1 /******************************************************************************
2 *
3 * Copyright (C) 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * Interface to AVRCP mandatory commands
22 *
23 ******************************************************************************/
24 #include <assert.h>
25 #include "common/bt_trace.h"
26 #include <string.h>
27 #include "common/bt_target.h"
28 #include "stack/avrc_api.h"
29 #include "avrc_int.h"
30 #include "osi/allocator.h"
31
32 #if (defined(AVRC_INCLUDED) && AVRC_INCLUDED == TRUE)
33
34 /*****************************************************************************
35 ** Global data
36 *****************************************************************************/
37
38
39 #define AVRC_MAX_RCV_CTRL_EVT AVCT_BROWSE_UNCONG_IND_EVT
40
41 #ifndef MAX
42 #define MAX(a, b) ((a) > (b) ? (a) : (b))
43 #endif
44
45 static const UINT8 avrc_ctrl_event_map[] = {
46 AVRC_OPEN_IND_EVT, /* AVCT_CONNECT_CFM_EVT */
47 AVRC_OPEN_IND_EVT, /* AVCT_CONNECT_IND_EVT */
48 AVRC_CLOSE_IND_EVT, /* AVCT_DISCONNECT_CFM_EVT */
49 AVRC_CLOSE_IND_EVT, /* AVCT_DISCONNECT_IND_EVT */
50 AVRC_CONG_IND_EVT, /* AVCT_CONG_IND_EVT */
51 AVRC_UNCONG_IND_EVT,/* AVCT_UNCONG_IND_EVT */
52 AVRC_BROWSE_OPEN_IND_EVT, /* AVCT_BROWSE_CONN_CFM_EVT */
53 AVRC_BROWSE_OPEN_IND_EVT, /* AVCT_BROWSE_CONN_IND_EVT */
54 AVRC_BROWSE_CLOSE_IND_EVT, /* AVCT_BROWSE_DISCONN_CFM_EVT */
55 AVRC_BROWSE_CLOSE_IND_EVT, /* AVCT_BROWSE_DISCONN_IND_EVT */
56 AVRC_BROWSE_CONG_IND_EVT, /* AVCT_BROWSE_CONG_IND_EVT */
57 AVRC_BROWSE_UNCONG_IND_EVT /* AVCT_BROWSE_UNCONG_IND_EVT */
58 };
59
60 #define AVRC_OP_DROP 0xFE /* use this unused opcode to indication no need to call the callback function */
61 #define AVRC_OP_DROP_N_FREE 0xFD /* use this unused opcode to indication no need to call the callback function & free buffer */
62
63 #define AVRC_OP_UNIT_INFO_RSP_LEN 8
64 #define AVRC_OP_SUB_UNIT_INFO_RSP_LEN 8
65 #define AVRC_OP_REJ_MSG_LEN 11
66
67 /******************************************************************************
68 **
69 ** Function avrc_ctrl_cback
70 **
71 ** Description This is the callback function used by AVCTP to report
72 ** received link events.
73 **
74 ** Returns Nothing.
75 **
76 ******************************************************************************/
avrc_ctrl_cback(UINT8 handle,UINT8 event,UINT16 result,BD_ADDR peer_addr)77 static void avrc_ctrl_cback(UINT8 handle, UINT8 event, UINT16 result,
78 BD_ADDR peer_addr)
79 {
80 UINT8 avrc_event;
81
82 if (event <= AVRC_MAX_RCV_CTRL_EVT && avrc_cb.ccb[handle].p_ctrl_cback) {
83 avrc_event = avrc_ctrl_event_map[event];
84 if (event == AVCT_CONNECT_CFM_EVT) {
85 if (result != 0) { /* failed */
86 avrc_event = AVRC_CLOSE_IND_EVT;
87 }
88 }
89 (*avrc_cb.ccb[handle].p_ctrl_cback)(handle, avrc_event, result, peer_addr);
90 }
91 /* else drop the unknown event*/
92 }
93
94 /******************************************************************************
95 **
96 ** Function avrc_get_data_ptr
97 **
98 ** Description Gets a pointer to the data payload in the packet.
99 **
100 ** Returns A pointer to the data payload.
