3 * BlueZ - Bluetooth protocol stack for Linux
5 * Copyright (C) 2011-2014 Intel Corporation
6 * Copyright (C) 2002-2010 Marcel Holtmann <marcel@holtmann.org>
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
34 #include "lib/bluetooth.h"
36 #include "src/shared/util.h"
49 /* L2CAP Control Field bit masks */
50 #define L2CAP_CTRL_SAR_MASK 0xC000
51 #define L2CAP_CTRL_REQSEQ_MASK 0x3F00
52 #define L2CAP_CTRL_TXSEQ_MASK 0x007E
53 #define L2CAP_CTRL_SUPERVISE_MASK 0x000C
55 #define L2CAP_CTRL_RETRANS 0x0080
56 #define L2CAP_CTRL_FINAL 0x0080
57 #define L2CAP_CTRL_POLL 0x0010
58 #define L2CAP_CTRL_FRAME_TYPE 0x0001 /* I- or S-Frame */
60 #define L2CAP_CTRL_TXSEQ_SHIFT 1
61 #define L2CAP_CTRL_SUPER_SHIFT 2
62 #define L2CAP_CTRL_REQSEQ_SHIFT 8
63 #define L2CAP_CTRL_SAR_SHIFT 14
65 #define L2CAP_EXT_CTRL_TXSEQ_MASK 0xFFFC0000
66 #define L2CAP_EXT_CTRL_SAR_MASK 0x00030000
67 #define L2CAP_EXT_CTRL_SUPERVISE_MASK 0x00030000
68 #define L2CAP_EXT_CTRL_REQSEQ_MASK 0x0000FFFC
70 #define L2CAP_EXT_CTRL_POLL 0x00040000
71 #define L2CAP_EXT_CTRL_FINAL 0x00000002
72 #define L2CAP_EXT_CTRL_FRAME_TYPE 0x00000001 /* I- or S-Frame */
74 #define L2CAP_EXT_CTRL_REQSEQ_SHIFT 2
75 #define L2CAP_EXT_CTRL_SAR_SHIFT 16
76 #define L2CAP_EXT_CTRL_SUPER_SHIFT 16
77 #define L2CAP_EXT_CTRL_TXSEQ_SHIFT 18
79 /* L2CAP Supervisory Function */
80 #define L2CAP_SUPER_RR 0x00
81 #define L2CAP_SUPER_REJ 0x01
82 #define L2CAP_SUPER_RNR 0x02
83 #define L2CAP_SUPER_SREJ 0x03
85 /* L2CAP Segmentation and Reassembly */
86 #define L2CAP_SAR_UNSEGMENTED 0x00
87 #define L2CAP_SAR_START 0x01
88 #define L2CAP_SAR_END 0x02
89 #define L2CAP_SAR_CONTINUE 0x03
106 static struct chan_data chan_list[MAX_CHAN];
108 static void assign_scid(const struct l2cap_frame *frame,
109 uint16_t scid, uint16_t psm, uint8_t ctrlid)
114 for (i = 0; i < MAX_CHAN; i++) {
115 if (n < 0 && chan_list[i].handle == 0x0000) {
120 if (chan_list[i].index != frame->index)
123 if (chan_list[i].handle != frame->handle)
126 if (chan_list[i].psm == psm)
129 /* Don't break on match - we still need to go through all
130 * channels to find proper seq_num.
133 if (chan_list[i].dcid == scid)
136 if (chan_list[i].scid == scid)
144 memset(&chan_list[n], 0, sizeof(chan_list[n]));
145 chan_list[n].index = frame->index;
146 chan_list[n].handle = frame->handle;
147 chan_list[n].ident = frame->ident;
150 chan_list[n].dcid = scid;
152 chan_list[n].scid = scid;
154 chan_list[n].psm = psm;
155 chan_list[n].ctrlid = ctrlid;
156 chan_list[n].mode = 0;
158 chan_list[n].seq_num = seq_num;
161 static void release_scid(const struct l2cap_frame *frame, uint16_t scid)
165 for (i = 0; i < MAX_CHAN; i++) {
166 if (chan_list[i].index != frame->index)
169 if (chan_list[i].handle != frame->handle)
173 if (chan_list[i].scid == scid) {
174 chan_list[i].handle = 0;
178 if (chan_list[i].dcid == scid) {
179 chan_list[i].handle = 0;
186 static void assign_dcid(const struct l2cap_frame *frame, uint16_t dcid,
191 for (i = 0; i < MAX_CHAN; i++) {
192 if (chan_list[i].index != frame->index)
195 if (chan_list[i].handle != frame->handle)
198 if (frame->ident != 0 && chan_list[i].ident != frame->ident)
203 if (chan_list[i].scid == scid) {
204 chan_list[i].dcid = dcid;
208 if (chan_list[i].scid && !chan_list[i].dcid) {
209 chan_list[i].dcid = dcid;
215 if (chan_list[i].dcid == scid) {
216 chan_list[i].scid = dcid;
220 if (chan_list[i].dcid && !chan_list[i].scid) {
221 chan_list[i].scid = dcid;
229 static void assign_mode(const struct l2cap_frame *frame,
230 uint8_t mode, uint16_t dcid)
234 for (i = 0; i < MAX_CHAN; i++) {
235 if (chan_list[i].index != frame->index)
238 if (chan_list[i].handle != frame->handle)
242 if (chan_list[i].scid == dcid) {
243 chan_list[i].mode = mode;
247 if (chan_list[i].dcid == dcid) {
248 chan_list[i].mode = mode;
255 static int get_chan_data_index(const struct l2cap_frame *frame)
259 for (i = 0; i < MAX_CHAN; i++) {
260 if (chan_list[i].index != frame->index &&
261 chan_list[i].ctrlid == 0)
264 if (chan_list[i].ctrlid != 0 &&
265 chan_list[i].ctrlid != frame->index)
268 if (chan_list[i].handle != frame->handle)
272 if (chan_list[i].scid == frame->cid)
275 if (chan_list[i].dcid == frame->cid)
283 static uint16_t get_psm(const struct l2cap_frame *frame)
285 int i = get_chan_data_index(frame);
290 return chan_list[i].psm;
293 static uint8_t get_mode(const struct l2cap_frame *frame)
295 int i = get_chan_data_index(frame);
300 return chan_list[i].mode;
303 static uint16_t get_chan(const struct l2cap_frame *frame)
305 int i = get_chan_data_index(frame);
313 static uint8_t get_seq_num(const struct l2cap_frame *frame)
315 int i = get_chan_data_index(frame);
320 return chan_list[i].seq_num;
323 static void assign_ext_ctrl(const struct l2cap_frame *frame,
324 uint8_t ext_ctrl, uint16_t dcid)
328 for (i = 0; i < MAX_CHAN; i++) {
329 if (chan_list[i].index != frame->index)
332 if (chan_list[i].handle != frame->handle)
336 if (chan_list[i].scid == dcid) {
337 chan_list[i].ext_ctrl = ext_ctrl;
341 if (chan_list[i].dcid == dcid) {
342 chan_list[i].ext_ctrl = ext_ctrl;
349 static uint8_t get_ext_ctrl(const struct l2cap_frame *frame)
351 int i = get_chan_data_index(frame);
356 return chan_list[i].ext_ctrl;
359 static char *sar2str(uint8_t sar)
362 case L2CAP_SAR_UNSEGMENTED:
363 return "Unsegmented";
364 case L2CAP_SAR_START:
368 case L2CAP_SAR_CONTINUE:
369 return "Continuation";
375 static char *supervisory2str(uint8_t supervisory)
377 switch (supervisory) {
379 return "Receiver Ready (RR)";
380 case L2CAP_SUPER_REJ:
381 return "Reject (REJ)";
382 case L2CAP_SUPER_RNR:
383 return "Receiver Not Ready (RNR)";
384 case L2CAP_SUPER_SREJ:
385 return "Select Reject (SREJ)";
387 return "Bad Supervisory";
391 static void l2cap_ctrl_ext_parse(struct l2cap_frame *frame, uint32_t ctrl)
394 ctrl & L2CAP_EXT_CTRL_FRAME_TYPE ? "S-frame" : "I-frame");
396 if (ctrl & L2CAP_EXT_CTRL_FRAME_TYPE) {
398 supervisory2str((ctrl & L2CAP_EXT_CTRL_SUPERVISE_MASK) >>
399 L2CAP_EXT_CTRL_SUPER_SHIFT));
401 if (ctrl & L2CAP_EXT_CTRL_POLL)
404 uint8_t sar = (ctrl & L2CAP_EXT_CTRL_SAR_MASK) >>
405 L2CAP_EXT_CTRL_SAR_SHIFT;
406 printf(" %s", sar2str(sar));
407 if (sar == L2CAP_SAR_START) {
410 if (!l2cap_frame_get_le16(frame, &len))
413 printf(" (len %d)", len);
415 printf(" TxSeq %d", (ctrl & L2CAP_EXT_CTRL_TXSEQ_MASK) >>
416 L2CAP_EXT_CTRL_TXSEQ_SHIFT);
419 printf(" ReqSeq %d", (ctrl & L2CAP_EXT_CTRL_REQSEQ_MASK) >>
420 L2CAP_EXT_CTRL_REQSEQ_SHIFT);
422 if (ctrl & L2CAP_EXT_CTRL_FINAL)
426 static void l2cap_ctrl_parse(struct l2cap_frame *frame, uint32_t ctrl)
429 ctrl & L2CAP_CTRL_FRAME_TYPE ? "S-frame" : "I-frame");
433 supervisory2str((ctrl & L2CAP_CTRL_SUPERVISE_MASK) >>
434 L2CAP_CTRL_SUPER_SHIFT));
436 if (ctrl & L2CAP_CTRL_POLL)
441 sar = (ctrl & L2CAP_CTRL_SAR_MASK) >> L2CAP_CTRL_SAR_SHIFT;
442 printf(" %s", sar2str(sar));
443 if (sar == L2CAP_SAR_START) {
446 if (!l2cap_frame_get_le16(frame, &len))
449 printf(" (len %d)", len);
451 printf(" TxSeq %d", (ctrl & L2CAP_CTRL_TXSEQ_MASK) >>
452 L2CAP_CTRL_TXSEQ_SHIFT);
455 printf(" ReqSeq %d", (ctrl & L2CAP_CTRL_REQSEQ_MASK) >>
456 L2CAP_CTRL_REQSEQ_SHIFT);
458 if (ctrl & L2CAP_CTRL_FINAL)
471 static struct index_data index_list[MAX_INDEX][2];
473 static void clear_fragment_buffer(uint16_t index, bool in)
475 free(index_list[index][in].frag_buf);
476 index_list[index][in].frag_buf = NULL;
477 index_list[index][in].frag_pos = 0;
478 index_list[index][in].frag_len = 0;
481 static void print_psm(uint16_t psm)
483 print_field("PSM: %d (0x%4.4x)", le16_to_cpu(psm), le16_to_cpu(psm));
486 static void print_cid(const char *type, uint16_t cid)
488 print_field("%s CID: %d", type, le16_to_cpu(cid));
491 static void print_reject_reason(uint16_t reason)
495 switch (le16_to_cpu(reason)) {
497 str = "Command not understood";
500 str = "Signaling MTU exceeded";
503 str = "Invalid CID in request";
510 print_field("Reason: %s (0x%4.4x)", str, le16_to_cpu(reason));
513 static void print_conn_result(uint16_t result)
