE) {
220 L2CAP_TRACE_ERROR("%s: Out of free BLE PSM", __func__);
221 return 0;
222 }
223
224 psm++;
225 if (psm > LE_DYNAMIC_PSM_END) {
226 psm = LE_DYNAMIC_PSM_START;
227 }
228
229 if (!l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START]) {
230 /* make sure the newly allocated psm is not used right now */
231 if (l2cu_find_ble_rcb_by_psm(psm)) {
232 L2CAP_TRACE_WARNING("%s: supposedly-free PSM=%d have allocated rcb!",
233 __func__, psm);
234 continue;
235 }
236
237 l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START] = true;
238 L2CAP_TRACE_DEBUG("%s: assigned PSM=%d", __func__, psm);
239 done = true;
240 break;
241 }
242 }
243 l2cb.le_dyn_psm = psm;
244
245 return (psm);
246 }
247
248 /*******************************************************************************
249 *
250 * Function L2CA_FreeLePSM
251 *
252 * Description Free an assigned LE PSM.
253 *
254 * Returns void
255 *
256 ******************************************************************************/
L2CA_FreeLePSM(uint16_t psm)257 void L2CA_FreeLePSM(uint16_t psm) {
258 if (bluetooth::shim::is_gd_l2cap_enabled()) {
259 return bluetooth::shim::L2CA_FreeLePSM(psm);
260 }
261
262 L2CAP_TRACE_API("%s: to free psm=%d", __func__, psm);
263
264 if ((psm < LE_DYNAMIC_PSM_START) || (psm > LE_DYNAMIC_PSM_END)) {
265 L2CAP_TRACE_ERROR("%s: Invalid PSM=%d value!", __func__, psm);
266 return;
267 }
268
269 if (!l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START]) {
270 L2CAP_TRACE_WARNING("%s: PSM=%d was not allocated!", __func__, psm);
271 }
272 l2cb.le_dyn_psm_assigned[psm - LE_DYNAMIC_PSM_START] = false;
273 }
274
L2CA_ConnectReq2(uint16_t psm,const RawAddress & p_bd_addr,uint16_t sec_level)275 uint16_t L2CA_ConnectReq2(uint16_t psm, const RawAddress& p_bd_addr,
276 uint16_t sec_level) {
277 BTM_SetSecurityLevel(true, "", 0, sec_level, psm, 0, 0);
278 return L2CA_ConnectReq(psm, p_bd_addr);
279 }
280
281 /*******************************************************************************
282 *
283 * Function L2CA_ConnectReq
284 *
285 * Description Higher layers call this function to create an L2CAP
286 * connection.
287 * Note that the connection is not established at this time,
288 * but connection establishment gets started. The callback
289 * will be invoked when connection establishes or fails.
290 *
291 * Returns the CID of the connection, or 0 if it failed to start
292 *
293 ******************************************************************************/
L2CA_ConnectReq(uint16_t psm,const RawAddress & p_bd_addr)294 uint16_t L2CA_ConnectReq(uint16_t psm, const RawAddress& p_bd_addr) {
295 if (bluetooth::shim::is_gd_l2cap_enabled()) {
296 return bluetooth::shim::L2CA_ConnectReq(psm, p_bd_addr);
297 }
298
299 VLOG(1) << __func__ << "BDA " << p_bd_addr
300 << StringPrintf(" PSM: 0x%04x", psm);
301
302 /* Fail if we have not established communications with the controller */
303 if (!BTM_IsDeviceUp()) {
304 LOG(WARNING) << __func__ << ": BTU not ready";
305 return 0;
306 }
307 /* Fail if the PSM is not registered */
308 tL2C_RCB* p_rcb = l2cu_find_rcb_by_psm(psm);
309 if (p_rcb == nullptr) {
310 LOG(WARNING) << __func__ << ": no RCB, PSM=" << loghex(psm);
311 return 0;
312 }
313
314 /* First, see if we already have a link to the remote */
315 /* assume all ERTM l2cap connection is going over BR/EDR for now */
316 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_BR_EDR);
317 if (p_lcb == nullptr) {
318 /* No link. Get an LCB and start link establishment */
319 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_BR_EDR);
320 /* currently use BR/EDR for ERTM mode l2cap connection */
321 if (p_lcb == nullptr) {
322 LOG(WARNING) << __func__
323 << ": connection not started for PSM=" << loghex(psm)
324 << ", p_lcb=" << p_lcb;
325 return 0;
326 }
327 l2cu_create_conn_br_edr(p_lcb);
328 }
329
330 /* Allocate a channel control block */
331 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
332 if (p_ccb == nullptr) {
333 LOG(WARNING) << __func__ << ": no CCB, PSM=" << loghex(psm);
334 return 0;
335 }
336
337 /* Save registration info */
338 p_ccb->p_rcb = p_rcb;
339
340 p_ccb->connection_initiator = L2CAP_INITIATOR_LOCAL;
341
342 /* If link is up, start the L2CAP connection */
343 if (p_lcb->link_state == LST_CONNECTED) {
344 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, nullptr);
345 } else if (p_lcb->link_state == LST_DISCONNECTING) {
346 /* If link is disconnecting, save link info to retry after disconnect
347 * Possible Race condition when a reconnect occurs
348 * on the channel during a disconnect of link. This
349 * ccb will be automatically retried after link disconnect
350 * arrives
351 */
352 L2CAP_TRACE_DEBUG("L2CAP API - link disconnecting: RETRY LATER");
353
354 /* Save ccb so it can be started after disconnect is finished */
355 p_lcb->p_pending_ccb = p_ccb;
356 }
357
358 L2CAP_TRACE_API("L2CAP - L2CA_conn_req(psm: 0x%04x) returned CID: 0x%04x",
359 psm, p_ccb->local_cid);
360
361 /* Return the local CID as our handle */
362 return p_ccb->local_cid;
363 }
364
365 /*******************************************************************************
366 *
367 * Function L2CA_RegisterLECoc
368 *
369 * Description Other layers call this function to register for L2CAP
370 * Connection Oriented Channel.
371 *
372 * Returns PSM to use or zero if error. Typically, the PSM returned
373 * is the same as was passed in, but for an outgoing-only
374 * connection to a dynamic PSM, a "virtual" PSM is returned
375 * and should be used in the calls to L2CA_ConnectLECocReq()
376 * and L2CA_DeregisterLECoc()
377 *
378 ******************************************************************************/
L2CA_RegisterLECoc(uint16_t psm,const tL2CAP_APPL_INFO & p_cb_info,uint16_t sec_level,tL2CAP_LE_CFG_INFO cfg)379 uint16_t L2CA_RegisterLECoc(uint16_t psm, const tL2CAP_APPL_INFO& p_cb_info,
380 uint16_t sec_level, tL2CAP_LE_CFG_INFO cfg) {
381 if (bluetooth::shim::is_gd_l2cap_enabled()) {
382 return bluetooth::shim::L2CA_RegisterLECoc(psm, p_cb_info, sec_level, cfg);
383 }
384
385 if (p_cb_info.pL2CA_ConnectInd_Cb != nullptr || psm < LE_DYNAMIC_PSM_START) {
386 // If we register LE COC for outgoing connection only, don't register with
387 // BTM_Sec, because it's handled by L2CA_ConnectLECocReq.
388 BTM_SetSecurityLevel(false, "", 0, sec_level, psm, 0, 0);
389 }
390
391 /* Verify that the required callback info has been filled in
392 ** Note: Connection callbacks are required but not checked
393 ** for here because it is possible to be only a client
394 ** or only a server.