101 **
102 ******************************************************************************/
avrc_get_data_ptr(BT_HDR * p_pkt)103 static UINT8 *avrc_get_data_ptr(BT_HDR *p_pkt)
104 {
105 return (UINT8 *)(p_pkt + 1) + p_pkt->offset;
106 }
107
108 /******************************************************************************
109 **
110 ** Function avrc_copy_packet
111 **
112 ** Description Copies an AVRC packet to a new buffer. In the new buffer,
113 ** the payload offset is at least AVCT_MSG_OFFSET octets.
114 **
115 ** Returns The buffer with the copied data.
116 **
117 ******************************************************************************/
avrc_copy_packet(BT_HDR * p_pkt,int rsp_pkt_len)118 static BT_HDR *avrc_copy_packet(BT_HDR *p_pkt, int rsp_pkt_len)
119 {
120 const int offset = MAX(AVCT_MSG_OFFSET, p_pkt->offset);
121 const int pkt_len = MAX(rsp_pkt_len, p_pkt->len);
122 BT_HDR *p_pkt_copy =
123 (BT_HDR *)osi_malloc((UINT16)(BT_HDR_SIZE + offset + pkt_len));
124
125 /* Copy the packet header, set the new offset, and copy the payload */
126 if (p_pkt_copy != NULL) {
127 memcpy(p_pkt_copy, p_pkt, BT_HDR_SIZE);
128 p_pkt_copy->offset = offset;
129 UINT8 *p_data = avrc_get_data_ptr(p_pkt);
130 UINT8 *p_data_copy = avrc_get_data_ptr(p_pkt_copy);
131 memcpy(p_data_copy, p_data, p_pkt->len);
132 }
133
134 return p_pkt_copy;
135 }
136
137 #if (AVRC_METADATA_INCLUDED == TRUE)
138 /******************************************************************************
139 **
140 ** Function avrc_prep_end_frag
141 **
142 ** Description This function prepares an end response fragment
143 **
144 ** Returns Nothing.
145 **
146 ******************************************************************************/
avrc_prep_end_frag(UINT8 handle)147 static void avrc_prep_end_frag(UINT8 handle)
148 {
149 tAVRC_FRAG_CB *p_fcb;
150 BT_HDR *p_pkt_new;
151 UINT8 *p_data, *p_orig_data;
152 UINT8 rsp_type;
153
154 AVRC_TRACE_DEBUG ("avrc_prep_end_frag" );
155 p_fcb = &avrc_cb.fcb[handle];
156
157 /* The response type of the end fragment should be the same as the the PDU of "End Fragment
158 ** Response" Errata: https://www.bluetooth.org/errata/errata_view.cfm?errata_id=4383
159 */
160 p_orig_data = ((UINT8 *)(p_fcb->p_fmsg + 1) + p_fcb->p_fmsg->offset);
161 rsp_type = ((*p_orig_data) & AVRC_CTYPE_MASK);
162
163 p_pkt_new = p_fcb->p_fmsg;
164 p_pkt_new->len -= (AVRC_MAX_CTRL_DATA_LEN - AVRC_VENDOR_HDR_SIZE - AVRC_MIN_META_HDR_SIZE);
165 p_pkt_new->offset += (AVRC_MAX_CTRL_DATA_LEN - AVRC_VENDOR_HDR_SIZE - AVRC_MIN_META_HDR_SIZE);
166 p_data = (UINT8 *)(p_pkt_new + 1) + p_pkt_new->offset;
167 *p_data++ = rsp_type;
168 *p_data++ = (AVRC_SUB_PANEL << AVRC_SUBTYPE_SHIFT);
169 *p_data++ = AVRC_OP_VENDOR;
170 AVRC_CO_ID_TO_BE_STREAM(p_data, AVRC_CO_METADATA);
171 *p_data++ = p_fcb->frag_pdu;
172 *p_data++ = AVRC_PKT_END;
173
174 /* 4=pdu, pkt_type & len */
175 UINT16_TO_BE_STREAM(p_data, (p_pkt_new->len - AVRC_VENDOR_HDR_SIZE - AVRC_MIN_META_HDR_SIZE));
176 }
177
178 /******************************************************************************
179 **
180 ** Function avrc_send_continue_frag
181 **
182 ** Description This function sends a continue response fragment
183 **
184 ** Returns Nothing.