517 switch (le16_to_cpu(result)) {
519 str = "Connection successful";
522 str = "Connection pending";
525 str = "Connection refused - PSM not supported";
528 str = "Connection refused - security block";
531 str = "Connection refused - no resources available";
534 str = "Connection refused - Invalid Source CID";
537 str = "Connection refused - Source CID already allocated";
544 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
547 static void print_le_conn_result(uint16_t result)
551 switch (le16_to_cpu(result)) {
553 str = "Connection successful";
556 str = "Connection refused - PSM not supported";
559 str = "Connection refused - no resources available";
562 str = "Connection refused - insufficient authentication";
565 str = "Connection refused - insufficient authorization";
568 str = "Connection refused - insufficient encryption key size";
571 str = "Connection refused - insufficient encryption";
574 str = "Connection refused - Invalid Source CID";
577 str = "Connection refused - Source CID already allocated";
584 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
587 static void print_create_chan_result(uint16_t result)
591 switch (le16_to_cpu(result)) {
593 str = "Connection successful";
596 str = "Connection pending";
599 str = "Connection refused - PSM not supported";
602 str = "Connection refused - security block";
605 str = "Connection refused - no resources available";
608 str = "Connection refused - Controller ID not supported";
611 str = "Connection refused - Invalid Source CID";
614 str = "Connection refused - Source CID already allocated";
621 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
624 static void print_conn_status(uint16_t status)
628 switch (le16_to_cpu(status)) {
630 str = "No further information available";
633 str = "Authentication pending";
636 str = "Authorization pending";
643 print_field("Status: %s (0x%4.4x)", str, le16_to_cpu(status));
646 static void print_config_flags(uint16_t flags)
650 if (le16_to_cpu(flags) & 0x0001)
651 str = " (continuation)";
655 print_field("Flags: 0x%4.4x%s", le16_to_cpu(flags), str);
658 static void print_config_result(uint16_t result)
662 switch (le16_to_cpu(result)) {
667 str = "Failure - unacceptable parameters";
670 str = "Failure - rejected";
673 str = "Failure - unknown options";
679 str = "Failure - flow spec rejected";
686 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
693 } options_table[] = {
694 { 0x01, 2, "Maximum Transmission Unit" },
695 { 0x02, 2, "Flush Timeout" },
696 { 0x03, 22, "Quality of Service" },
697 { 0x04, 9, "Retransmission and Flow Control" },
698 { 0x05, 1, "Frame Check Sequence" },
699 { 0x06, 16, "Extended Flow Specification" },
700 { 0x07, 2, "Extended Window Size" },
704 static void print_config_options(const struct l2cap_frame *frame,
705 uint8_t offset, uint16_t cid, bool response)
707 const uint8_t *data = frame->data + offset;
708 uint16_t size = frame->size - offset;
709 uint16_t consumed = 0;
711 while (consumed < size - 2) {
712 const char *str = "Unknown";
713 uint8_t type = data[consumed] & 0x7f;
714 uint8_t hint = data[consumed] & 0x80;
715 uint8_t len = data[consumed + 1];
716 uint8_t expect_len = 0;
719 for (i = 0; options_table[i].str; i++) {
720 if (options_table[i].type == type) {
721 str = options_table[i].str;
722 expect_len = options_table[i].len;
727 print_field("Option: %s (0x%2.2x) [%s]", str, type,
728 hint ? "hint" : "mandatory");
730 if (expect_len == 0) {
735 if (len != expect_len) {
736 print_text(COLOR_ERROR, "wrong option size (%d != %d)",
744 print_field(" MTU: %d",
745 get_le16(data + consumed + 2));
748 print_field(" Flush timeout: %d",
749 get_le16(data + consumed + 2));
752 switch (data[consumed + 3]) {
766 print_field(" Flags: 0x%2.2x", data[consumed + 2]);
767 print_field(" Service type: %s (0x%2.2x)",
768 str, data[consumed + 3]);
769 print_field(" Token rate: 0x%8.8x",
770 get_le32(data + consumed + 4));
771 print_field(" Token bucket size: 0x%8.8x",
772 get_le32(data + consumed + 8));
773 print_field(" Peak bandwidth: 0x%8.8x",
774 get_le32(data + consumed + 12));
775 print_field(" Latency: 0x%8.8x",
776 get_le32(data + consumed + 16));
777 print_field(" Delay variation: 0x%8.8x",
778 get_le32(data + consumed + 20));
782 assign_mode(frame, data[consumed + 2], cid);
784 switch (data[consumed + 2]) {
789 str = "Retransmission";
792 str = "Flow control";
795 str = "Enhanced retransmission";
804 print_field(" Mode: %s (0x%2.2x)",
805 str, data[consumed + 2]);
806 print_field(" TX window size: %d", data[consumed + 3]);
807 print_field(" Max transmit: %d", data[consumed + 4]);
808 print_field(" Retransmission timeout: %d",
809 get_le16(data + consumed + 5));
810 print_field(" Monitor timeout: %d",
811 get_le16(data + consumed + 7));
812 print_field(" Maximum PDU size: %d",
813 get_le16(data + consumed + 9));
816 switch (data[consumed + 2]) {
827 print_field(" FCS: %s (0x%2.2d)",
828 str, data[consumed + 2]);
831 switch (data[consumed + 3]) {
845 print_field(" Identifier: 0x%2.2x",
847 print_field(" Service type: %s (0x%2.2x)",
848 str, data[consumed + 3]);
849 print_field(" Maximum SDU size: 0x%4.4x",
850 get_le16(data + consumed + 4));
851 print_field(" SDU inter-arrival time: 0x%8.8x",
852 get_le32(data + consumed + 6));
853 print_field(" Access latency: 0x%8.8x",
854 get_le32(data + consumed + 10));
855 print_field(" Flush timeout: 0x%8.8x",
856 get_le32(data + consumed + 14));
859 print_field(" Extended window size: %d",
860 get_le16(data + consumed + 2));
861 assign_ext_ctrl(frame, 1, cid);
864 packet_hexdump(data + consumed + 2, len);
872 packet_hexdump(data + consumed, size - consumed);
875 static void print_info_type(uint16_t type)
879 switch (le16_to_cpu(type)) {
881 str = "Connectionless MTU";
884 str = "Extended features supported";
887 str = "Fixed channels supported";
894 print_field("Type: %s (0x%4.4x)", str, le16_to_cpu(type));
897 static void print_info_result(uint16_t result)
901 switch (le16_to_cpu(result)) {
906 str = "Not supported";
913 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
919 } features_table[] = {
920 { 0, "Flow control mode" },
921 { 1, "Retransmission mode" },
922 { 2, "Bi-directional QoS" },
923 { 3, "Enhanced Retransmission Mode" },
924 { 4, "Streaming Mode" },
926 { 6, "Extended Flow Specification for BR/EDR" },
927 { 7, "Fixed Channels" },
928 { 8, "Extended Window Size" },
929 { 9, "Unicast Connectionless Data Reception" },
930 { 31, "Reserved for feature mask extension" },
934 static void print_features(uint32_t features)
936 uint32_t mask = features;
939 print_field("Features: 0x%8.8x", features);
941 for (i = 0; features_table[i].str; i++) {
942 if (features & (1 << features_table[i].bit)) {
943 print_field(" %s", features_table[i].str);
944 mask &= ~(1 << features_table[i].bit);
949 print_field(" Unknown features (0x%8.8x)", mask);
955 } channels_table[] = {
956 { 0x0000, "Null identifier" },
957 { 0x0001, "L2CAP Signaling (BR/EDR)" },
958 { 0x0002, "Connectionless reception" },
959 { 0x0003, "AMP Manager Protocol" },
960 { 0x0004, "Attribute Protocol" },
961 { 0x0005, "L2CAP Signaling (LE)" },
962 { 0x0006, "Security Manager (LE)" },
963 { 0x0007, "Security Manager (BR/EDR)" },
964 { 0x003f, "AMP Test Manager" },
968 static void print_channels(uint64_t channels)
970 uint64_t mask = channels;
973 print_field("Channels: 0x%16.16" PRIx64, channels);
975 for (i = 0; channels_table[i].str; i++) {
976 if (channels & (1 << channels_table[i].cid)) {
977 print_field(" %s", channels_table[i].str);
978 mask &= ~(1 << channels_table[i].cid);
983 print_field(" Unknown channels (0x%8.8" PRIx64 ")", mask);
986 static void print_move_result(uint16_t result)
990 switch (le16_to_cpu(result)) {
992 str = "Move success";
995 str = "Move pending";
998 str = "Move refused - Controller ID not supported";
1001 str = "Move refused - new Controller ID is same";
1004 str = "Move refused - Configuration not supported";