395 */
396 if ((!p_cb_info.pL2CA_DataInd_Cb) || (!p_cb_info.pL2CA_DisconnectInd_Cb)) {
397 LOG_ERROR("No cb registering BLE PSM: 0x%04x", psm);
398 return 0;
399 }
400
401 /* Verify PSM is valid */
402 if (!L2C_IS_VALID_LE_PSM(psm)) {
403 LOG_ERROR("Invalid BLE PSM value, PSM: 0x%04x", psm);
404 return 0;
405 }
406
407 tL2C_RCB* p_rcb;
408 uint16_t vpsm = psm;
409
410 /* Check if this is a registration for an outgoing-only connection to */
411 /* a dynamic PSM. If so, allocate a "virtual" PSM for the app to use. */
412 if ((psm >= LE_DYNAMIC_PSM_START) &&
413 (p_cb_info.pL2CA_ConnectInd_Cb == NULL)) {
414 vpsm = L2CA_AllocateLePSM();
415 if (vpsm == 0) {
416 LOG_ERROR("Out of free BLE PSM");
417 return 0;
418 }
419
420 LOG_DEBUG("Real PSM: 0x%04x Virtual PSM: 0x%04x", psm, vpsm);
421 }
422
423 /* If registration block already there, just overwrite it */
424 p_rcb = l2cu_find_ble_rcb_by_psm(vpsm);
425 if (p_rcb == NULL) {
426 LOG_DEBUG("Allocate rcp for Virtual PSM: 0x%04x", vpsm);
427 p_rcb = l2cu_allocate_ble_rcb(vpsm);
428 if (p_rcb == NULL) {
429 LOG_WARN("No BLE RCB available, PSM: 0x%04x vPSM: 0x%04x", psm, vpsm);
430 return 0;
431 }
432 }
433
434 LOG_INFO("Registered service LE COC PSM: 0x%04x", psm);
435 p_rcb->api = p_cb_info;
436 p_rcb->real_psm = psm;
437 p_rcb->coc_cfg = cfg;
438
439 return vpsm;
440 }
441
442 /*******************************************************************************
443 *
444 * Function L2CA_DeregisterLECoc
445 *
446 * Description Other layers call this function to de-register for L2CAP
447 * Connection Oriented Channel.
448 *
449 * Returns void
450 *
451 ******************************************************************************/
L2CA_DeregisterLECoc(uint16_t psm)452 void L2CA_DeregisterLECoc(uint16_t psm) {
453 if (bluetooth::shim::is_gd_l2cap_enabled()) {
454 return bluetooth::shim::L2CA_DeregisterLECoc(psm);
455 }
456
457 L2CAP_TRACE_API("%s called for PSM: 0x%04x", __func__, psm);
458
459 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
460 if (p_rcb == NULL) {
461 L2CAP_TRACE_WARNING("%s PSM: 0x%04x not found for deregistration", __func__,
462 psm);
463 return;
464 }
465
466 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
467 for (int i = 0; i < MAX_L2CAP_LINKS; i++, p_lcb++) {
468 if (!p_lcb->in_use || p_lcb->transport != BT_TRANSPORT_LE) continue;
469
470 tL2C_CCB* p_ccb = p_lcb->ccb_queue.p_first_ccb;
471 if ((p_ccb == NULL) || (p_lcb->link_state == LST_DISCONNECTING)) continue;
472
473 if (p_ccb->in_use && (p_ccb->chnl_state == CST_W4_L2CAP_DISCONNECT_RSP ||
474 p_ccb->chnl_state == CST_W4_L2CA_DISCONNECT_RSP))
475 continue;
476
477 if (p_ccb->p_rcb == p_rcb)
478 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
479 }
480
481 l2cu_release_ble_rcb(p_rcb);
482 }
483
484 /*******************************************************************************
485 *
486 * Function L2CA_ConnectLECocReq
487 *
488 * Description Higher layers call this function to create an L2CAP
489 * connection. Note that the connection is not established at
490 * this time, but connection establishment gets started. The
491 * callback function will be invoked when connection
492 * establishes or fails.
493 *
494 * Parameters: PSM: L2CAP PSM for the connection
495 * BD address of the peer
496 * Local Coc configurations
497
498 * Returns the CID of the connection, or 0 if it failed to start
499 *
500 ******************************************************************************/
L2CA_ConnectLECocReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_LE_CFG_INFO * p_cfg,uint16_t sec_level)501 uint16_t L2CA_ConnectLECocReq(uint16_t psm, const RawAddress& p_bd_addr,
502 tL2CAP_LE_CFG_INFO* p_cfg, uint16_t sec_level) {
503 if (bluetooth::shim::is_gd_l2cap_enabled()) {
504 return bluetooth::shim::L2CA_ConnectLECocReq(psm, p_bd_addr, p_cfg);
505 }
506
507 BTM_SetSecurityLevel(true, "", 0, sec_level, psm, 0, 0);
508
509 VLOG(1) << __func__ << " BDA: " << p_bd_addr
510 << StringPrintf(" PSM: 0x%04x", psm);
511
512 /* Fail if we have not established communications with the controller */
513 if (!BTM_IsDeviceUp()) {
514 L2CAP_TRACE_WARNING("%s BTU not ready", __func__);
515 return 0;
516 }
517
518 /* Fail if the PSM is not registered */
519 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
520 if (p_rcb == NULL) {
521 L2CAP_TRACE_WARNING("%s No BLE RCB, PSM: 0x%04x", __func__, psm);
522 return 0;
523 }
524
525 /* First, see if we already have a le link to the remote */
526 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
527 if (p_lcb == NULL) {
528 /* No link. Get an LCB and start link establishment */
529 p_lcb = l2cu_allocate_lcb(p_bd_addr, false, BT_TRANSPORT_LE);
530 if ((p_lcb == NULL)
531 /* currently use BR/EDR for ERTM mode l2cap connection */
532 || (!l2cu_create_conn_le(p_lcb))) {
533 L2CAP_TRACE_WARNING("%s conn not started for PSM: 0x%04x p_lcb: 0x%08x",
534 __func__, psm, p_lcb);
535 return 0;
536 }
537 }
538
539 /* Allocate a channel control block */
540 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
541 if (p_ccb == NULL) {
542 L2CAP_TRACE_WARNING("%s no CCB, PSM: 0x%04x", __func__, psm);
543 return 0;
544 }
545
546 /* Save registration info */
547 p_ccb->p_rcb = p_rcb;
548
549 p_ccb->connection_initiator = L2CAP_INITIATOR_LOCAL;
550
551 /* Save the configuration */
552 if (p_cfg) {
553 p_ccb->local_conn_cfg = *p_cfg;
554 p_ccb->remote_credit_count = p_cfg->credits;
555 }
556
557 /* If link is up, start the L2CAP connection */
558 if (p_lcb->link_state == LST_CONNECTED) {
559 if (p_ccb->p_lcb->transport == BT_TRANSPORT_LE) {
560 L2CAP_TRACE_DEBUG("%s LE Link is up", __func__);
561 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CONNECT_REQ, NULL);
562 }
563 }
564
565 /* If link is disconnecting, save link info to retry after disconnect
566 * Possible Race condition when a reconnect occurs
567 * on the channel during a disconnect of link. This
568 * ccb will be automatically retried after link disconnect
569 * arrives
570 */
571 else if (p_lcb->link_state == LST_DISCONNECTING) {
572 L2CAP_TRACE_DEBUG("%s link disconnecting: RETRY LATER", __func__);
573
574 /* Save ccb so it can be started after disconnect is finished */
575 p_lcb->p_pending_ccb = p_ccb;
576 }
577
578 L2CAP_TRACE_API("%s(psm: 0x%04x) returned CID: 0x%04x", __func__, psm,
579 p_ccb->local_cid);
580
581 /* Return the local CID as our handle */
582 return p_ccb->local_cid;
583 }
584
585 /*******************************************************************************
586 *
587 * Function L2CA_GetPeerLECocConfig
588 *
589 * Description Get a peers configuration for LE Connection Oriented
590 * Channel.