185 **
186 ******************************************************************************/
avrc_send_continue_frag(UINT8 handle,UINT8 label)187 static void avrc_send_continue_frag(UINT8 handle, UINT8 label)
188 {
189 tAVRC_FRAG_CB *p_fcb;
190 BT_HDR *p_pkt_old, *p_pkt;
191 UINT8 *p_old, *p_data;
192 UINT8 cr = AVCT_RSP;
193 tAVRC_RSP rej_rsp;
194
195 p_fcb = &avrc_cb.fcb[handle];
196 p_pkt = p_fcb->p_fmsg;
197
198 AVRC_TRACE_DEBUG("%s handle = %u label = %u len = %d",
199 __func__, handle, label, p_pkt->len);
200 if (p_pkt->len > AVRC_MAX_CTRL_DATA_LEN) {
201 int offset_len = MAX(AVCT_MSG_OFFSET, p_pkt->offset);
202 p_pkt_old = p_fcb->p_fmsg;
203 p_pkt = (BT_HDR *)osi_malloc((UINT16)(AVRC_PACKET_LEN + offset_len + BT_HDR_SIZE));
204 if (p_pkt) {
205 p_pkt->len = AVRC_MAX_CTRL_DATA_LEN;
206 p_pkt->offset = AVCT_MSG_OFFSET;
207 p_pkt->layer_specific = p_pkt_old->layer_specific;
208 p_pkt->event = p_pkt_old->event;
209 p_old = (UINT8 *)(p_pkt_old + 1) + p_pkt_old->offset;
210 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
211 memcpy (p_data, p_old, AVRC_MAX_CTRL_DATA_LEN);
212 /* use AVRC continue packet type */
213 p_data += AVRC_VENDOR_HDR_SIZE;
214 p_data++; /* pdu */
215 *p_data++ = AVRC_PKT_CONTINUE;
216 /* 4=pdu, pkt_type & len */
217 UINT16_TO_BE_STREAM(p_data, (AVRC_MAX_CTRL_DATA_LEN - AVRC_VENDOR_HDR_SIZE - 4));
218
219 /* prepare the left over for as an end fragment */
220 avrc_prep_end_frag (handle);
221 } else {
222 /* use the current GKI buffer to send Internal error status */
223 p_pkt = p_fcb->p_fmsg;
224 p_fcb->p_fmsg = NULL;
225 p_fcb->frag_enabled = FALSE;
226 AVRC_TRACE_ERROR ("AVRC_MsgReq no buffers for fragmentation - send internal error" );
227 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
228 *p_data++ = AVRC_PDU_REQUEST_CONTINUATION_RSP;
229 *p_data++ = 0;
230 UINT16_TO_BE_STREAM(p_data, 0);
231 p_pkt->len = 4;
232 rej_rsp.pdu = AVRC_PDU_REQUEST_CONTINUATION_RSP;
233 rej_rsp.status = AVRC_STS_INTERNAL_ERR;
234 AVRC_BldResponse( handle, (tAVRC_RESPONSE *)&rej_rsp, &p_pkt);
235 cr = AVCT_RSP;
236 }
237 } else {
238 /* end fragment. clean the control block */
239 p_fcb->frag_enabled = FALSE;
240 p_fcb->p_fmsg = NULL;
241 }
242 AVCT_MsgReq( handle, label, cr, p_pkt);
243 }
244
245 /******************************************************************************
246 **
247 ** Function avrc_proc_vendor_command
248 **
249 ** Description This function processes received vendor command.
250 **
251 ** Returns if not NULL, the response to send right away.