1007 str = "Move refused - Move Channel collision";
1010 str = "Move refused - Channel not allowed to be moved";
1017 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
1020 static void print_move_cfm_result(uint16_t result)
1024 switch (le16_to_cpu(result)) {
1026 str = "Move success - both sides succeed";
1029 str = "Move failure - one or both sides refuse";
1036 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
1039 static void print_conn_param_result(uint16_t result)
1043 switch (le16_to_cpu(result)) {
1045 str = "Connection Parameters accepted";
1048 str = "Connection Parameters rejected";
1055 print_field("Result: %s (0x%4.4x)", str, le16_to_cpu(result));
1058 static void sig_cmd_reject(const struct l2cap_frame *frame)
1060 const struct bt_l2cap_pdu_cmd_reject *pdu = frame->data;
1061 const void *data = frame->data;
1062 uint16_t size = frame->size;
1063 uint16_t scid, dcid;
1065 print_reject_reason(pdu->reason);
1067 data += sizeof(*pdu);
1068 size -= sizeof(*pdu);
1070 switch (le16_to_cpu(pdu->reason)) {
1073 print_text(COLOR_ERROR, "invalid data size");
1074 packet_hexdump(data, size);
1080 print_text(COLOR_ERROR, "invalid data size");
1081 packet_hexdump(data, size);
1084 print_field("MTU: %d", get_le16(data));
1088 print_text(COLOR_ERROR, "invalid data size");
1089 packet_hexdump(data, size);
1092 dcid = get_le16(data);
1093 scid = get_le16(data + 2);
1094 print_cid("Destination", cpu_to_le16(dcid));
1095 print_cid("Source", cpu_to_le16(scid));
1098 packet_hexdump(data, size);
1103 static void sig_conn_req(const struct l2cap_frame *frame)
1105 const struct bt_l2cap_pdu_conn_req *pdu = frame->data;
1107 print_psm(pdu->psm);
1108 print_cid("Source", pdu->scid);
1110 assign_scid(frame, le16_to_cpu(pdu->scid), le16_to_cpu(pdu->psm), 0);
1113 static void sig_conn_rsp(const struct l2cap_frame *frame)
1115 const struct bt_l2cap_pdu_conn_rsp *pdu = frame->data;
1117 print_cid("Destination", pdu->dcid);
1118 print_cid("Source", pdu->scid);
1119 print_conn_result(pdu->result);
1120 print_conn_status(pdu->status);
1122 assign_dcid(frame, le16_to_cpu(pdu->dcid), le16_to_cpu(pdu->scid));
1125 static void sig_config_req(const struct l2cap_frame *frame)
1127 const struct bt_l2cap_pdu_config_req *pdu = frame->data;
1129 print_cid("Destination", pdu->dcid);
1130 print_config_flags(pdu->flags);
1131 print_config_options(frame, 4, le16_to_cpu(pdu->dcid), false);
1134 static void sig_config_rsp(const struct l2cap_frame *frame)
1136 const struct bt_l2cap_pdu_config_rsp *pdu = frame->data;
1138 print_cid("Source", pdu->scid);
1139 print_config_flags(pdu->flags);
1140 print_config_result(pdu->result);
1141 print_config_options(frame, 6, le16_to_cpu(pdu->scid), true);
1144 static void sig_disconn_req(const struct l2cap_frame *frame)
1146 const struct bt_l2cap_pdu_disconn_req *pdu = frame->data;
1148 print_cid("Destination", pdu->dcid);
1149 print_cid("Source", pdu->scid);
1152 static void sig_disconn_rsp(const struct l2cap_frame *frame)
1154 const struct bt_l2cap_pdu_disconn_rsp *pdu = frame->data;
1156 print_cid("Destination", pdu->dcid);
1157 print_cid("Source", pdu->scid);
1159 release_scid(frame, le16_to_cpu(pdu->scid));
1162 static void sig_echo_req(const struct l2cap_frame *frame)
1164 packet_hexdump(frame->data, frame->size);
1167 static void sig_echo_rsp(const struct l2cap_frame *frame)
1169 packet_hexdump(frame->data, frame->size);
1172 static void sig_info_req(const struct l2cap_frame *frame)
1174 const struct bt_l2cap_pdu_info_req *pdu = frame->data;
1176 print_info_type(pdu->type);
1179 static void sig_info_rsp(const struct l2cap_frame *frame)
1181 const struct bt_l2cap_pdu_info_rsp *pdu = frame->data;
1182 const void *data = frame->data;
1183 uint16_t size = frame->size;
1185 print_info_type(pdu->type);
1186 print_info_result(pdu->result);
1188 data += sizeof(*pdu);
1189 size -= sizeof(*pdu);
1191 if (le16_to_cpu(pdu->result) != 0x0000) {
1193 print_text(COLOR_ERROR, "invalid data size");
1194 packet_hexdump(data, size);
1199 switch (le16_to_cpu(pdu->type)) {
1202 print_text(COLOR_ERROR, "invalid data size");
1203 packet_hexdump(data, size);
1206 print_field("MTU: %d", get_le16(data));
1210 print_text(COLOR_ERROR, "invalid data size");
1211 packet_hexdump(data, size);
1214 print_features(get_le32(data));
1218 print_text(COLOR_ERROR, "invalid data size");
1219 packet_hexdump(data, size);
1222 print_channels(get_le64(data));
1225 packet_hexdump(data, size);
1230 static void sig_create_chan_req(const struct l2cap_frame *frame)
1232 const struct bt_l2cap_pdu_create_chan_req *pdu = frame->data;
1234 print_psm(pdu->psm);
1235 print_cid("Source", pdu->scid);
1236 print_field("Controller ID: %d", pdu->ctrlid);
1238 assign_scid(frame, le16_to_cpu(pdu->scid), le16_to_cpu(pdu->psm),
1242 static void sig_create_chan_rsp(const struct l2cap_frame *frame)
1244 const struct bt_l2cap_pdu_create_chan_rsp *pdu = frame->data;
1246 print_cid("Destination", pdu->dcid);
1247 print_cid("Source", pdu->scid);
1248 print_create_chan_result(pdu->result);
1249 print_conn_status(pdu->status);
1251 assign_dcid(frame, le16_to_cpu(pdu->dcid), le16_to_cpu(pdu->scid));
1254 static void sig_move_chan_req(const struct l2cap_frame *frame)
1256 const struct bt_l2cap_pdu_move_chan_req *pdu = frame->data;
1258 print_cid("Initiator", pdu->icid);
1259 print_field("Controller ID: %d", pdu->ctrlid);
1262 static void sig_move_chan_rsp(const struct l2cap_frame *frame)
1264 const struct bt_l2cap_pdu_move_chan_rsp *pdu = frame->data;
1266 print_cid("Initiator", pdu->icid);
1267 print_move_result(pdu->result);
1270 static void sig_move_chan_cfm(const struct l2cap_frame *frame)
1272 const struct bt_l2cap_pdu_move_chan_cfm *pdu = frame->data;
1274 print_cid("Initiator", pdu->icid);
1275 print_move_cfm_result(pdu->result);
1278 static void sig_move_chan_cfm_rsp(const struct l2cap_frame *frame)
1280 const struct bt_l2cap_pdu_move_chan_cfm_rsp *pdu = frame->data;
1282 print_cid("Initiator", pdu->icid);
1285 static void sig_conn_param_req(const struct l2cap_frame *frame)
1287 const struct bt_l2cap_pdu_conn_param_req *pdu = frame->data;
1289 print_field("Min interval: %d", le16_to_cpu(pdu->min_interval));
1290 print_field("Max interval: %d", le16_to_cpu(pdu->max_interval));
1291 print_field("Slave latency: %d", le16_to_cpu(pdu->latency));
1292 print_field("Timeout multiplier: %d", le16_to_cpu(pdu->timeout));
1295 static void sig_conn_param_rsp(const struct l2cap_frame *frame)
1297 const struct bt_l2cap_pdu_conn_param_rsp *pdu = frame->data;
1299 print_conn_param_result(pdu->result);
1302 static void sig_le_conn_req(const struct l2cap_frame *frame)
1304 const struct bt_l2cap_pdu_le_conn_req *pdu = frame->data;
1306 print_psm(pdu->psm);
1307 print_cid("Source", pdu->scid);
1308 print_field("MTU: %u", le16_to_cpu(pdu->mtu));
1309 print_field("MPS: %u", le16_to_cpu(pdu->mps));
1310 print_field("Credits: %u", le16_to_cpu(pdu->credits));
1312 assign_scid(frame, le16_to_cpu(pdu->scid), le16_to_cpu(pdu->psm), 0);
1315 static void sig_le_conn_rsp(const struct l2cap_frame *frame)
1317 const struct bt_l2cap_pdu_le_conn_rsp *pdu = frame->data;
1319 print_cid("Destination", pdu->dcid);
1320 print_field("MTU: %u", le16_to_cpu(pdu->mtu));
1321 print_field("MPS: %u", le16_to_cpu(pdu->mps));
1322 print_field("Credits: %u", le16_to_cpu(pdu->credits));
1323 print_le_conn_result(pdu->result);
1325 assign_dcid(frame, le16_to_cpu(pdu->dcid), 0);
1328 static void sig_le_flowctl_creds(const struct l2cap_frame *frame)
1330 const struct bt_l2cap_pdu_le_flowctl_creds *pdu = frame->data;
1332 print_cid("Source", pdu->cid);
1333 print_field("Credits: %u", le16_to_cpu(pdu->credits));
1336 struct sig_opcode_data {
1339 void (*func) (const struct l2cap_frame *frame);
1344 static const struct sig_opcode_data bredr_sig_opcode_table[] = {
1345 { 0x01, "Command Reject",
1346 sig_cmd_reject, 2, false },
1347 { 0x02, "Connection Request",