591 *
592 * Parameters: local channel id
593 * Pointers to peers configuration storage area
594 *
595 * Return value: true if peer is connected
596 *
597 ******************************************************************************/
L2CA_GetPeerLECocConfig(uint16_t lcid,tL2CAP_LE_CFG_INFO * peer_cfg)598 bool L2CA_GetPeerLECocConfig(uint16_t lcid, tL2CAP_LE_CFG_INFO* peer_cfg) {
599 if (bluetooth::shim::is_gd_l2cap_enabled()) {
600 return bluetooth::shim::L2CA_GetPeerLECocConfig(lcid, peer_cfg);
601 }
602
603 L2CAP_TRACE_API("%s CID: 0x%04x", __func__, lcid);
604
605 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
606 if (p_ccb == NULL) {
607 L2CAP_TRACE_ERROR("%s No CCB for CID:0x%04x", __func__, lcid);
608 return false;
609 }
610
611 if (peer_cfg != NULL)
612 memcpy(peer_cfg, &p_ccb->peer_conn_cfg, sizeof(tL2CAP_LE_CFG_INFO));
613
614 return true;
615 }
616
617 /*******************************************************************************
618 *
619 * Function L2CA_ConnectCreditBasedRsp
620 *
621 * Description Response for the pL2CA_CreditBasedConnectInd_Cb which is the
622 * indication for peer requesting credit based connection.
623 *
624 * Parameters: BD address of the peer
625 * Identifier of the transaction
626 * Vector of accepted lcids by upper layer
627 * L2CAP result
628 * Local channel configuration
629 *
630 * Returns true for success, false for failure
631 *
632 ******************************************************************************/
L2CA_ConnectCreditBasedRsp(const RawAddress & p_bd_addr,uint8_t id,std::vector<uint16_t> & accepted_lcids,uint16_t result,tL2CAP_LE_CFG_INFO * p_cfg)633 bool L2CA_ConnectCreditBasedRsp(const RawAddress& p_bd_addr, uint8_t id,
634 std::vector<uint16_t>& accepted_lcids,
635 uint16_t result, tL2CAP_LE_CFG_INFO* p_cfg) {
636 if (bluetooth::shim::is_gd_l2cap_enabled()) {
637 return bluetooth::shim::L2CA_ConnectCreditBasedRsp(
638 p_bd_addr, id, accepted_lcids, result, p_cfg);
639 }
640
641 VLOG(1) << __func__ << " BDA: " << p_bd_addr
642 << StringPrintf(" num of cids: %d Result: %d",
643 int(accepted_lcids.size()), +result);
644
645 /* First, find the link control block */
646 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
647 if (p_lcb == NULL) {
648 /* No link. Get an LCB and start link establishment */
649 L2CAP_TRACE_WARNING("%s no LCB", __func__);
650 return false;
651 }
652
653 /* Now, find the channel control block. We kept lead cid.
654 */
655 tL2C_CCB* p_ccb = l2cu_find_ccb_by_cid(p_lcb, p_lcb->pending_lead_cid);
656
657 for (uint16_t cid : accepted_lcids) {
658 tL2C_CCB* temp_p_ccb = l2cu_find_ccb_by_cid(p_lcb, cid);
659 if (temp_p_ccb == NULL) {
660 L2CAP_TRACE_WARNING("%s no CCB", __func__);
661 return false;
662 }
663
664 if (p_cfg) {
665 temp_p_ccb->local_conn_cfg = *p_cfg;
666 temp_p_ccb->remote_credit_count = p_cfg->credits;
667 }
668 }
669
670 /* The IDs must match */
671 if (p_ccb->remote_id != id) {
672 L2CAP_TRACE_WARNING("%s bad id. Expected: %d Got: %d", __func__,
673 p_ccb->remote_id, id);
674 return false;
675 }
676
677 tL2C_CONN_INFO conn_info;
678 conn_info.lcids = accepted_lcids;
679 conn_info.bd_addr = p_bd_addr;
680 conn_info.l2cap_result = result;
681
682 if (accepted_lcids.size() > 0) {
683 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CREDIT_BASED_CONNECT_RSP, &conn_info);
684 } else {
685 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CREDIT_BASED_CONNECT_RSP_NEG,
686 &conn_info);
687 }
688
689 return true;
690 }
691 /*******************************************************************************
692 *
693 * Function L2CA_ConnectCreditBasedReq
694 *
695 * Description Initiate Create Credit Based connections.
696 *
697 * Parameters: PSM for the L2CAP channel
698 * BD address of the peer
699 * Local channel configuration
700 *
701 * Return value: Vector of allocated local cids.
702 *
703 ******************************************************************************/
704
L2CA_ConnectCreditBasedReq(uint16_t psm,const RawAddress & p_bd_addr,tL2CAP_LE_CFG_INFO * p_cfg)705 std::vector<uint16_t> L2CA_ConnectCreditBasedReq(uint16_t psm,
706 const RawAddress& p_bd_addr,
707 tL2CAP_LE_CFG_INFO* p_cfg) {
708 if (bluetooth::shim::is_gd_l2cap_enabled()) {
709 return bluetooth::shim::L2CA_ConnectCreditBasedReq(psm, p_bd_addr, p_cfg);
710 }
711
712 VLOG(1) << __func__ << " BDA: " << p_bd_addr
713 << StringPrintf(" PSM: 0x%04x", psm);
714
715 std::vector<uint16_t> allocated_cids;
716
717 /* Fail if we have not established communications with the controller */
718 if (!BTM_IsDeviceUp()) {
719 L2CAP_TRACE_WARNING("%s BTU not ready", __func__);
720 return allocated_cids;
721 }
722
723 if (!p_cfg) {
724 L2CAP_TRACE_WARNING("%s p_cfg is NULL", __func__);
725 return allocated_cids;
726 }
727
728 /* Fail if the PSM is not registered */
729 tL2C_RCB* p_rcb = l2cu_find_ble_rcb_by_psm(psm);
730 if (p_rcb == NULL) {
731 L2CAP_TRACE_WARNING("%s No BLE RCB, PSM: 0x%04x", __func__, psm);
732 return allocated_cids;
733 }
734
735 /* First, see if we already have a le link to the remote */
736 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(p_bd_addr, BT_TRANSPORT_LE);
737 if (p_lcb == NULL) {
738 L2CAP_TRACE_WARNING("%s No link available", __func__);
739 return allocated_cids;
740 }
741
742 if (p_lcb->link_state != LST_CONNECTED) {
743 L2CAP_TRACE_WARNING("%s incorrect link state: %d", __func__,
744 p_lcb->link_state);
745 return allocated_cids;
746 }
747
748 L2CAP_TRACE_DEBUG("%s LE Link is up", __func__);
749
750 tL2C_CCB* p_ccb_primary;
751
752 for (int i = 0; i < 5; i++) {
753 /* Allocate a channel control block */
754 tL2C_CCB* p_ccb = l2cu_allocate_ccb(p_lcb, 0);
755 if (p_ccb == NULL) {
756 if (i == 0) {
757 L2CAP_TRACE_WARNING("%s no CCB, PSM: 0x%04x", __func__, psm);
758 return allocated_cids;
759 } else {
760 break;
761 }
762 }
763
764 p_ccb->ecoc = true;
765 p_ccb->local_conn_cfg = *p_cfg;
766 p_ccb->remote_credit_count = p_cfg->credits;
767 /* Save registration info */
768 p_ccb->p_rcb = p_rcb;
769 if (i == 0) {
770 p_ccb_primary = p_ccb;
771 } else {
772 /* Only primary channel we keep in closed state, as in that
773 * context we will run state machine where security is checked etc.
