1 // SPDX-License-Identifier: LGPL-2.1-or-later
4 * BlueZ - Bluetooth protocol stack for Linux
6 * Copyright (C) 2015 Andrzej Kaczmarek <andrzej.kaczmarek@codecoup.pl>
19 #include "lib/bluetooth.h"
21 #include "src/shared/util.h"
30 #define AVDTP_MSG_TYPE_COMMAND 0x00
31 #define AVDTP_MSG_TYPE_GENERAL_REJECT 0x01
32 #define AVDTP_MSG_TYPE_RESPONSE_ACCEPT 0x02
33 #define AVDTP_MSG_TYPE_RESPONSE_REJECT 0x03
35 /* Signal Identifiers */
36 #define AVDTP_DISCOVER 0x01
37 #define AVDTP_GET_CAPABILITIES 0x02
38 #define AVDTP_SET_CONFIGURATION 0x03
39 #define AVDTP_GET_CONFIGURATION 0x04
40 #define AVDTP_RECONFIGURE 0x05
41 #define AVDTP_OPEN 0x06
42 #define AVDTP_START 0x07
43 #define AVDTP_CLOSE 0x08
44 #define AVDTP_SUSPEND 0x09
45 #define AVDTP_ABORT 0x0a
46 #define AVDTP_SECURITY_CONTROL 0x0b
47 #define AVDTP_GET_ALL_CAPABILITIES 0x0c
48 #define AVDTP_DELAYREPORT 0x0d
50 /* Service Categories */
51 #define AVDTP_MEDIA_TRANSPORT 0x01
52 #define AVDTP_REPORTING 0x02
53 #define AVDTP_RECOVERY 0x03
54 #define AVDTP_CONTENT_PROTECTION 0x04
55 #define AVDTP_HEADER_COMPRESSION 0x05
56 #define AVDTP_MULTIPLEXING 0x06
57 #define AVDTP_MEDIA_CODEC 0x07
58 #define AVDTP_DELAY_REPORTING 0x08
63 struct l2cap_frame l2cap_frame;
66 static inline bool is_configuration_sig_id(uint8_t sig_id)
68 return (sig_id == AVDTP_SET_CONFIGURATION) ||
69 (sig_id == AVDTP_GET_CONFIGURATION) ||
70 (sig_id == AVDTP_RECONFIGURE);
73 static const char *msgtype2str(uint8_t msgtype)
79 return "General Reject";
81 return "Response Accept";
83 return "Response Reject";
89 static const char *sigid2str(uint8_t sigid)
94 case AVDTP_GET_CAPABILITIES:
95 return "Get Capabilities";
96 case AVDTP_SET_CONFIGURATION:
97 return "Set Configuration";
98 case AVDTP_GET_CONFIGURATION:
99 return "Get Configuration";
100 case AVDTP_RECONFIGURE:
101 return "Reconfigure";
112 case AVDTP_SECURITY_CONTROL:
113 return "Security Control";
114 case AVDTP_GET_ALL_CAPABILITIES:
115 return "Get All Capabilities";
116 case AVDTP_DELAYREPORT:
117 return "Delay Report";
123 static const char *error2str(uint8_t error)
127 return "BAD_HEADER_FORMAT";
131 return "BAD_ACP_SEID";
135 return "SEP_NOT_IN_USER";
137 return "BAD_SERV_CATEGORY";
139 return "BAD_PAYLOAD_FORMAT";
141 return "NOT_SUPPORTED_COMMAND";
143 return "INVALID_CAPABILITIES";
145 return "BAD_RECOVERY_TYPE";
147 return "BAD_MEDIA_TRANSPORT_FORMAT";
149 return "BAD_RECOVERY_FORMAT";
151 return "BAD_ROHC_FORMAT";
153 return "BAD_CP_FORMAT";
155 return "BAD_MULTIPLEXING_FORMAT";
157 return "UNSUPPORTED_CONFIGURATION";
165 static const char *mediatype2str(uint8_t media_type)
167 switch (media_type) {
179 static const char *mediacodec2str(uint8_t codec)
185 return "MPEG-1,2 Audio";
187 return "MPEG-2,4 AAC";
189 return "ATRAC Family";
197 static const char *cptype2str(uint8_t cp)
209 static const char *servicecat2str(uint8_t service_cat)
211 switch (service_cat) {
212 case AVDTP_MEDIA_TRANSPORT:
213 return "Media Transport";
214 case AVDTP_REPORTING:
218 case AVDTP_CONTENT_PROTECTION:
219 return "Content Protection";
220 case AVDTP_HEADER_COMPRESSION:
221 return "Header Compression";
222 case AVDTP_MULTIPLEXING:
223 return "Multiplexing";
224 case AVDTP_MEDIA_CODEC:
225 return "Media Codec";
226 case AVDTP_DELAY_REPORTING:
227 return "Delay Reporting";
233 static bool avdtp_reject_common(struct avdtp_frame *avdtp_frame)
235 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
238 if (!l2cap_frame_get_u8(frame, &error))
241 print_field("Error code: %s (0x%02x)", error2str(error), error);