1348 sig_conn_req, 4, true },
1349 { 0x03, "Connection Response",
1350 sig_conn_rsp, 8, true },
1351 { 0x04, "Configure Request",
1352 sig_config_req, 4, false },
1353 { 0x05, "Configure Response",
1354 sig_config_rsp, 6, false },
1355 { 0x06, "Disconnection Request",
1356 sig_disconn_req, 4, true },
1357 { 0x07, "Disconnection Response",
1358 sig_disconn_rsp, 4, true },
1359 { 0x08, "Echo Request",
1360 sig_echo_req, 0, false },
1361 { 0x09, "Echo Response",
1362 sig_echo_rsp, 0, false },
1363 { 0x0a, "Information Request",
1364 sig_info_req, 2, true },
1365 { 0x0b, "Information Response",
1366 sig_info_rsp, 4, false },
1367 { 0x0c, "Create Channel Request",
1368 sig_create_chan_req, 5, true },
1369 { 0x0d, "Create Channel Response",
1370 sig_create_chan_rsp, 8, true },
1371 { 0x0e, "Move Channel Request",
1372 sig_move_chan_req, 3, true },
1373 { 0x0f, "Move Channel Response",
1374 sig_move_chan_rsp, 4, true },
1375 { 0x10, "Move Channel Confirmation",
1376 sig_move_chan_cfm, 4, true },
1377 { 0x11, "Move Channel Confirmation Response",
1378 sig_move_chan_cfm_rsp, 2, true },
1382 static const struct sig_opcode_data le_sig_opcode_table[] = {
1383 { 0x01, "Command Reject",
1384 sig_cmd_reject, 2, false },
1385 { 0x06, "Disconnection Request",
1386 sig_disconn_req, 4, true },
1387 { 0x07, "Disconnection Response",
1388 sig_disconn_rsp, 4, true },
1389 { 0x12, "Connection Parameter Update Request",
1390 sig_conn_param_req, 8, true },
1391 { 0x13, "Connection Parameter Update Response",
1392 sig_conn_param_rsp, 2, true },
1393 { 0x14, "LE Connection Request",
1394 sig_le_conn_req, 10, true },
1395 { 0x15, "LE Connection Response",
1396 sig_le_conn_rsp, 10, true },
1397 { 0x16, "LE Flow Control Credit",
1398 sig_le_flowctl_creds, 4, true },
1402 static void l2cap_frame_init(struct l2cap_frame *frame, uint16_t index, bool in,
1403 uint16_t handle, uint8_t ident,
1404 uint16_t cid, const void *data, uint16_t size)
1406 frame->index = index;
1408 frame->handle = handle;
1409 frame->ident = ident;
1413 frame->psm = get_psm(frame);
1414 frame->mode = get_mode(frame);
1415 frame->chan = get_chan(frame);
1416 frame->seq_num = get_seq_num(frame);
1419 static void bredr_sig_packet(uint16_t index, bool in, uint16_t handle,
1420 uint16_t cid, const void *data, uint16_t size)
1422 struct l2cap_frame frame;
1425 const struct bt_l2cap_hdr_sig *hdr = data;
1426 const struct sig_opcode_data *opcode_data = NULL;
1427 const char *opcode_color, *opcode_str;
1432 print_text(COLOR_ERROR, "malformed signal packet");
1433 packet_hexdump(data, size);
1437 len = le16_to_cpu(hdr->len);
1443 print_text(COLOR_ERROR, "invalid signal packet size");
1444 packet_hexdump(data, size);
1448 for (i = 0; bredr_sig_opcode_table[i].str; i++) {
1449 if (bredr_sig_opcode_table[i].opcode == hdr->code) {
1450 opcode_data = &bredr_sig_opcode_table[i];
1456 if (opcode_data->func) {
1458 opcode_color = COLOR_MAGENTA;
1460 opcode_color = COLOR_BLUE;
1462 opcode_color = COLOR_WHITE_BG;
1463 opcode_str = opcode_data->str;
1465 opcode_color = COLOR_WHITE_BG;
1466 opcode_str = "Unknown";
1469 print_indent(6, opcode_color, "L2CAP: ", opcode_str,
1471 " (0x%2.2x) ident %d len %d",
1472 hdr->code, hdr->ident, len);
1474 if (!opcode_data || !opcode_data->func) {
1475 packet_hexdump(data, len);
1481 if (opcode_data->fixed) {
1482 if (len != opcode_data->size) {
1483 print_text(COLOR_ERROR, "invalid size");
1484 packet_hexdump(data, len);
1490 if (len < opcode_data->size) {
1491 print_text(COLOR_ERROR, "too short packet");
1492 packet_hexdump(data, size);
1499 l2cap_frame_init(&frame, index, in, handle, hdr->ident, cid,
1501 opcode_data->func(&frame);
1507 packet_hexdump(data, size);
1510 static void le_sig_packet(uint16_t index, bool in, uint16_t handle,
1511 uint16_t cid, const void *data, uint16_t size)
1513 struct l2cap_frame frame;
1514 const struct bt_l2cap_hdr_sig *hdr = data;
1515 const struct sig_opcode_data *opcode_data = NULL;
1516 const char *opcode_color, *opcode_str;
1521 print_text(COLOR_ERROR, "malformed signal packet");
1522 packet_hexdump(data, size);
1526 len = le16_to_cpu(hdr->len);
1532 print_text(COLOR_ERROR, "invalid signal packet size");
1533 packet_hexdump(data, size);
1537 for (i = 0; le_sig_opcode_table[i].str; i++) {
1538 if (le_sig_opcode_table[i].opcode == hdr->code) {
1539 opcode_data = &le_sig_opcode_table[i];
1545 if (opcode_data->func) {
1547 opcode_color = COLOR_MAGENTA;
1549 opcode_color = COLOR_BLUE;
1551 opcode_color = COLOR_WHITE_BG;
1552 opcode_str = opcode_data->str;
1554 opcode_color = COLOR_WHITE_BG;
1555 opcode_str = "Unknown";
1558 print_indent(6, opcode_color, "LE L2CAP: ", opcode_str, COLOR_OFF,
1559 " (0x%2.2x) ident %d len %d",
1560 hdr->code, hdr->ident, len);
1562 if (!opcode_data || !opcode_data->func) {
1563 packet_hexdump(data, len);
1567 if (opcode_data->fixed) {
1568 if (len != opcode_data->size) {
1569 print_text(COLOR_ERROR, "invalid size");
1570 packet_hexdump(data, len);
1574 if (len < opcode_data->size) {
1575 print_text(COLOR_ERROR, "too short packet");
1576 packet_hexdump(data, size);
1581 l2cap_frame_init(&frame, index, in, handle, hdr->ident, cid, data, len);
1582 opcode_data->func(&frame);
1585 static void connless_packet(uint16_t index, bool in, uint16_t handle,
1586 uint16_t cid, const void *data, uint16_t size)
1588 struct l2cap_frame frame;
1589 const struct bt_l2cap_hdr_connless *hdr = data;
1593 print_text(COLOR_ERROR, "malformed connectionless packet");
1594 packet_hexdump(data, size);
1598 psm = le16_to_cpu(hdr->psm);
1603 print_indent(6, COLOR_CYAN, "L2CAP: Connectionless", "", COLOR_OFF,
1604 " len %d [PSM %d]", size, psm);
1608 packet_hexdump(data, size);
1612 l2cap_frame_init(&frame, index, in, handle, 0, cid, data, size);
1615 static void print_controller_list(const uint8_t *data, uint16_t size)
1620 print_field("Controller ID: %d", data[0]);
1624 str = "Primary BR/EDR Controller";
1627 str = "802.11 AMP Controller";
1634 print_field(" Type: %s (0x%2.2x)", str, data[1]);
1641 str = "Bluetooth only";
1644 str = "No capacity";
1647 str = "Low capacity";
1650 str = "Medium capacity";
1653 str = "High capacity";
1656 str = "Full capacity";
1663 print_field(" Status: %s (0x%2.2x)", str, data[2]);
1669 packet_hexdump(data, size);
1672 static void amp_cmd_reject(const struct l2cap_frame *frame)
1674 const struct bt_l2cap_amp_cmd_reject *pdu = frame->data;
1676 print_field("Reason: 0x%4.4x", le16_to_cpu(pdu->reason));
1679 static void amp_discover_req(const struct l2cap_frame *frame)
1681 const struct bt_l2cap_amp_discover_req *pdu = frame->data;
1683 print_field("MTU/MPS size: %d", le16_to_cpu(pdu->size));
1684 print_field("Extended feature mask: 0x%4.4x",
1685 le16_to_cpu(pdu->features));
1688 static void amp_discover_rsp(const struct l2cap_frame *frame)
1690 const struct bt_l2cap_amp_discover_rsp *pdu = frame->data;
1692 print_field("MTU/MPS size: %d", le16_to_cpu(pdu->size));
1693 print_field("Extended feature mask: 0x%4.4x",
1694 le16_to_cpu(pdu->features));
1696 print_controller_list(frame->data + 4, frame->size - 4);
1699 static void amp_change_notify(const struct l2cap_frame *frame)
1701 print_controller_list(frame->data, frame->size);
1704 static void amp_change_response(const struct l2cap_frame *frame)
1708 static void amp_get_info_req(const struct l2cap_frame *frame)
1710 const struct bt_l2cap_amp_get_info_req *pdu = frame->data;
1712 print_field("Controller ID: %d", pdu->ctrlid);
1715 static void amp_get_info_rsp(const struct l2cap_frame *frame)
1717 const struct bt_l2cap_amp_get_info_rsp *pdu = frame->data;
1720 print_field("Controller ID: %d", pdu->ctrlid);
1722 switch (pdu->status) {
1727 str = "Invalid Controller ID";
1734 print_field("Status: %s (0x%2.2x)", str, pdu->status);
1736 print_field("Total bandwidth: %d kbps", le32_to_cpu(pdu->total_bw));
1737 print_field("Max guaranteed bandwidth: %d kbps",
1738 le32_to_cpu(pdu->max_bw));
1739 print_field("Min latency: %d", le32_to_cpu(pdu->min_latency));