774 * Others we can directly put into waiting for connect
775 * response, so those are not confused by system as incomming connections
776 */
777 p_ccb->chnl_state = CST_W4_L2CAP_CONNECT_RSP;
778 }
779
780 allocated_cids.push_back(p_ccb->local_cid);
781 }
782
783 for (int i = 0; i < (int)(allocated_cids.size()); i++)
784 p_lcb->pending_ecoc_connection_cids[i] = allocated_cids[i];
785
786 p_lcb->pending_ecoc_conn_cnt = (uint16_t)(allocated_cids.size());
787 l2c_csm_execute(p_ccb_primary, L2CEVT_L2CA_CREDIT_BASED_CONNECT_REQ, NULL);
788
789 L2CAP_TRACE_API("%s(psm: 0x%04x) returned CID: 0x%04x", __func__, psm,
790 p_ccb_primary->local_cid);
791
792 return allocated_cids;
793 }
794
795 /*******************************************************************************
796 *
797 * Function L2CA_ReconfigCreditBasedConnsReq
798 *
799 * Description Start reconfigure procedure on Connection Oriented Channel.
800 *
801 * Parameters: Vector of channels for which configuration should be changed
802 * New local channel configuration
803 *
804 * Return value: true if peer is connected
805 *
806 ******************************************************************************/
807
L2CA_ReconfigCreditBasedConnsReq(const RawAddress & bda,std::vector<uint16_t> & lcids,tL2CAP_LE_CFG_INFO * p_cfg)808 bool L2CA_ReconfigCreditBasedConnsReq(const RawAddress& bda,
809 std::vector<uint16_t>& lcids,
810 tL2CAP_LE_CFG_INFO* p_cfg) {
811 if (bluetooth::shim::is_gd_l2cap_enabled()) {
812 return bluetooth::shim::L2CA_ReconfigCreditBasedConnsReq(bda, lcids, p_cfg);
813 }
814
815 tL2C_CCB* p_ccb;
816
817 L2CAP_TRACE_API("L2CA_ReconfigCreditBasedConnsReq() ");
818
819 if (lcids.empty()) {
820 L2CAP_TRACE_WARNING("L2CAP - no lcids given to %s", __func__);
821 return (false);
822 }
823
824 for (uint16_t cid : lcids) {
825 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
826
827 if (!p_ccb) {
828 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_cfg_req, CID: %d", cid);
829 return (false);
830 }
831
832 if ((p_ccb->local_conn_cfg.mtu > p_cfg->mtu) ||
833 (p_ccb->local_conn_cfg.mps > p_cfg->mps)) {
834 L2CAP_TRACE_WARNING("L2CAP - MPS or MTU reduction, CID: %d", cid);
835 return (false);
836 }
837 }
838
839 if (p_cfg->mtu > L2CAP_MTU_SIZE) {
840 L2CAP_TRACE_WARNING("L2CAP - adjust MTU: %u too large", p_cfg->mtu);
841 p_cfg->mtu = L2CAP_MTU_SIZE;
842 }
843
844 /* Mark all the p_ccbs which going to be reconfigured */
845 for (uint16_t cid : lcids) {
846 L2CAP_TRACE_API(" cid: %d", cid);
847 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
848 if (!p_ccb) {
849 LOG(ERROR) << __func__ << "Missing cid? " << int(cid);
850 return (false);
851 }
852 p_ccb->reconfig_started = true;
853 }
854
855 tL2C_LCB* p_lcb = p_ccb->p_lcb;
856
857 /* Hack warning - the whole reconfig we are doing in the context of the first
858 * p_ccb. In the p_lcp we store configuration and cid in which context we are
859 * doing reconfiguration.
860 */
861 for (p_ccb = p_lcb->ccb_queue.p_first_ccb; p_ccb; p_ccb = p_ccb->p_next_ccb)
862 if ((p_ccb->in_use) && (p_ccb->ecoc) && (p_ccb->reconfig_started)) {
863 p_ccb->p_lcb->pending_ecoc_reconfig_cfg = *p_cfg;
864 p_ccb->p_lcb->pending_ecoc_reconfig_cnt = lcids.size();
865 break;
866 }
867
868 l2c_csm_execute(p_ccb, L2CEVT_L2CA_CREDIT_BASED_RECONFIG_REQ, p_cfg);
869
870 return (true);
871 }
872
873 /*******************************************************************************
874 *
875 * Function L2CA_DisconnectReq
876 *
877 * Description Higher layers call this function to disconnect a channel.
878 *
879 * Returns true if disconnect sent, else false
880 *
881 ******************************************************************************/
L2CA_DisconnectReq(uint16_t cid)882 bool L2CA_DisconnectReq(uint16_t cid) {
883 if (bluetooth::shim::is_gd_l2cap_enabled()) {
884 return bluetooth::shim::L2CA_DisconnectReq(cid);
885 }
886
887 tL2C_CCB* p_ccb;
888
889 /* Find the channel control block. We don't know the link it is on. */
890 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
891 if (p_ccb == NULL) {
892 LOG_WARN("L2CAP - no CCB for L2CA_disc_req, CID: %d", cid);
893 return (false);
894 }
895
896 LOG_DEBUG("L2CAP Local disconnect request CID: 0x%04x", cid);
897
898 l2c_csm_execute(p_ccb, L2CEVT_L2CA_DISCONNECT_REQ, NULL);
899
900 return (true);
901 }
902
L2CA_DisconnectLECocReq(uint16_t cid)903 bool L2CA_DisconnectLECocReq(uint16_t cid) {
904 if (bluetooth::shim::is_gd_l2cap_enabled()) {
905 return bluetooth::shim::L2CA_DisconnectLECocReq(cid);
906 }
907 return L2CA_DisconnectReq(cid);
908 }
909
L2CA_GetRemoteCid(uint16_t lcid,uint16_t * rcid)910 bool L2CA_GetRemoteCid(uint16_t lcid, uint16_t* rcid) {
911 if (bluetooth::shim::is_gd_l2cap_enabled()) {
912 return bluetooth::shim::L2CA_GetRemoteCid(lcid, rcid);
913 }
914
915 tL2C_CCB* control_block = l2cu_find_ccb_by_cid(NULL, lcid);
916 if (!control_block) return false;
917
918 if (rcid) *rcid = control_block->remote_cid;
919
920 return true;
921 }
922
923 /*******************************************************************************
924 *
925 * Function L2CA_SetIdleTimeoutByBdAddr
926 *
927 * Description Higher layers call this function to set the idle timeout for
928 * a connection. The "idle timeout" is the amount of time that
929 * a connection can remain up with no L2CAP channels on it.
930 * A timeout of zero means that the connection will be torn
931 * down immediately when the last channel is removed.