252 **
253 ******************************************************************************/
avrc_proc_vendor_command(UINT8 handle,UINT8 label,BT_HDR * p_pkt,tAVRC_MSG_VENDOR * p_msg)254 static BT_HDR *avrc_proc_vendor_command(UINT8 handle, UINT8 label,
255 BT_HDR *p_pkt, tAVRC_MSG_VENDOR *p_msg)
256 {
257 BT_HDR *p_rsp = NULL;
258 UINT8 *p_data;
259 UINT8 *p_begin;
260 UINT8 pkt_type;
261 BOOLEAN abort_frag = FALSE;
262 tAVRC_STS status = AVRC_STS_NO_ERROR;
263 tAVRC_FRAG_CB *p_fcb;
264
265 p_begin = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
266 p_data = p_begin + AVRC_VENDOR_HDR_SIZE;
267 pkt_type = *(p_data + 1) & AVRC_PKT_TYPE_MASK;
268
269 if (pkt_type != AVRC_PKT_SINGLE) {
270 /* reject - commands can only be in single packets at AVRCP level */
271 AVRC_TRACE_ERROR ("commands must be in single packet pdu:0x%x", *p_data );
272 /* use the current GKI buffer to send the reject */
273 status = AVRC_STS_BAD_CMD;
274 }
275 /* check if there are fragments waiting to be sent */
276 else if (avrc_cb.fcb[handle].frag_enabled) {
277 p_fcb = &avrc_cb.fcb[handle];
278 if (p_msg->company_id == AVRC_CO_METADATA) {
279 switch (*p_data) {
280 case AVRC_PDU_ABORT_CONTINUATION_RSP:
281 /* aborted by CT - send accept response */
282 abort_frag = TRUE;
283 p_begin = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
284 *p_begin = (AVRC_RSP_ACCEPT & AVRC_CTYPE_MASK);
285 if (*(p_data + 4) != p_fcb->frag_pdu) {
286 *p_begin = (AVRC_RSP_REJ & AVRC_CTYPE_MASK);
287 *(p_data + 4) = AVRC_STS_BAD_PARAM;
288 } else {
289 p_data = (p_begin + AVRC_VENDOR_HDR_SIZE + 2);
290 UINT16_TO_BE_STREAM(p_data, 0);
291 p_pkt->len = (p_data - p_begin);
292 }
293 AVCT_MsgReq( handle, label, AVCT_RSP, p_pkt);
294 p_msg->hdr.opcode = AVRC_OP_DROP; /* used the p_pkt to send response */
295 break;
296
297 case AVRC_PDU_REQUEST_CONTINUATION_RSP:
298 if (*(p_data + 4) == p_fcb->frag_pdu) {
299 avrc_send_continue_frag(handle, label);
300 p_msg->hdr.opcode = AVRC_OP_DROP_N_FREE;
301 } else {
302 /* the pdu id does not match - reject the command using the current GKI buffer */
303 AVRC_TRACE_ERROR("avrc_proc_vendor_command continue pdu: 0x%x does not match \
304 current re-assembly pdu: 0x%x",
305 *(p_data + 4), p_fcb->frag_pdu);
306 status = AVRC_STS_BAD_PARAM;
307 abort_frag = TRUE;
308 }
309 break;
310
311 default:
312 /* implicit abort */
313 abort_frag = TRUE;
314 }
315 } else {
316 abort_frag = TRUE;
317 /* implicit abort */
318 }
319
320 if (abort_frag) {
321 if (p_fcb->p_fmsg) {
322 osi_free(p_fcb->p_fmsg);
323 p_fcb->p_fmsg = NULL;
324 }
325 p_fcb->frag_enabled = FALSE;
326 }
327 }
328
329 if (status != AVRC_STS_NO_ERROR) {
330 /* use the current GKI buffer to build/send the reject message */
331 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
332 *p_data++ = AVRC_RSP_REJ;
333 p_data += AVRC_VENDOR_HDR_SIZE; /* pdu */
334 *p_data++ = 0; /* pkt_type */
335 UINT16_TO_BE_STREAM(p_data, 1); /* len */
336 *p_data++ = status; /* error code */
337 p_pkt->len = AVRC_VENDOR_HDR_SIZE + 5;
338 p_rsp = p_pkt;
339 }
340
341 return p_rsp;
342 }
343
344 /******************************************************************************
345 **
346 ** Function avrc_proc_far_msg
347 **
348 ** Description This function processes metadata fragmenation
349 ** and reassembly
350 **
351 ** Returns 0, to report the message with msg_cback .