1741 print_field("PAL capabilities: 0x%4.4x", le16_to_cpu(pdu->pal_cap));
1742 print_field("Max ASSOC length: %d", le16_to_cpu(pdu->max_assoc_len));
1745 static void amp_get_assoc_req(const struct l2cap_frame *frame)
1747 const struct bt_l2cap_amp_get_assoc_req *pdu = frame->data;
1749 print_field("Controller ID: %d", pdu->ctrlid);
1752 static void amp_get_assoc_rsp(const struct l2cap_frame *frame)
1754 const struct bt_l2cap_amp_get_assoc_rsp *pdu = frame->data;
1757 print_field("Controller ID: %d", pdu->ctrlid);
1759 switch (pdu->status) {
1764 str = "Invalid Controller ID";
1771 print_field("Status: %s (0x%2.2x)", str, pdu->status);
1773 packet_hexdump(frame->data + 2, frame->size - 2);
1776 static void amp_create_phy_link_req(const struct l2cap_frame *frame)
1778 const struct bt_l2cap_amp_create_phy_link_req *pdu = frame->data;
1780 print_field("Local controller ID: %d", pdu->local_ctrlid);
1781 print_field("Remote controller ID: %d", pdu->remote_ctrlid);
1783 packet_hexdump(frame->data + 2, frame->size - 2);
1786 static void amp_create_phy_link_rsp(const struct l2cap_frame *frame)
1788 const struct bt_l2cap_amp_create_phy_link_rsp *pdu = frame->data;
1791 print_field("Local controller ID: %d", pdu->local_ctrlid);
1792 print_field("Remote controller ID: %d", pdu->remote_ctrlid);
1794 switch (pdu->status) {
1799 str = "Invalid Controller ID";
1802 str = "Failed - Unable to start link creation";
1805 str = "Failed - Collision occurred";
1808 str = "Failed - Disconnected link packet received";
1811 str = "Failed - Link already exists";
1814 str = "Failed - Security violation";
1821 print_field("Status: %s (0x%2.2x)", str, pdu->status);
1824 static void amp_disconn_phy_link_req(const struct l2cap_frame *frame)
1826 const struct bt_l2cap_amp_disconn_phy_link_req *pdu = frame->data;
1828 print_field("Local controller ID: %d", pdu->local_ctrlid);
1829 print_field("Remote controller ID: %d", pdu->remote_ctrlid);
1832 static void amp_disconn_phy_link_rsp(const struct l2cap_frame *frame)
1834 const struct bt_l2cap_amp_disconn_phy_link_rsp *pdu = frame->data;
1837 print_field("Local controller ID: %d", pdu->local_ctrlid);
1838 print_field("Remote controller ID: %d", pdu->remote_ctrlid);
1840 switch (pdu->status) {
1845 str = "Invalid Controller ID";
1848 str = "Failed - No link exists";
1855 print_field("Status: %s (0x%2.2x)", str, pdu->status);
1858 struct amp_opcode_data {
1861 void (*func) (const struct l2cap_frame *frame);
1866 static const struct amp_opcode_data amp_opcode_table[] = {
1867 { 0x01, "Command Reject",
1868 amp_cmd_reject, 2, false },
1869 { 0x02, "Discover Request",
1870 amp_discover_req, 4, true },
1871 { 0x03, "Discover Response",
1872 amp_discover_rsp, 7, false },
1873 { 0x04, "Change Notify",
1874 amp_change_notify, 3, false },
1875 { 0x05, "Change Response",
1876 amp_change_response, 0, true },
1877 { 0x06, "Get Info Request",
1878 amp_get_info_req, 1, true },
1879 { 0x07, "Get Info Response",
1880 amp_get_info_rsp, 18, true },
1881 { 0x08, "Get Assoc Request",
1882 amp_get_assoc_req, 1, true },
1883 { 0x09, "Get Assoc Response",
1884 amp_get_assoc_rsp, 2, false },
1885 { 0x0a, "Create Physical Link Request",
1886 amp_create_phy_link_req, 2, false },
1887 { 0x0b, "Create Physical Link Response",
1888 amp_create_phy_link_rsp, 3, true },
1889 { 0x0c, "Disconnect Physical Link Request",
1890 amp_disconn_phy_link_req, 2, true },
1891 { 0x0d, "Disconnect Physical Link Response",
1892 amp_disconn_phy_link_rsp, 3, true },
1896 static void amp_packet(uint16_t index, bool in, uint16_t handle,
1897 uint16_t cid, const void *data, uint16_t size)
1899 struct l2cap_frame frame;
1900 uint16_t control, fcs, len;
1901 uint8_t opcode, ident;
1902 const struct amp_opcode_data *opcode_data = NULL;
1903 const char *opcode_color, *opcode_str;
1907 print_text(COLOR_ERROR, "malformed info frame packet");
1908 packet_hexdump(data, size);
1912 control = get_le16(data);
1913 fcs = get_le16(data + size - 2);
1915 print_indent(6, COLOR_CYAN, "Channel:", "", COLOR_OFF,
1916 " %d dlen %d control 0x%4.4x fcs 0x%4.4x",
1917 3, size, control, fcs);
1923 print_text(COLOR_ERROR, "malformed manager packet");
1924 packet_hexdump(data, size);
1928 opcode = *((const uint8_t *) (data + 2));
1929 ident = *((const uint8_t *) (data + 3));
1930 len = get_le16(data + 4);
1932 if (len != size - 8) {
1933 print_text(COLOR_ERROR, "invalid manager packet size");
1934 packet_hexdump(data + 2, size - 4);
1938 for (i = 0; amp_opcode_table[i].str; i++) {
1939 if (amp_opcode_table[i].opcode == opcode) {
1940 opcode_data = &_opcode_table[i];
1946 if (opcode_data->func) {
1948 opcode_color = COLOR_MAGENTA;
1950 opcode_color = COLOR_BLUE;
1952 opcode_color = COLOR_WHITE_BG;
1953 opcode_str = opcode_data->str;
1955 opcode_color = COLOR_WHITE_BG;
1956 opcode_str = "Unknown";
1959 print_indent(6, opcode_color, "AMP: ", opcode_str, COLOR_OFF,
1960 " (0x%2.2x) ident %d len %d", opcode, ident, len);
1962 if (!opcode_data || !opcode_data->func) {
1963 packet_hexdump(data + 6, size - 8);
1967 if (opcode_data->fixed) {
1968 if (len != opcode_data->size) {
1969 print_text(COLOR_ERROR, "invalid size");
1970 packet_hexdump(data + 6, size - 8);
1974 if (len < opcode_data->size) {
1975 print_text(COLOR_ERROR, "too short packet");
1976 packet_hexdump(data + 6, size - 8);
1981 l2cap_frame_init(&frame, index, in, handle, 0, cid, data + 6, len);
1982 opcode_data->func(&frame);
1985 static void print_hex_field(const char *label, const uint8_t *data,
1988 char str[len * 2 + 1];
1993 for (i = 0; i < len; i++)
1994 sprintf(str + (i * 2), "%2.2x", data[i]);
1996 print_field("%s: %s", label, str);
1999 static void print_uuid(const char *label, const void *data, uint16_t size)
2005 str = uuid16_to_str(get_le16(data));
2006 print_field("%s: %s (0x%4.4x)", label, str, get_le16(data));
2009 str = uuid32_to_str(get_le32(data));
2010 print_field("%s: %s (0x%8.8x)", label, str, get_le32(data));
2013 str = uuid128_to_str(data);
2014 print_field("%s: %s (%8.8x-%4.4x-%4.4x-%4.4x-%8.8x%4.4x)",
2016 get_le32(data + 12), get_le16(data + 10),
2017 get_le16(data + 8), get_le16(data + 6),
2018 get_le32(data + 2), get_le16(data + 0));
2021 packet_hexdump(data, size);
2026 static void print_handle_range(const char *label, const void *data)
2028 print_field("%s: 0x%4.4x-0x%4.4x", label,
2029 get_le16(data), get_le16(data + 2));
2032 static void print_data_list(const char *label, uint8_t length,
2033 const void *data, uint16_t size)
2040 count = size / length;
2042 print_field("%s: %u entr%s", label, count, count == 1 ? "y" : "ies");
2044 while (size >= length) {
2045 print_field("Handle: 0x%4.4x", get_le16(data));
2046 print_hex_field("Value", data + 2, length - 2);
2052 packet_hexdump(data, size);
2055 static void print_attribute_info(uint16_t type, const void *data, uint16_t len)
2057 const char *str = uuid16_to_str(type);
2059 print_field("%s: %s (0x%4.4x)", "Attribute type", str, type);
2062 case 0x2800: /* Primary Service */
2063 case 0x2801: /* Secondary Service */
2064 print_uuid(" UUID", data, len);
2066 case 0x2802: /* Include */
2068 print_hex_field(" Value", data, len);
2071 print_handle_range(" Handle range", data);
2072 print_uuid(" UUID", data + 4, len - 4);
2074 case 0x2803: /* Characteristic */
2076 print_hex_field(" Value", data, len);
2079 print_field(" Properties: 0x%2.2x", *((uint8_t *) data));
2080 print_field(" Handle: 0x%2.2x", get_le16(data + 1));
2081 print_uuid(" UUID", data + 3, len - 3);
2084 print_hex_field("Value", data, len);
2089 static const char *att_opcode_to_str(uint8_t opcode);
2091 static void att_error_response(const struct l2cap_frame *frame)
2093 const struct bt_l2cap_att_error_response *pdu = frame->data;
2096 switch (pdu->error) {
2098 str = "Invalid Handle";
2101 str = "Read Not Permitted";
2104 str = "Write Not Permitted";
2107 str = "Invalid PDU";
2110 str = "Insufficient Authentication";