932 * A timeout of 0xFFFF means no timeout. Values are in seconds.
933 * A bd_addr is the remote BD address. If bd_addr =
934 * RawAddress::kAny, then the idle timeouts for all active
935 * l2cap links will be changed.
936 *
937 * Returns true if command succeeded, false if failed
938 *
939 * NOTE This timeout applies to all logical channels active on the
940 * ACL link.
941 ******************************************************************************/
L2CA_SetIdleTimeoutByBdAddr(const RawAddress & bd_addr,uint16_t timeout,tBT_TRANSPORT transport)942 bool L2CA_SetIdleTimeoutByBdAddr(const RawAddress& bd_addr, uint16_t timeout,
943 tBT_TRANSPORT transport) {
944 if (bluetooth::shim::is_gd_l2cap_enabled()) {
945 return bluetooth::shim::L2CA_SetIdleTimeoutByBdAddr(bd_addr, timeout,
946 transport);
947 }
948
949 tL2C_LCB* p_lcb;
950
951 if (RawAddress::kAny != bd_addr) {
952 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, transport);
953 if ((p_lcb) && (p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
954 p_lcb->idle_timeout = timeout;
955
956 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
957 } else
958 return false;
959 } else {
960 int xx;
961 tL2C_LCB* p_lcb = &l2cb.lcb_pool[0];
962
963 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_lcb++) {
964 if ((p_lcb->in_use) && (p_lcb->link_state == LST_CONNECTED)) {
965 p_lcb->idle_timeout = timeout;
966
967 if (!p_lcb->ccb_queue.p_first_ccb) l2cu_no_dynamic_ccbs(p_lcb);
968 }
969 }
970 }
971
972 return true;
973 }
974
975 /*******************************************************************************
976 *
977 * Function L2CA_SetTraceLevel
978 *
979 * Description This function sets the trace level for L2CAP. If called with
980 * a value of 0xFF, it simply reads the current trace level.
981 *
982 * Returns the new (current) trace level
983 *
984 ******************************************************************************/
L2CA_SetTraceLevel(uint8_t new_level)985 uint8_t L2CA_SetTraceLevel(uint8_t new_level) {
986 if (new_level != 0xFF) l2cb.l2cap_trace_level = new_level;
987
988 return (l2cb.l2cap_trace_level);
989 }
990
991 /*******************************************************************************
992 *
993 * Function L2CA_SetAclPriority
994 *
995 * Description Sets the transmission priority for a channel.
996 * (For initial implementation only two values are valid.
997 * L2CAP_PRIORITY_NORMAL and L2CAP_PRIORITY_HIGH).
998 *
999 * Returns true if a valid channel, else false
1000 *
1001 ******************************************************************************/
L2CA_SetAclPriority(const RawAddress & bd_addr,tL2CAP_PRIORITY priority)1002 bool L2CA_SetAclPriority(const RawAddress& bd_addr, tL2CAP_PRIORITY priority) {
1003 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1004 return bluetooth::shim::L2CA_SetAclPriority(bd_addr, priority);
1005 }
1006
1007 VLOG(1) << __func__ << " BDA: " << bd_addr
1008 << ", priority: " << std::to_string(priority);
1009 return (l2cu_set_acl_priority(bd_addr, priority, false));
1010 }
1011
1012 /*******************************************************************************
1013 *
1014 * Function L2CA_SetTxPriority
1015 *
1016 * Description Sets the transmission priority for a channel.
1017 *
1018 * Returns true if a valid channel, else false
1019 *
1020 ******************************************************************************/
L2CA_SetTxPriority(uint16_t cid,tL2CAP_CHNL_PRIORITY priority)1021 bool L2CA_SetTxPriority(uint16_t cid, tL2CAP_CHNL_PRIORITY priority) {
1022 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1023 return bluetooth::shim::L2CA_SetTxPriority(cid, priority);
1024 }
1025
1026 tL2C_CCB* p_ccb;
1027
1028 L2CAP_TRACE_API("L2CA_SetTxPriority() CID: 0x%04x, priority:%d", cid,
1029 priority);
1030
1031 /* Find the channel control block. We don't know the link it is on. */
1032 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1033 if (p_ccb == NULL) {
1034 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetTxPriority, CID: %d", cid);
1035 return (false);
1036 }
1037
1038 /* it will update the order of CCB in LCB by priority and update round robin
1039 * service variables */
1040 l2cu_change_pri_ccb(p_ccb, priority);
1041
1042 return (true);
1043 }
1044
1045 /*******************************************************************************
1046 *
1047 * Function L2CA_GetPeerFeatures
1048 *
1049 * Description Get a peers features and fixed channel map
1050 *
1051 * Parameters: BD address of the peer
1052 * Pointers to features and channel mask storage area
1053 *
1054 * Return value: true if peer is connected
1055 *
1056 ******************************************************************************/
L2CA_GetPeerFeatures(const RawAddress & bd_addr,uint32_t * p_ext_feat,uint8_t * p_chnl_mask)1057 bool L2CA_GetPeerFeatures(const RawAddress& bd_addr, uint32_t* p_ext_feat,
1058 uint8_t* p_chnl_mask) {
1059 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1060 return bluetooth::shim::L2CA_GetPeerFeatures(bd_addr, p_ext_feat,
1061 p_chnl_mask);
1062 }
1063
1064 tL2C_LCB* p_lcb;
1065
1066 /* We must already have a link to the remote */
1067 p_lcb = l2cu_find_lcb_by_bd_addr(bd_addr, BT_TRANSPORT_BR_EDR);
1068 if (p_lcb == NULL) {
1069 LOG(WARNING) << __func__ << " No BDA: " << bd_addr;
1070 return false;
1071 }
1072
1073 VLOG(1) << __func__ << " BDA: " << bd_addr
1074 << StringPrintf(" ExtFea: 0x%08x Chnl_Mask[0]: 0x%02x",
1075 p_lcb->peer_ext_fea, p_lcb->peer_chnl_mask[0]);
1076
1077 *p_ext_feat = p_lcb->peer_ext_fea;
1078
1079 memcpy(p_chnl_mask, p_lcb->peer_chnl_mask, L2CAP_FIXED_CHNL_ARRAY_SIZE);
1080
1081 return true;
1082 }
1083
1084 /*******************************************************************************
1085 *
1086 * Function L2CA_RegisterFixedChannel
1087 *
1088 * Description Register a fixed channel.
1089 *
1090 * Parameters: Fixed Channel #
1091 * Channel Callbacks and config
1092 *
1093 * Return value: -
1094 *
1095 ******************************************************************************/
fixed_channel_text(const uint16_t & fixed_cid)1096 static std::string fixed_channel_text(const uint16_t& fixed_cid) {
1097 switch (fixed_cid) {
1098 case L2CAP_SIGNALLING_CID:
1099 return std::string("br_edr signalling");
1100 case L2CAP_CONNECTIONLESS_CID:
1101 return std::string("connectionless");
1102 case L2CAP_AMP_CID:
1103 return std::string("amp");
1104 case L2CAP_ATT_CID:
1105 return std::string("att");
1106 case L2CAP_BLE_SIGNALLING_CID:
1107 return std::string("ble signalling");
1108 case L2CAP_SMP_CID:
1109 return std::string("smp");
1110 case L2CAP_SMP_BR_CID:
1111 return std::string("br_edr smp");
1112 default:
1113 return std::string("unknown");
1114 }
1115 }
1116
L2CA_RegisterFixedChannel(uint16_t fixed_cid,tL2CAP_FIXED_CHNL_REG * p_freg)1117 bool L2CA_RegisterFixedChannel(uint16_t fixed_cid,
1118 tL2CAP_FIXED_CHNL_REG* p_freg) {
1119 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1120 return bluetooth::shim::L2CA_RegisterFixedChannel(fixed_cid, p_freg);
1121 }
1122
1123 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1124 (fixed_cid > L2CAP_LAST_FIXED_CHNL)) {
1125 LOG_ERROR("Invalid fixed CID: 0x%04x", fixed_cid);
1126 return false;
1127 }
1128
1129 l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = *p_freg;
1130 LOG_DEBUG("Registered fixed channel:%s",
1131 fixed_channel_text(fixed_cid).c_str());
1132 return true;
1133 }
1134
1135 /*******************************************************************************
1136 *
1137 * Function L2CA_ConnectFixedChnl
1138 *
1139 * Description Connect an fixed signalling channel to a remote device.