246 static bool service_content_protection(struct avdtp_frame *avdtp_frame,
249 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
255 if (!l2cap_frame_get_le16(frame, &type))
260 print_field("%*cContent Protection Type: %s (0x%04x)", 2, ' ',
261 cptype2str(type), type);
263 /* TODO: decode protection specific information */
264 packet_hexdump(frame->data, losc);
266 l2cap_frame_pull(frame, frame, losc);
271 static bool service_media_codec(struct avdtp_frame *avdtp_frame, uint8_t losc)
273 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
280 l2cap_frame_get_u8(frame, &type);
281 l2cap_frame_get_u8(frame, &codec);
285 print_field("%*cMedia Type: %s (0x%02x)", 2, ' ',
286 mediatype2str(type >> 4), type >> 4);
288 print_field("%*cMedia Codec: %s (0x%02x)", 2, ' ',
289 mediacodec2str(codec), codec);
291 if (is_configuration_sig_id(avdtp_frame->sig_id))
292 return a2dp_codec_cfg(codec, losc, frame);
294 return a2dp_codec_cap(codec, losc, frame);
297 static bool decode_capabilities(struct avdtp_frame *avdtp_frame)
299 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
303 while (l2cap_frame_get_u8(frame, &service_cat)) {
304 print_field("Service Category: %s (0x%02x)",
305 servicecat2str(service_cat), service_cat);
307 if (!l2cap_frame_get_u8(frame, &losc))
310 if (frame->size < losc)
313 switch (service_cat) {
314 case AVDTP_CONTENT_PROTECTION:
315 if (!service_content_protection(avdtp_frame, losc))
318 case AVDTP_MEDIA_CODEC:
319 if (!service_media_codec(avdtp_frame, losc))
322 case AVDTP_MEDIA_TRANSPORT:
323 case AVDTP_REPORTING:
325 case AVDTP_HEADER_COMPRESSION:
326 case AVDTP_MULTIPLEXING:
327 case AVDTP_DELAY_REPORTING:
329 packet_hexdump(frame->data, losc);
330 l2cap_frame_pull(frame, frame, losc);
338 static bool avdtp_discover(struct avdtp_frame *avdtp_frame)
340 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
341 uint8_t type = avdtp_frame->hdr & 0x03;
346 case AVDTP_MSG_TYPE_COMMAND:
348 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
349 while (l2cap_frame_get_u8(frame, &seid)) {
350 print_field("ACP SEID: %d", seid >> 2);
352 if (!l2cap_frame_get_u8(frame, &info))
355 print_field("%*cMedia Type: %s (0x%02x)", 2, ' ',
356 mediatype2str(info >> 4), info >> 4);
357 print_field("%*cSEP Type: %s (0x%02x)", 2, ' ',
358 info & 0x08 ? "SNK" : "SRC",
360 print_field("%*cIn use: %s", 2, ' ',
361 seid & 0x02 ? "Yes" : "No");
364 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
365 return avdtp_reject_common(avdtp_frame);
371 static bool avdtp_get_capabilities(struct avdtp_frame *avdtp_frame)
373 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
374 uint8_t type = avdtp_frame->hdr & 0x03;
378 case AVDTP_MSG_TYPE_COMMAND:
379 if (!l2cap_frame_get_u8(frame, &seid))
382 print_field("ACP SEID: %d", seid >> 2);
385 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
386 return decode_capabilities(avdtp_frame);
387 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
388 return avdtp_reject_common(avdtp_frame);
394 static bool avdtp_set_configuration(struct avdtp_frame *avdtp_frame)
396 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
397 uint8_t type = avdtp_frame->hdr & 0x03;
398 uint8_t acp_seid, int_seid;
402 case AVDTP_MSG_TYPE_COMMAND:
403 if (!l2cap_frame_get_u8(frame, &acp_seid))
406 print_field("ACP SEID: %d", acp_seid >> 2);
408 if (!l2cap_frame_get_u8(frame, &int_seid))
411 print_field("INT SEID: %d", int_seid >> 2);
413 return decode_capabilities(avdtp_frame);
414 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
416 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