2113 str = "Request Not Supported";
2116 str = "Invalid Offset";
2119 str = "Insufficient Authorization";
2122 str = "Prepare Queue Full";
2125 str = "Attribute Not Found";
2128 str = "Attribute Not Long";
2131 str = "Insufficient Encryption Key Size";
2134 str = "Invalid Attribute Value Length";
2137 str = "Unlikely Error";
2140 str = "Insufficient Encryption";
2143 str = "Unsupported Group Type";
2146 str = "Insufficient Resources";
2149 str = "CCC Improperly Configured";
2152 str = "Procedure Already in Progress";
2155 str = "Out of Range";
2162 print_field("%s (0x%2.2x)", att_opcode_to_str(pdu->request),
2164 print_field("Handle: 0x%4.4x", le16_to_cpu(pdu->handle));
2165 print_field("Error: %s (0x%2.2x)", str, pdu->error);
2168 static void att_exchange_mtu_req(const struct l2cap_frame *frame)
2170 const struct bt_l2cap_att_exchange_mtu_req *pdu = frame->data;
2172 print_field("Client RX MTU: %d", le16_to_cpu(pdu->mtu));
2175 static void att_exchange_mtu_rsp(const struct l2cap_frame *frame)
2177 const struct bt_l2cap_att_exchange_mtu_rsp *pdu = frame->data;
2179 print_field("Server RX MTU: %d", le16_to_cpu(pdu->mtu));
2182 static void att_find_info_req(const struct l2cap_frame *frame)
2184 print_handle_range("Handle range", frame->data);
2187 static const char *att_format_str(uint8_t format)
2199 static uint16_t print_info_data_16(const void *data, uint16_t len)
2202 print_field("Handle: 0x%4.4x", get_le16(data));
2203 print_uuid("UUID", data + 2, 2);
2211 static uint16_t print_info_data_128(const void *data, uint16_t len)
2214 print_field("Handle: 0x%4.4x", get_le16(data));
2215 print_uuid("UUID", data + 2, 16);
2223 static void att_find_info_rsp(const struct l2cap_frame *frame)
2225 const uint8_t *format = frame->data;
2228 print_field("Format: %s (0x%2.2x)", att_format_str(*format), *format);
2230 if (*format == 0x01)
2231 len = print_info_data_16(frame->data + 1, frame->size - 1);
2232 else if (*format == 0x02)
2233 len = print_info_data_128(frame->data + 1, frame->size - 1);
2235 len = frame->size - 1;
2237 packet_hexdump(frame->data + (frame->size - len), len);
2240 static void att_find_by_type_val_req(const struct l2cap_frame *frame)
2244 print_handle_range("Handle range", frame->data);
2246 type = get_le16(frame->data + 4);
2247 print_attribute_info(type, frame->data + 6, frame->size - 6);
2250 static void att_find_by_type_val_rsp(const struct l2cap_frame *frame)
2252 const uint8_t *ptr = frame->data;
2253 uint16_t len = frame->size;
2256 print_handle_range("Handle range", ptr);
2261 packet_hexdump(ptr, len);
2264 static void att_read_type_req(const struct l2cap_frame *frame)
2266 print_handle_range("Handle range", frame->data);
2267 print_uuid("Attribute type", frame->data + 4, frame->size - 4);
2270 static void att_read_type_rsp(const struct l2cap_frame *frame)
2272 const struct bt_l2cap_att_read_group_type_rsp *pdu = frame->data;
2274 print_field("Attribute data length: %d", pdu->length);
2275 print_data_list("Attribute data list", pdu->length,
2276 frame->data + 1, frame->size - 1);
2279 static void att_read_req(const struct l2cap_frame *frame)
2281 const struct bt_l2cap_att_read_req *pdu = frame->data;
2283 print_field("Handle: 0x%4.4x", le16_to_cpu(pdu->handle));
2286 static void att_read_rsp(const struct l2cap_frame *frame)
2288 print_hex_field("Value", frame->data, frame->size);
2291 static void att_read_blob_req(const struct l2cap_frame *frame)
2293 print_field("Handle: 0x%4.4x", get_le16(frame->data));
2294 print_field("Offset: 0x%4.4x", get_le16(frame->data + 2));
2297 static void att_read_blob_rsp(const struct l2cap_frame *frame)
2299 packet_hexdump(frame->data, frame->size);
2302 static void att_read_multiple_req(const struct l2cap_frame *frame)
2306 count = frame->size / 2;
2308 for (i = 0; i < count; i++)
2309 print_field("Handle: 0x%4.4x",
2310 get_le16(frame->data + (i * 2)));
2313 static void att_read_group_type_req(const struct l2cap_frame *frame)
2315 print_handle_range("Handle range", frame->data);
2316 print_uuid("Attribute group type", frame->data + 4, frame->size - 4);
2319 static void print_group_list(const char *label, uint8_t length,
2320 const void *data, uint16_t size)
2327 count = size / length;
2329 print_field("%s: %u entr%s", label, count, count == 1 ? "y" : "ies");
2331 while (size >= length) {
2332 print_handle_range("Handle range", data);
2333 print_uuid("UUID", data + 4, length - 4);
2339 packet_hexdump(data, size);
2342 static void att_read_group_type_rsp(const struct l2cap_frame *frame)
2344 const struct bt_l2cap_att_read_group_type_rsp *pdu = frame->data;
2346 print_field("Attribute data length: %d", pdu->length);
2347 print_group_list("Attribute group list", pdu->length,
2348 frame->data + 1, frame->size - 1);
2351 static void att_write_req(const struct l2cap_frame *frame)
2353 print_field("Handle: 0x%4.4x", get_le16(frame->data));
2354 print_hex_field(" Data", frame->data + 2, frame->size - 2);
2357 static void att_write_rsp(const struct l2cap_frame *frame)
2361 static void att_prepare_write_req(const struct l2cap_frame *frame)
2363 print_field("Handle: 0x%4.4x", get_le16(frame->data));
2364 print_field("Offset: 0x%4.4x", get_le16(frame->data + 2));
2365 print_hex_field(" Data", frame->data + 4, frame->size - 4);
2368 static void att_prepare_write_rsp(const struct l2cap_frame *frame)
2370 print_field("Handle: 0x%4.4x", get_le16(frame->data));
2371 print_field("Offset: 0x%4.4x", get_le16(frame->data + 2));
2372 print_hex_field(" Data", frame->data + 4, frame->size - 4);
2375 static void att_execute_write_req(const struct l2cap_frame *frame)
2377 uint8_t flags = *(uint8_t *) frame->data;
2378 const char *flags_str;
2382 flags_str = "Cancel all prepared writes";
2385 flags_str = "Immediately write all pending values";
2388 flags_str = "Unknown";
2392 print_field("Flags: %s (0x%02x)", flags_str, flags);
2395 static void att_handle_value_notify(const struct l2cap_frame *frame)
2397 const struct bt_l2cap_att_handle_value_notify *pdu = frame->data;
2399 print_field("Handle: 0x%4.4x", le16_to_cpu(pdu->handle));
2400 print_hex_field(" Data", frame->data + 2, frame->size - 2);
2403 static void att_handle_value_ind(const struct l2cap_frame *frame)
2405 const struct bt_l2cap_att_handle_value_ind *pdu = frame->data;
2407 print_field("Handle: 0x%4.4x", le16_to_cpu(pdu->handle));
2408 print_hex_field(" Data", frame->data + 2, frame->size - 2);
2411 static void att_handle_value_conf(const struct l2cap_frame *frame)
2415 static void att_write_command(const struct l2cap_frame *frame)
2417 print_field("Handle: 0x%4.4x", get_le16(frame->data));
2418 print_hex_field(" Data", frame->data + 2, frame->size - 2);
2421 static void att_signed_write_command(const struct l2cap_frame *frame)
2423 print_field("Handle: 0x%4.4x", get_le16(frame->data));
2424 print_hex_field(" Data", frame->data + 2, frame->size - 2 - 12);
2425 print_hex_field(" Signature", frame->data + frame->size - 12, 12);
2428 struct att_opcode_data {
2431 void (*func) (const struct l2cap_frame *frame);
2436 static const struct att_opcode_data att_opcode_table[] = {
2437 { 0x01, "Error Response",
2438 att_error_response, 4, true },
2439 { 0x02, "Exchange MTU Request",
2440 att_exchange_mtu_req, 2, true },
2441 { 0x03, "Exchange MTU Response",
2442 att_exchange_mtu_rsp, 2, true },
2443 { 0x04, "Find Information Request",
2444 att_find_info_req, 4, true },
2445 { 0x05, "Find Information Response",
2446 att_find_info_rsp, 5, false },
2447 { 0x06, "Find By Type Value Request",
2448 att_find_by_type_val_req, 6, false },
2449 { 0x07, "Find By Type Value Response",
2450 att_find_by_type_val_rsp, 4, false },
2451 { 0x08, "Read By Type Request",
2452 att_read_type_req, 6, false },
2453 { 0x09, "Read By Type Response",
2454 att_read_type_rsp, 3, false },
2455 { 0x0a, "Read Request",
2456 att_read_req, 2, true },
2457 { 0x0b, "Read Response",
2458 att_read_rsp, 0, false },
2459 { 0x0c, "Read Blob Request",