1140 *
1141 * Parameters: Fixed CID
1142 * BD Address of remote
1143 *
1144 * Return value: true if connection started
1145 *
1146 ******************************************************************************/
L2CA_ConnectFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1147 bool L2CA_ConnectFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1148 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1149 return bluetooth::shim::L2CA_ConnectFixedChnl(fixed_cid, rem_bda);
1150 }
1151
1152 tL2C_LCB* p_lcb;
1153 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1154
1155 LOG_DEBUG(" fixed_cid:0x%04x", fixed_cid);
1156
1157 // Check CID is valid and registered
1158 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1159 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1160 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1161 NULL)) {
1162 LOG_ERROR("Invalid fixed_cid:0x%04x", fixed_cid);
1163 return (false);
1164 }
1165
1166 // Fail if BT is not yet up
1167 if (!BTM_IsDeviceUp()) {
1168 LOG_WARN("Bt controller is not ready fixed_cid:0x%04x", fixed_cid);
1169 return (false);
1170 }
1171
1172 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1173 transport = BT_TRANSPORT_LE;
1174
1175 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1176
1177 // If we already have a link to the remote, check if it supports that CID
1178 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1179 if (p_lcb != NULL) {
1180 // Fixed channels are mandatory on LE transports so ignore the received
1181 // channel mask and use the locally cached LE channel mask.
1182
1183 if (transport == BT_TRANSPORT_LE)
1184 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1185 else
1186 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1187
1188 // Check for supported channel
1189 if (!(peer_channel_mask & (1 << fixed_cid))) {
1190 LOG_INFO("Peer device does not support fixed_cid:0x%04x", fixed_cid);
1191 return false;
1192 }
1193
1194 // Get a CCB and link the lcb to it
1195 if (!l2cu_initialize_fixed_ccb(p_lcb, fixed_cid)) {
1196 LOG_WARN("Unable to allocate fixed channel resource fixed_cid:0x%04x",
1197 fixed_cid);
1198 return false;
1199 }
1200
1201 // racing with disconnecting, queue the connection request
1202 if (p_lcb->link_state == LST_DISCONNECTING) {
1203 LOG_DEBUG(
1204 "Link is disconnecting so deferring connection fixed_cid:0x%04x",
1205 fixed_cid);
1206 /* Save ccb so it can be started after disconnect is finished */
1207 p_lcb->p_pending_ccb =
1208 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1209 return true;
1210 }
1211
1212 (*l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedConn_Cb)(
1213 fixed_cid, p_lcb->remote_bd_addr, true, 0, p_lcb->transport);
1214 return true;
1215 }
1216
1217 // No link. Get an LCB and start link establishment
1218 p_lcb = l2cu_allocate_lcb(rem_bda, false, transport);
1219 if (p_lcb == NULL) {
1220 LOG_WARN("Unable to allocate link resource for connection fixed_cid:0x%04x",
1221 fixed_cid);
1222 return false;
1223 }
1224
1225 // Get a CCB and link the lcb to it
1226 if (!l2cu_initialize_fixed_ccb(p_lcb, fixed_cid)) {
1227 LOG_WARN("Unable to allocate fixed channel resource fixed_cid:0x%04x",
1228 fixed_cid);
1229 l2cu_release_lcb(p_lcb);
1230 return false;
1231 }
1232
1233 if (transport == BT_TRANSPORT_LE) {
1234 bool ret = l2cu_create_conn_le(p_lcb);
1235 if (!ret) {
1236 LOG_WARN("Unable to create fixed channel le connection fixed_cid:0x%04x",
1237 fixed_cid);
1238 l2cu_release_lcb(p_lcb);
1239 return false;
1240 }
1241 } else {
1242 l2cu_create_conn_br_edr(p_lcb);
1243 }
1244 return true;
1245 }
1246
1247 /*******************************************************************************
1248 *
1249 * Function L2CA_SendFixedChnlData
1250 *
1251 * Description Write data on a fixed channel.
1252 *
1253 * Parameters: Fixed CID
1254 * BD Address of remote
1255 * Pointer to buffer of type BT_HDR
1256 *
1257 * Return value L2CAP_DW_SUCCESS, if data accepted
1258 * L2CAP_DW_FAILED, if error
1259 *
1260 ******************************************************************************/
L2CA_SendFixedChnlData(uint16_t fixed_cid,const RawAddress & rem_bda,BT_HDR * p_buf)1261 uint16_t L2CA_SendFixedChnlData(uint16_t fixed_cid, const RawAddress& rem_bda,
1262 BT_HDR* p_buf) {
1263 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1264 return bluetooth::shim::L2CA_SendFixedChnlData(fixed_cid, rem_bda, p_buf);
1265 }
1266
1267 tL2C_LCB* p_lcb;
1268 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1269
1270 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1271 transport = BT_TRANSPORT_LE;
1272
1273 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1274 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1275 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1276 NULL)) {
1277 LOG_WARN("No service registered or invalid CID: 0x%04x", fixed_cid);
1278 osi_free(p_buf);
1279 return (L2CAP_DW_FAILED);
1280 }
1281
1282 if (!BTM_IsDeviceUp()) {
1283 LOG_WARN("Controller is not ready CID: 0x%04x", fixed_cid);
1284 osi_free(p_buf);
1285 return (L2CAP_DW_FAILED);
1286 }
1287
1288 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1289 if (p_lcb == NULL || p_lcb->link_state == LST_DISCONNECTING) {
1290 /* if link is disconnecting, also report data sending failure */
1291 LOG_WARN("Link is disconnecting or does not exist CID: 0x%04x", fixed_cid);
1292 osi_free(p_buf);
1293 return (L2CAP_DW_FAILED);
1294 }
1295
1296 tL2C_BLE_FIXED_CHNLS_MASK peer_channel_mask;
1297
1298 // Select peer channels mask to use depending on transport
1299 if (transport == BT_TRANSPORT_LE)
1300 peer_channel_mask = l2cb.l2c_ble_fixed_chnls_mask;
1301 else
1302 peer_channel_mask = p_lcb->peer_chnl_mask[0];
1303
1304 if ((peer_channel_mask & (1 << fixed_cid)) == 0) {
1305 LOG_WARN("Peer does not support fixed channel CID: 0x%04x", fixed_cid);
1306 osi_free(p_buf);
1307 return (L2CAP_DW_FAILED);
1308 }
1309
1310 p_buf->event = 0;
1311 p_buf->layer_specific = L2CAP_FLUSHABLE_CH_BASED;
1312
1313 if (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) {
1314 if (!l2cu_initialize_fixed_ccb(p_lcb, fixed_cid)) {
1315 LOG_WARN("No channel control block found for CID: 0x%4x", fixed_cid);
1316 osi_free(p_buf);
1317 return (L2CAP_DW_FAILED);
1318 }
1319 }
1320
1321 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent) {
1322 LOG_WARN(
1323 "Unable to send data due to congestion CID: 0x%04x xmit_hold_q.count: "
1324 "%zu buff_quota: %u",
1325 fixed_cid,
1326 fixed_queue_length(
1327 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]
1328 ->xmit_hold_q),
1329 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->buff_quota);
1330 osi_free(p_buf);
1331 return (L2CAP_DW_FAILED);
1332 }
1333
1334 LOG_DEBUG("Enqueued data for CID: 0x%04x len:%hu", fixed_cid, p_buf->len);
1335 l2c_enqueue_peer_data(p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL],
1336 p_buf);
1337
1338 l2c_link_check_send_pkts(p_lcb, 0, NULL);
1339
1340 // If there is no dynamic CCB on the link, restart the idle timer each time
1341 // something is sent
1342 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1343 !p_lcb->ccb_queue.p_first_ccb) {
1344 l2cu_no_dynamic_ccbs(p_lcb);
1345 }
1346
1347 if (p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]->cong_sent) {
1348 LOG_DEBUG("Link congested for CID: 0x%04x", fixed_cid);
1349 return (L2CAP_DW_CONGESTED);
1350 }
1351
1352 return (L2CAP_DW_SUCCESS);
1353 }
1354
1355 /*******************************************************************************
1356 *
1357 * Function L2CA_RemoveFixedChnl
1358 *
1359 * Description Remove a fixed channel to a remote device.