417 if (!l2cap_frame_get_u8(frame, &service_cat))
420 print_field("Service Category: %s (0x%02x)",
421 servicecat2str(service_cat), service_cat);
423 return avdtp_reject_common(avdtp_frame);
429 static bool avdtp_get_configuration(struct avdtp_frame *avdtp_frame)
431 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
432 uint8_t type = avdtp_frame->hdr & 0x03;
436 case AVDTP_MSG_TYPE_COMMAND:
437 if (!l2cap_frame_get_u8(frame, &seid))
440 print_field("ACP SEID: %d", seid >> 2);
443 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
444 return decode_capabilities(avdtp_frame);
445 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
446 return avdtp_reject_common(avdtp_frame);
452 static bool avdtp_reconfigure(struct avdtp_frame *avdtp_frame)
454 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
455 uint8_t type = avdtp_frame->hdr & 0x03;
460 case AVDTP_MSG_TYPE_COMMAND:
461 if (!l2cap_frame_get_u8(frame, &seid))
464 print_field("ACP SEID: %d", seid >> 2);
466 return decode_capabilities(avdtp_frame);
467 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
469 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
470 if (!l2cap_frame_get_u8(frame, &service_cat))
473 print_field("Service Category: %s (0x%02x)",
474 servicecat2str(service_cat), service_cat);
476 return avdtp_reject_common(avdtp_frame);
482 static bool avdtp_open(struct avdtp_frame *avdtp_frame)
484 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
485 uint8_t type = avdtp_frame->hdr & 0x03;
489 case AVDTP_MSG_TYPE_COMMAND:
490 if (!l2cap_frame_get_u8(frame, &seid))
493 print_field("ACP SEID: %d", seid >> 2);
496 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
498 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
499 return avdtp_reject_common(avdtp_frame);
505 static bool avdtp_start(struct avdtp_frame *avdtp_frame)
507 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
508 uint8_t type = avdtp_frame->hdr & 0x03;
512 case AVDTP_MSG_TYPE_COMMAND:
513 if (!l2cap_frame_get_u8(frame, &seid))
516 print_field("ACP SEID: %d", seid >> 2);
518 while (l2cap_frame_get_u8(frame, &seid))
519 print_field("ACP SEID: %d", seid >> 2);
522 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
524 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
525 if (!l2cap_frame_get_u8(frame, &seid))
528 print_field("ACP SEID: %d", seid >> 2);
530 return avdtp_reject_common(avdtp_frame);
536 static bool avdtp_close(struct avdtp_frame *avdtp_frame)
538 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
539 uint8_t type = avdtp_frame->hdr & 0x03;
543 case AVDTP_MSG_TYPE_COMMAND:
544 if (!l2cap_frame_get_u8(frame, &seid))
547 print_field("ACP SEID: %d", seid >> 2);
550 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
552 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
553 return avdtp_reject_common(avdtp_frame);
559 static bool avdtp_suspend(struct avdtp_frame *avdtp_frame)
561 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
562 uint8_t type = avdtp_frame->hdr & 0x03;
566 case AVDTP_MSG_TYPE_COMMAND:
567 if (!l2cap_frame_get_u8(frame, &seid))
570 print_field("ACP SEID: %d", seid >> 2);
572 while (l2cap_frame_get_u8(frame, &seid))
573 print_field("ACP SEID: %d", seid >> 2);
576 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
578 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
579 if (!l2cap_frame_get_u8(frame, &seid))
582 print_field("ACP SEID: %d", seid >> 2);
584 return avdtp_reject_common(avdtp_frame);
590 static bool avdtp_abort(struct avdtp_frame *avdtp_frame)
592 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