2460 att_read_blob_req, 4, true },
2461 { 0x0d, "Read Blob Response",
2462 att_read_blob_rsp, 0, false },
2463 { 0x0e, "Read Multiple Request",
2464 att_read_multiple_req, 4, false },
2465 { 0x0f, "Read Multiple Response" },
2466 { 0x10, "Read By Group Type Request",
2467 att_read_group_type_req, 6, false },
2468 { 0x11, "Read By Group Type Response",
2469 att_read_group_type_rsp, 4, false },
2470 { 0x12, "Write Request" ,
2471 att_write_req, 2, false },
2472 { 0x13, "Write Response",
2473 att_write_rsp, 0, true },
2474 { 0x16, "Prepare Write Request",
2475 att_prepare_write_req, 4, false },
2476 { 0x17, "Prepare Write Response",
2477 att_prepare_write_rsp, 4, false },
2478 { 0x18, "Execute Write Request",
2479 att_execute_write_req, 1, true },
2480 { 0x19, "Execute Write Response" },
2481 { 0x1b, "Handle Value Notification",
2482 att_handle_value_notify, 2, false },
2483 { 0x1d, "Handle Value Indication",
2484 att_handle_value_ind, 2, false },
2485 { 0x1e, "Handle Value Confirmation",
2486 att_handle_value_conf, 0, true },
2487 { 0x52, "Write Command",
2488 att_write_command, 2, false },
2489 { 0xd2, "Signed Write Command", att_signed_write_command, 14, false },
2493 static const char *att_opcode_to_str(uint8_t opcode)
2497 for (i = 0; att_opcode_table[i].str; i++) {
2498 if (att_opcode_table[i].opcode == opcode)
2499 return att_opcode_table[i].str;
2505 static void att_packet(uint16_t index, bool in, uint16_t handle,
2506 uint16_t cid, const void *data, uint16_t size)
2508 struct l2cap_frame frame;
2509 uint8_t opcode = *((const uint8_t *) data);
2510 const struct att_opcode_data *opcode_data = NULL;
2511 const char *opcode_color, *opcode_str;
2515 print_text(COLOR_ERROR, "malformed attribute packet");
2516 packet_hexdump(data, size);
2520 for (i = 0; att_opcode_table[i].str; i++) {
2521 if (att_opcode_table[i].opcode == opcode) {
2522 opcode_data = &att_opcode_table[i];
2528 if (opcode_data->func) {
2530 opcode_color = COLOR_MAGENTA;
2532 opcode_color = COLOR_BLUE;
2534 opcode_color = COLOR_WHITE_BG;
2535 opcode_str = opcode_data->str;
2537 opcode_color = COLOR_WHITE_BG;
2538 opcode_str = "Unknown";
2541 print_indent(6, opcode_color, "ATT: ", opcode_str, COLOR_OFF,
2542 " (0x%2.2x) len %d", opcode, size - 1);
2544 if (!opcode_data || !opcode_data->func) {
2545 packet_hexdump(data + 1, size - 1);
2549 if (opcode_data->fixed) {
2550 if (size - 1 != opcode_data->size) {
2551 print_text(COLOR_ERROR, "invalid size");
2552 packet_hexdump(data + 1, size - 1);
2556 if (size - 1 < opcode_data->size) {
2557 print_text(COLOR_ERROR, "too short packet");
2558 packet_hexdump(data + 1, size - 1);
2563 l2cap_frame_init(&frame, index, in, handle, 0, cid, data + 1, size - 1);
2564 opcode_data->func(&frame);
2567 static void print_addr(const uint8_t *addr, uint8_t addr_type)
2571 switch (addr_type) {
2573 print_field("Address: %2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X",
2574 addr[5], addr[4], addr[3],
2575 addr[2], addr[1], addr[0]);
2578 switch ((addr[5] & 0xc0) >> 6) {
2580 str = "Non-Resolvable";
2593 print_field("Address: %2.2X:%2.2X:%2.2X:%2.2X:%2.2X:%2.2X"
2594 " (%s)", addr[5], addr[4], addr[3],
2595 addr[2], addr[1], addr[0], str);
2598 print_field("Address: %2.2X-%2.2X-%2.2X-%2.2X-%2.2X-%2.2X",
2599 addr[5], addr[4], addr[3],
2600 addr[2], addr[1], addr[0]);
2605 static void print_addr_type(uint8_t addr_type)
2609 switch (addr_type) {
2621 print_field("Address type: %s (0x%2.2x)", str, addr_type);
2624 static void print_smp_io_capa(uint8_t io_capa)
2630 str = "DisplayOnly";
2633 str = "DisplayYesNo";
2636 str = "KeyboardOnly";
2639 str = "NoInputNoOutput";
2642 str = "KeyboardDisplay";
2649 print_field("IO capability: %s (0x%2.2x)", str, io_capa);
2652 static void print_smp_oob_data(uint8_t oob_data)
2658 str = "Authentication data not present";
2661 str = "Authentication data from remote device present";
2668 print_field("OOB data: %s (0x%2.2x)", str, oob_data);
2671 static void print_smp_auth_req(uint8_t auth_req)
2673 const char *bond, *mitm, *sc, *kp;
2675 switch (auth_req & 0x03) {
2677 bond = "No bonding";
2687 if ((auth_req & 0x04))
2692 if ((auth_req & 0x08))
2697 if ((auth_req & 0x10))
2700 kp = "No Keypresses";
2702 print_field("Authentication requirement: %s, %s, %s, %s (0x%2.2x)",
2703 bond, mitm, sc, kp, auth_req);
2706 static void print_smp_key_dist(const char *label, uint8_t dist)
2710 if (!(dist & 0x07)) {
2711 strcpy(str, "<none> ");
2715 strcat(str, "EncKey ");
2717 strcat(str, "IdKey ");
2719 strcat(str, "Sign ");
2721 strcat(str, "LinkKey ");
2724 print_field("%s: %s(0x%2.2x)", label, str, dist);
2727 static void smp_pairing_request(const struct l2cap_frame *frame)
2729 const struct bt_l2cap_smp_pairing_request *pdu = frame->data;
2731 print_smp_io_capa(pdu->io_capa);
2732 print_smp_oob_data(pdu->oob_data);
2733 print_smp_auth_req(pdu->auth_req);
2735 print_field("Max encryption key size: %d", pdu->max_key_size);
2736 print_smp_key_dist("Initiator key distribution", pdu->init_key_dist);
2737 print_smp_key_dist("Responder key distribution", pdu->resp_key_dist);
2740 static void smp_pairing_response(const struct l2cap_frame *frame)
2742 const struct bt_l2cap_smp_pairing_response *pdu = frame->data;
2744 print_smp_io_capa(pdu->io_capa);
2745 print_smp_oob_data(pdu->oob_data);
2746 print_smp_auth_req(pdu->auth_req);
2748 print_field("Max encryption key size: %d", pdu->max_key_size);
2749 print_smp_key_dist("Initiator key distribution", pdu->init_key_dist);
2750 print_smp_key_dist("Responder key distribution", pdu->resp_key_dist);
2753 static void smp_pairing_confirm(const struct l2cap_frame *frame)
2755 const struct bt_l2cap_smp_pairing_confirm *pdu = frame->data;
2757 print_hex_field("Confim value", pdu->value, 16);
2760 static void smp_pairing_random(const struct l2cap_frame *frame)
2762 const struct bt_l2cap_smp_pairing_random *pdu = frame->data;
2764 print_hex_field("Random value", pdu->value, 16);
2767 static void smp_pairing_failed(const struct l2cap_frame *frame)
2769 const struct bt_l2cap_smp_pairing_failed *pdu = frame->data;
2772 switch (pdu->reason) {
2774 str = "Passkey entry failed";
2777 str = "OOB not available";
2780 str = "Authentication requirements";
2783 str = "Confirm value failed";
2786 str = "Pairing not supported";
2789 str = "Encryption key size";
2792 str = "Command not supported";
2795 str = "Unspecified reason";
2798 str = "Repeated attempts";
2801 str = "Invalid parameters";
2804 str = "DHKey check failed";
2807 str = "Numeric comparison failed";
2810 str = "BR/EDR pairing in progress";
2813 str = "Cross-transport Key Derivation/Generation not allowed";
2820 print_field("Reason: %s (0x%2.2x)", str, pdu->reason);
2823 static void smp_encrypt_info(const struct l2cap_frame *frame)
2825 const struct bt_l2cap_smp_encrypt_info *pdu = frame->data;
2827 print_hex_field("Long term key", pdu->ltk, 16);
2830 static void smp_master_ident(const struct l2cap_frame *frame)
2832 const struct bt_l2cap_smp_master_ident *pdu = frame->data;
2834 print_field("EDIV: 0x%4.4x", le16_to_cpu(pdu->ediv));
2835 print_field("Rand: 0x%16.16" PRIx64, le64_to_cpu(pdu->rand));
2838 static void smp_ident_info(const struct l2cap_frame *frame)
2840 const struct bt_l2cap_smp_ident_info *pdu = frame->data;
2842 print_hex_field("Identity resolving key", pdu->irk, 16);
2844 keys_update_identity_key(pdu->irk);
2847 static void smp_ident_addr_info(const struct l2cap_frame *frame)
2849 const struct bt_l2cap_smp_ident_addr_info *pdu = frame->data;
2851 print_addr_type(pdu->addr_type);
2852 print_addr(pdu->addr, pdu->addr_type);
2854 keys_update_identity_addr(pdu->addr, pdu->addr_type);
2857 static void smp_signing_info(const struct l2cap_frame *frame)
2859 const struct bt_l2cap_smp_signing_info *pdu = frame->data;
2861 print_hex_field("Signature key", pdu->csrk, 16);
2864 static void smp_security_request(const struct l2cap_frame *frame)
2866 const struct bt_l2cap_smp_security_request *pdu = frame->data;