1360 *
1361 * Parameters: Fixed CID
1362 * BD Address of remote
1363 * Idle timeout to use (or 0xFFFF if don't care)
1364 *
1365 * Return value: true if channel removed
1366 *
1367 ******************************************************************************/
L2CA_RemoveFixedChnl(uint16_t fixed_cid,const RawAddress & rem_bda)1368 bool L2CA_RemoveFixedChnl(uint16_t fixed_cid, const RawAddress& rem_bda) {
1369 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1370 return bluetooth::shim::L2CA_RemoveFixedChnl(fixed_cid, rem_bda);
1371 }
1372
1373 tL2C_LCB* p_lcb;
1374 tL2C_CCB* p_ccb;
1375 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1376
1377 /* Check CID is valid and registered */
1378 if ((fixed_cid < L2CAP_FIRST_FIXED_CHNL) ||
1379 (fixed_cid > L2CAP_LAST_FIXED_CHNL) ||
1380 (l2cb.fixed_reg[fixed_cid - L2CAP_FIRST_FIXED_CHNL].pL2CA_FixedData_Cb ==
1381 NULL)) {
1382 L2CAP_TRACE_ERROR("L2CA_RemoveFixedChnl() Invalid CID: 0x%04x", fixed_cid);
1383 return (false);
1384 }
1385
1386 if (fixed_cid >= L2CAP_ATT_CID && fixed_cid <= L2CAP_SMP_CID)
1387 transport = BT_TRANSPORT_LE;
1388
1389 /* Is a fixed channel connected to the remote BDA ?*/
1390 p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, transport);
1391
1392 if (((p_lcb) == NULL) ||
1393 (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL])) {
1394 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1395 << StringPrintf(" CID: 0x%04x not connected", fixed_cid);
1396 return (false);
1397 }
1398
1399 VLOG(2) << __func__ << " BDA: " << rem_bda
1400 << StringPrintf(" CID: 0x%04x", fixed_cid);
1401
1402 /* Release the CCB, starting an inactivity timeout on the LCB if no other CCBs
1403 * exist */
1404 p_ccb = p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL];
1405
1406 p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL] = NULL;
1407 p_lcb->SetDisconnectReason(HCI_ERR_CONN_CAUSE_LOCAL_HOST);
1408
1409 // Retain the link for a few more seconds after SMP pairing is done, since
1410 // the Android platform always does service discovery after pairing is
1411 // complete. This will avoid the link down (pairing is complete) and an
1412 // immediate re-connection for service discovery.
1413 // Some devices do not do auto advertising when link is dropped, thus fail
1414 // the second connection and service discovery.
1415 if ((fixed_cid == L2CAP_ATT_CID) && !p_lcb->ccb_queue.p_first_ccb)
1416 p_lcb->idle_timeout = 0;
1417
1418 l2cu_release_ccb(p_ccb);
1419
1420 return (true);
1421 }
1422
1423 /*******************************************************************************
1424 *
1425 * Function L2CA_SetLeGattTimeout
1426 *
1427 * Description Higher layers call this function to set the idle timeout for
1428 * a fixed channel. The "idle timeout" is the amount of time
1429 * that a connection can remain up with no L2CAP channels on
1430 * it. A timeout of zero means that the connection will be torn
1431 * down immediately when the last channel is removed.
1432 * A timeout of 0xFFFF means no timeout. Values are in seconds.
1433 * A bd_addr is the remote BD address.
1434 *
1435 * Returns true if command succeeded, false if failed
1436 *
1437 ******************************************************************************/
L2CA_SetLeGattTimeout(const RawAddress & rem_bda,uint16_t idle_tout)1438 bool L2CA_SetLeGattTimeout(const RawAddress& rem_bda, uint16_t idle_tout) {
1439 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1440 return bluetooth::shim::L2CA_SetLeGattTimeout(rem_bda, idle_tout);
1441 }
1442
1443 constexpr uint16_t kAttCid = 4;
1444
1445 /* Is a fixed channel connected to the remote BDA ?*/
1446 tL2C_LCB* p_lcb = l2cu_find_lcb_by_bd_addr(rem_bda, BT_TRANSPORT_LE);
1447 if (((p_lcb) == NULL) ||
1448 (!p_lcb->p_fixed_ccbs[kAttCid - L2CAP_FIRST_FIXED_CHNL])) {
1449 LOG(WARNING) << __func__ << " BDA: " << rem_bda
1450 << StringPrintf(" CID: 0x%04x not connected", kAttCid);
1451 return (false);
1452 }
1453
1454 p_lcb->p_fixed_ccbs[kAttCid - L2CAP_FIRST_FIXED_CHNL]->fixed_chnl_idle_tout =
1455 idle_tout;
1456
1457 if (p_lcb->in_use && p_lcb->link_state == LST_CONNECTED &&
1458 !p_lcb->ccb_queue.p_first_ccb) {
1459 /* If there are no dynamic CCBs, (re)start the idle timer in case we changed
1460 * it */
1461 l2cu_no_dynamic_ccbs(p_lcb);
1462 }
1463
1464 return true;
1465 }
1466
1467 /*******************************************************************************
1468 *
1469 * Function L2CA_DataWrite
1470 *
1471 * Description Higher layers call this function to write data.