593 uint8_t type = avdtp_frame->hdr & 0x03;
597 case AVDTP_MSG_TYPE_COMMAND:
598 if (!l2cap_frame_get_u8(frame, &seid))
601 print_field("ACP SEID: %d", seid >> 2);
604 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
611 static bool avdtp_security_control(struct avdtp_frame *avdtp_frame)
613 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
614 uint8_t type = avdtp_frame->hdr & 0x03;
618 case AVDTP_MSG_TYPE_COMMAND:
619 if (!l2cap_frame_get_u8(frame, &seid))
622 print_field("ACP SEID: %d", seid >> 2);
624 /* TODO: decode more information */
625 packet_hexdump(frame->data, frame->size);
627 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
628 /* TODO: decode more information */
629 packet_hexdump(frame->data, frame->size);
631 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
632 return avdtp_reject_common(avdtp_frame);
638 static bool avdtp_delayreport(struct avdtp_frame *avdtp_frame)
640 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
641 uint8_t type = avdtp_frame->hdr & 0x03;
646 case AVDTP_MSG_TYPE_COMMAND:
647 if (!l2cap_frame_get_u8(frame, &seid))
650 print_field("ACP SEID: %d", seid >> 2);
652 if (!l2cap_frame_get_be16(frame, &delay))
655 print_field("Delay: %d.%dms", delay / 10, delay % 10);
658 case AVDTP_MSG_TYPE_RESPONSE_ACCEPT:
660 case AVDTP_MSG_TYPE_RESPONSE_REJECT:
661 return avdtp_reject_common(avdtp_frame);
667 static bool avdtp_signalling_packet(struct avdtp_frame *avdtp_frame)
669 struct l2cap_frame *frame = &avdtp_frame->l2cap_frame;
670 const char *pdu_color;
676 pdu_color = COLOR_MAGENTA;
678 pdu_color = COLOR_BLUE;
680 if (!l2cap_frame_get_u8(frame, &hdr))
683 avdtp_frame->hdr = hdr;
685 /* Continue Packet || End Packet */
686 if (((hdr & 0x0c) == 0x08) || ((hdr & 0x0c) == 0x0c)) {
687 /* TODO: handle fragmentation */
688 packet_hexdump(frame->data, frame->size);
693 if ((hdr & 0x0c) == 0x04) {
694 if (!l2cap_frame_get_u8(frame, &nosp))
698 if (!l2cap_frame_get_u8(frame, &sig_id))
703 avdtp_frame->sig_id = sig_id;
705 print_indent(6, pdu_color, "AVDTP: ", sigid2str(sig_id), COLOR_OFF,
706 " (0x%02x) %s (0x%02x) type 0x%02x label %d nosp %d",
707 sig_id, msgtype2str(hdr & 0x03), hdr & 0x03,
708 hdr & 0x0c, hdr >> 4, nosp);
711 if ((hdr & 0x0c) == 0x04) {
712 /* TODO: handle fragmentation */
713 packet_hexdump(frame->data, frame->size);
718 if ((hdr & 0x03) == 0x03)
723 return avdtp_discover(avdtp_frame);
724 case AVDTP_GET_CAPABILITIES:
725 case AVDTP_GET_ALL_CAPABILITIES:
726 return avdtp_get_capabilities(avdtp_frame);
727 case AVDTP_SET_CONFIGURATION:
728 return avdtp_set_configuration(avdtp_frame);
729 case AVDTP_GET_CONFIGURATION:
730 return avdtp_get_configuration(avdtp_frame);
731 case AVDTP_RECONFIGURE:
732 return avdtp_reconfigure(avdtp_frame);
734 return avdtp_open(avdtp_frame);
736 return avdtp_start(avdtp_frame);
738 return avdtp_close(avdtp_frame);
740 return avdtp_suspend(avdtp_frame);
742 return avdtp_abort(avdtp_frame);
743 case AVDTP_SECURITY_CONTROL:
744 return avdtp_security_control(avdtp_frame);
745 case AVDTP_DELAYREPORT:
746 return avdtp_delayreport(avdtp_frame);
749 packet_hexdump(frame->data, frame->size);
754 void avdtp_packet(const struct l2cap_frame *frame)
756 struct avdtp_frame avdtp_frame;
759 l2cap_frame_pull(&avdtp_frame.l2cap_frame, frame, 0);
761 switch (frame->seq_num) {
763 ret = avdtp_signalling_packet(&avdtp_frame);
766 if (packet_has_filter(PACKET_FILTER_SHOW_A2DP_STREAM))
767 packet_hexdump(frame->data, frame->size);
772 print_text(COLOR_ERROR, "PDU malformed");
773 packet_hexdump(frame->data, frame->size);