2868 print_smp_auth_req(pdu->auth_req);
2871 static void smp_pairing_public_key(const struct l2cap_frame *frame)
2873 const struct bt_l2cap_smp_public_key *pdu = frame->data;
2875 print_hex_field("X", pdu->x, 32);
2876 print_hex_field("Y", pdu->y, 32);
2879 static void smp_pairing_dhkey_check(const struct l2cap_frame *frame)
2881 const struct bt_l2cap_smp_dhkey_check *pdu = frame->data;
2883 print_hex_field("E", pdu->e, 16);
2886 static void smp_pairing_keypress_notification(const struct l2cap_frame *frame)
2888 const struct bt_l2cap_smp_keypress_notify *pdu = frame->data;
2891 switch (pdu->type) {
2893 str = "Passkey entry started";
2896 str = "Passkey digit entered";
2899 str = "Passkey digit erased";
2902 str = "Passkey cleared";
2905 str = "Passkey entry completed";
2912 print_field("Type: %s (0x%2.2x)", str, pdu->type);
2915 struct smp_opcode_data {
2918 void (*func) (const struct l2cap_frame *frame);
2923 static const struct smp_opcode_data smp_opcode_table[] = {
2924 { 0x01, "Pairing Request",
2925 smp_pairing_request, 6, true },
2926 { 0x02, "Pairing Response",
2927 smp_pairing_response, 6, true },
2928 { 0x03, "Pairing Confirm",
2929 smp_pairing_confirm, 16, true },
2930 { 0x04, "Pairing Random",
2931 smp_pairing_random, 16, true },
2932 { 0x05, "Pairing Failed",
2933 smp_pairing_failed, 1, true },
2934 { 0x06, "Encryption Information",
2935 smp_encrypt_info, 16, true },
2936 { 0x07, "Master Identification",
2937 smp_master_ident, 10, true },
2938 { 0x08, "Identity Information",
2939 smp_ident_info, 16, true },
2940 { 0x09, "Identity Address Information",
2941 smp_ident_addr_info, 7, true },
2942 { 0x0a, "Signing Information",
2943 smp_signing_info, 16, true },
2944 { 0x0b, "Security Request",
2945 smp_security_request, 1, true },
2946 { 0x0c, "Pairing Public Key",
2947 smp_pairing_public_key, 64, true },
2948 { 0x0d, "Pairing DHKey Check",
2949 smp_pairing_dhkey_check, 16, true },
2950 { 0x0e, "Pairing Keypress Notification",
2951 smp_pairing_keypress_notification, 1, true },
2955 static void smp_packet(uint16_t index, bool in, uint16_t handle,
2956 uint16_t cid, const void *data, uint16_t size)
2958 struct l2cap_frame frame;
2959 uint8_t opcode = *((const uint8_t *) data);
2960 const struct smp_opcode_data *opcode_data = NULL;
2961 const char *opcode_color, *opcode_str;
2965 print_text(COLOR_ERROR, "malformed attribute packet");
2966 packet_hexdump(data, size);
2970 for (i = 0; smp_opcode_table[i].str; i++) {
2971 if (smp_opcode_table[i].opcode == opcode) {
2972 opcode_data = &smp_opcode_table[i];
2978 if (opcode_data->func) {
2980 opcode_color = COLOR_MAGENTA;
2982 opcode_color = COLOR_BLUE;
2984 opcode_color = COLOR_WHITE_BG;
2985 opcode_str = opcode_data->str;
2987 opcode_color = COLOR_WHITE_BG;
2988 opcode_str = "Unknown";
2991 print_indent(6, opcode_color, cid == 0x0006 ? "SMP: " : "BR/EDR SMP: ",
2992 opcode_str, COLOR_OFF, " (0x%2.2x) len %d",
2995 if (!opcode_data || !opcode_data->func) {
2996 packet_hexdump(data + 1, size - 1);
3000 if (opcode_data->fixed) {
3001 if (size - 1 != opcode_data->size) {
3002 print_text(COLOR_ERROR, "invalid size");
3003 packet_hexdump(data + 1, size - 1);
3007 if (size - 1 < opcode_data->size) {
3008 print_text(COLOR_ERROR, "too short packet");
3009 packet_hexdump(data + 1, size - 1);
3014 l2cap_frame_init(&frame, index, in, handle, 0, cid, data + 1, size - 1);
3015 opcode_data->func(&frame);
3018 static void l2cap_frame(uint16_t index, bool in, uint16_t handle,
3019 uint16_t cid, const void *data, uint16_t size)
3021 struct l2cap_frame frame;
3022 uint32_t ctrl32 = 0;
3023 uint16_t ctrl16 = 0;
3028 bredr_sig_packet(index, in, handle, cid, data, size);
3031 connless_packet(index, in, handle, cid, data, size);
3034 amp_packet(index, in, handle, cid, data, size);
3037 att_packet(index, in, handle, cid, data, size);
3040 le_sig_packet(index, in, handle, cid, data, size);
3044 smp_packet(index, in, handle, cid, data, size);
3047 l2cap_frame_init(&frame, index, in, handle, 0, cid, data, size);
3049 if (frame.mode > 0) {
3050 ext_ctrl = get_ext_ctrl(&frame);
3053 if (!l2cap_frame_get_le32(&frame, &ctrl32))
3056 print_indent(6, COLOR_CYAN, "Channel:", "",
3057 COLOR_OFF, " %d len %d"
3059 " [PSM %d mode %d] {chan %d}",
3060 cid, size, ctrl32, frame.psm,
3061 frame.mode, frame.chan);
3063 l2cap_ctrl_ext_parse(&frame, ctrl32);
3065 if (!l2cap_frame_get_le16(&frame, &ctrl16))
3068 print_indent(6, COLOR_CYAN, "Channel:", "",
3069 COLOR_OFF, " %d len %d"
3071 " [PSM %d mode %d] {chan %d}",
3072 cid, size, ctrl16, frame.psm,
3073 frame.mode, frame.chan);
3075 l2cap_ctrl_parse(&frame, ctrl16);
3080 print_indent(6, COLOR_CYAN, "Channel:", "", COLOR_OFF,
3081 " %d len %d [PSM %d mode %d] {chan %d}",
3082 cid, size, frame.psm,
3083 frame.mode, frame.chan);
3086 switch (frame.psm) {
3091 rfcomm_packet(&frame);
3094 bnep_packet(&frame);
3097 att_packet(index, in, handle, cid, data, size);
3101 avctp_packet(&frame);
3104 avdtp_packet(&frame);
3107 packet_hexdump(data, size);
3114 void l2cap_packet(uint16_t index, bool in, uint16_t handle, uint8_t flags,
3115 const void *data, uint16_t size)
3117 const struct bt_l2cap_hdr *hdr = data;
3120 if (index > MAX_INDEX - 1) {
3121 print_text(COLOR_ERROR, "controller index too large");
3122 packet_hexdump(data, size);
3127 case 0x00: /* start of a non-automatically-flushable PDU */
3128 case 0x02: /* start of an automatically-flushable PDU */
3129 if (index_list[index][in].frag_len) {
3130 print_text(COLOR_ERROR, "unexpected start frame");
3131 packet_hexdump(data, size);
3132 clear_fragment_buffer(index, in);
3136 if (size < sizeof(*hdr)) {
3137 print_text(COLOR_ERROR, "frame too short");
3138 packet_hexdump(data, size);
3142 len = le16_to_cpu(hdr->len);
3143 cid = le16_to_cpu(hdr->cid);
3145 data += sizeof(*hdr);
3146 size -= sizeof(*hdr);
3149 /* complete frame */
3150 l2cap_frame(index, in, handle, cid, data, len);
3155 print_text(COLOR_ERROR, "frame too long");
3156 packet_hexdump(data, size);
3160 index_list[index][in].frag_buf = malloc(len);
3161 if (!index_list[index][in].frag_buf) {
3162 print_text(COLOR_ERROR, "failed buffer allocation");
3163 packet_hexdump(data, size);
3167 memcpy(index_list[index][in].frag_buf, data, size);
3168 index_list[index][in].frag_pos = size;
3169 index_list[index][in].frag_len = len - size;
3170 index_list[index][in].frag_cid = cid;
3173 case 0x01: /* continuing fragment */
3174 if (!index_list[index][in].frag_len) {
3175 print_text(COLOR_ERROR, "unexpected continuation");
3176 packet_hexdump(data, size);
3180 if (size > index_list[index][in].frag_len) {
3181 print_text(COLOR_ERROR, "fragment too long");
3182 packet_hexdump(data, size);
3183 clear_fragment_buffer(index, in);
3187 memcpy(index_list[index][in].frag_buf +
3188 index_list[index][in].frag_pos, data, size);
3189 index_list[index][in].frag_pos += size;
3190 index_list[index][in].frag_len -= size;
3192 if (!index_list[index][in].frag_len) {
3193 /* complete frame */
3194 l2cap_frame(index, in, handle,
3195 index_list[index][in].frag_cid,
3196 index_list[index][in].frag_buf,
3197 index_list[index][in].frag_pos);
3198 clear_fragment_buffer(index, in);
3203 case 0x03: /* complete automatically-flushable PDU */
3204 if (index_list[index][in].frag_len) {
3205 print_text(COLOR_ERROR, "unexpected complete frame");
3206 packet_hexdump(data, size);
3207 clear_fragment_buffer(index, in);
3211 if (size < sizeof(*hdr)) {
3212 print_text(COLOR_ERROR, "frame too short");
3213 packet_hexdump(data, size);
3217 len = le16_to_cpu(hdr->len);
3218 cid = le16_to_cpu(hdr->cid);
3220 data += sizeof(*hdr);
3221 size -= sizeof(*hdr);
3224 print_text(COLOR_ERROR, "wrong frame size");
3225 packet_hexdump(data, size);
3229 /* complete frame */
3230 l2cap_frame(index, in, handle, cid, data, len);
3234 print_text(COLOR_ERROR, "invalid packet flags (0x%2.2x)",
3236 packet_hexdump(data, size);
projects / platform / upstream / bluez.git / blob