1472 *
1473 * Returns L2CAP_DW_SUCCESS, if data accepted, else false
1474 * L2CAP_DW_CONGESTED, if data accepted and the channel is
1475 * congested
1476 * L2CAP_DW_FAILED, if error
1477 *
1478 ******************************************************************************/
L2CA_DataWrite(uint16_t cid,BT_HDR * p_data)1479 uint8_t L2CA_DataWrite(uint16_t cid, BT_HDR* p_data) {
1480 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1481 return bluetooth::shim::L2CA_DataWrite(cid, p_data);
1482 }
1483
1484 L2CAP_TRACE_API("L2CA_DataWrite() CID: 0x%04x Len: %d", cid, p_data->len);
1485 return l2c_data_write(cid, p_data, L2CAP_FLUSHABLE_CH_BASED);
1486 }
1487
L2CA_LECocDataWrite(uint16_t cid,BT_HDR * p_data)1488 uint8_t L2CA_LECocDataWrite(uint16_t cid, BT_HDR* p_data) {
1489 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1490 return bluetooth::shim::L2CA_LECocDataWrite(cid, p_data);
1491 }
1492
1493 return L2CA_DataWrite(cid, p_data);
1494 }
1495
1496 /*******************************************************************************
1497 *
1498 * Function L2CA_SetChnlFlushability
1499 *
1500 * Description Higher layers call this function to set a channels
1501 * flushability flags
1502 *
1503 * Returns true if CID found, else false
1504 *
1505 ******************************************************************************/
L2CA_SetChnlFlushability(uint16_t cid,bool is_flushable)1506 bool L2CA_SetChnlFlushability(uint16_t cid, bool is_flushable) {
1507 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1508 return bluetooth::shim::L2CA_SetChnlFlushability(cid, is_flushable);
1509 }
1510
1511 tL2C_CCB* p_ccb;
1512
1513 /* Find the channel control block. We don't know the link it is on. */
1514 p_ccb = l2cu_find_ccb_by_cid(NULL, cid);
1515 if (p_ccb == NULL) {
1516 L2CAP_TRACE_WARNING("L2CAP - no CCB for L2CA_SetChnlFlushability, CID: %d",
1517 cid);
1518 return (false);
1519 }
1520
1521 p_ccb->is_flushable = is_flushable;
1522
1523 L2CAP_TRACE_API("L2CA_SetChnlFlushability() CID: 0x%04x is_flushable: %d",
1524 cid, is_flushable);
1525
1526 return (true);
1527 }
1528
1529 /*******************************************************************************
1530 *
1531 * Function L2CA_FlushChannel
1532 *
1533 * Description This function flushes none, some or all buffers queued up
1534 * for xmission for a particular CID. If called with
1535 * L2CAP_FLUSH_CHANS_GET (0), it simply returns the number
1536 * of buffers queued for that CID L2CAP_FLUSH_CHANS_ALL (0xffff)
1537 * flushes all buffers. All other values specifies the maximum
1538 * buffers to flush.
1539 *
1540 * Returns Number of buffers left queued for that CID
1541 *
1542 ******************************************************************************/
L2CA_FlushChannel(uint16_t lcid,uint16_t num_to_flush)1543 uint16_t L2CA_FlushChannel(uint16_t lcid, uint16_t num_to_flush) {
1544 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1545 return bluetooth::shim::L2CA_FlushChannel(lcid, num_to_flush);
1546 }
1547
1548 tL2C_CCB* p_ccb;
1549 tL2C_LCB* p_lcb;
1550 uint16_t num_left = 0, num_flushed1 = 0, num_flushed2 = 0;
1551
1552 p_ccb = l2cu_find_ccb_by_cid(NULL, lcid);
1553
1554 if (!p_ccb || (p_ccb->p_lcb == NULL)) {
1555 L2CAP_TRACE_WARNING(
1556 "L2CA_FlushChannel() abnormally returning 0 CID: 0x%04x", lcid);
1557 return (0);
1558 }
1559 p_lcb = p_ccb->p_lcb;
1560
1561 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
1562 L2CAP_TRACE_API(
1563 "L2CA_FlushChannel (FLUSH) CID: 0x%04x NumToFlush: %d QC: %u "
1564 "pFirst: 0x%08x",
1565 lcid, num_to_flush, fixed_queue_length(p_ccb->xmit_hold_q),
1566 fixed_queue_try_peek_first(p_ccb->xmit_hold_q));
1567 } else {
1568 L2CAP_TRACE_API("L2CA_FlushChannel (QUERY) CID: 0x%04x", lcid);
1569 }
1570
1571 /* Cannot flush eRTM buffers once they have a sequence number */
1572 if (p_ccb->peer_cfg.fcr.mode != L2CAP_FCR_ERTM_MODE) {
1573 const controller_t* controller = controller_get_interface();
1574 if (num_to_flush != L2CAP_FLUSH_CHANS_GET) {
1575 /* If the controller supports enhanced flush, flush the data queued at the
1576 * controller */
1577 if (controller->supports_non_flushable_pb() &&
1578 (BTM_GetNumScoLinks() == 0)) {
1579 /* The only packet type defined - 0 - Automatically-Flushable Only */
1580 btsnd_hcic_enhanced_flush(p_lcb->Handle(), 0);
1581 }
1582 }
1583
1584 // Iterate though list and flush the amount requested from
1585 // the transmit data queue that satisfy the layer and event conditions.
1586 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
1587 (num_to_flush > 0) && node != list_end(p_lcb->link_xmit_data_q);) {
1588 BT_HDR* p_buf = (BT_HDR*)list_node(node);
1589 node = list_next(node);
1590 if ((p_buf->layer_specific == 0) && (p_buf->event == lcid)) {
1591 num_to_flush--;
1592 num_flushed1++;
1593
1594 list_remove(p_lcb->link_xmit_data_q, p_buf);
1595 osi_free(p_buf);
1596 }
1597 }
1598 }
1599
1600 /* If needed, flush buffers in the CCB xmit hold queue */
1601 while ((num_to_flush != 0) && (!fixed_queue_is_empty(p_ccb->xmit_hold_q))) {
1602 BT_HDR* p_buf = (BT_HDR*)fixed_queue_try_dequeue(p_ccb->xmit_hold_q);
1603 osi_free(p_buf);
1604 num_to_flush--;
1605 num_flushed2++;
1606 }
1607
1608 /* If app needs to track all packets, call it */
1609 if ((p_ccb->p_rcb) && (p_ccb->p_rcb->api.pL2CA_TxComplete_Cb) &&
1610 (num_flushed2))
1611 (*p_ccb->p_rcb->api.pL2CA_TxComplete_Cb)(p_ccb->local_cid, num_flushed2);
1612
1613 /* Now count how many are left */
1614 for (const list_node_t* node = list_begin(p_lcb->link_xmit_data_q);
1615 node != list_end(p_lcb->link_xmit_data_q); node = list_next(node)) {
1616 BT_HDR* p_buf = (BT_HDR*)list_node(node);
1617 if (p_buf->event == lcid) num_left++;
1618 }
1619
1620 /* Add in the number in the CCB xmit queue */
1621 num_left += fixed_queue_length(p_ccb->xmit_hold_q);
1622
1623 /* Return the local number of buffers left for the CID */
1624 L2CAP_TRACE_DEBUG("L2CA_FlushChannel() flushed: %u + %u, num_left: %u",
1625 num_flushed1, num_flushed2, num_left);
1626
1627 /* If we were congested, and now we are not, tell the app */
1628 l2cu_check_channel_congestion(p_ccb);
1629
1630 return (num_left);
1631 }
1632
L2CA_IsLinkEstablished(const RawAddress & bd_addr,tBT_TRANSPORT transport)1633 bool L2CA_IsLinkEstablished(const RawAddress& bd_addr,
1634 tBT_TRANSPORT transport) {
1635 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1636 return bluetooth::shim::L2CA_IsLinkEstablished(bd_addr, transport);
1637 }
1638
1639 return l2cu_find_lcb_by_bd_addr(bd_addr, transport) != nullptr;
1640 }
1641