352 **
353 ******************************************************************************/
avrc_proc_far_msg(UINT8 handle,UINT8 label,UINT8 cr,BT_HDR ** pp_pkt,tAVRC_MSG_VENDOR * p_msg)354 static UINT8 avrc_proc_far_msg(UINT8 handle, UINT8 label, UINT8 cr, BT_HDR **pp_pkt,
355 tAVRC_MSG_VENDOR *p_msg)
356 {
357 BT_HDR *p_pkt = *pp_pkt;
358 UINT8 *p_data;
359 UINT8 drop_code = 0;
360 BT_HDR *p_rsp = NULL;
361 BT_HDR *p_cmd = NULL;
362 BOOLEAN req_continue = FALSE;
363 BT_HDR *p_pkt_new = NULL;
364 UINT8 pkt_type;
365 tAVRC_RASM_CB *p_rcb;
366 tAVRC_NEXT_CMD avrc_cmd;
367
368 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
369
370 /* Skip over vendor header (ctype, subunit*, opcode, CO_ID) */
371 p_data += AVRC_VENDOR_HDR_SIZE;
372
373 pkt_type = *(p_data + 1) & AVRC_PKT_TYPE_MASK;
374 AVRC_TRACE_DEBUG ("pkt_type %d", pkt_type );
375 p_rcb = &avrc_cb.rcb[handle];
376 if (p_msg->company_id == AVRC_CO_METADATA) {
377 /* check if the message needs to be re-assembled */
378 if (pkt_type == AVRC_PKT_SINGLE || pkt_type == AVRC_PKT_START) {
379 /* previous fragments need to be dropped, when received another new message */
380 p_rcb->rasm_offset = 0;
381 if (p_rcb->p_rmsg) {
382 osi_free(p_rcb->p_rmsg);
383 p_rcb->p_rmsg = NULL;
384 }
385 }
386
387 if (pkt_type != AVRC_PKT_SINGLE && cr == AVCT_RSP) {
388 /* not a single response packet - need to re-assemble metadata messages */
389 if (pkt_type == AVRC_PKT_START) {
390 /* Allocate buffer for re-assembly */
391 p_rcb->rasm_pdu = *p_data;
392 if ((p_rcb->p_rmsg = (BT_HDR *)osi_malloc(BT_DEFAULT_BUFFER_SIZE)) != NULL) {
393 /* Copy START packet to buffer for re-assembling fragments*/
394 memcpy(p_rcb->p_rmsg, p_pkt, sizeof(BT_HDR)); /* Copy bt hdr */
395
396 /* Copy metadata message */
397 memcpy((UINT8 *)(p_rcb->p_rmsg + 1),
398 (UINT8 *)(p_pkt + 1) + p_pkt->offset, p_pkt->len);
399
400 /* offset of start of metadata response in reassembly buffer */
401 p_rcb->p_rmsg->offset = p_rcb->rasm_offset = 0;
402
403 /* Free original START packet, replace with pointer to reassembly buffer */
404 osi_free(p_pkt);
405 *pp_pkt = p_rcb->p_rmsg;
406 } else {
407 /* Unable to allocate buffer for fragmented avrc message. Reuse START
408 buffer for reassembly (re-assembled message may fit into ACL buf) */
409 AVRC_TRACE_DEBUG ("Unable to allocate buffer for fragmented avrc message, \
410 reusing START buffer for reassembly");
411 p_rcb->rasm_offset = p_pkt->offset;
412 p_rcb->p_rmsg = p_pkt;
413 }
414
415 /* set offset to point to where to copy next - use the same re-asm logic as AVCT */
416 p_rcb->p_rmsg->offset += p_rcb->p_rmsg->len;
417 req_continue = TRUE;
418 } else if (p_rcb->p_rmsg == NULL) {
419 /* Received a CONTINUE/END, but no corresponding START
420 (or previous fragmented response was dropped) */
421 AVRC_TRACE_DEBUG ("Received a CONTINUE/END without no corresponding START \
422 (or previous fragmented response was dropped)");
423 drop_code = 5;
424 osi_free(p_pkt);
425 *pp_pkt = NULL;
426 } else {
427 /* get size of buffer holding assembled message */
428 /*
429 * NOTE: The buffer is allocated above at the beginning of the
430 * reassembly, and is always of size BT_DEFAULT_BUFFER_SIZE.
431 */
432 UINT16 buf_len = BT_DEFAULT_BUFFER_SIZE - sizeof(BT_HDR);
433 /* adjust offset and len of fragment for header byte */
434 p_pkt->offset += (AVRC_VENDOR_HDR_SIZE + AVRC_MIN_META_HDR_SIZE);
435 p_pkt->len -= (AVRC_VENDOR_HDR_SIZE + AVRC_MIN_META_HDR_SIZE);
436 /* verify length */
437 if ((p_rcb->p_rmsg->offset + p_pkt->len) > buf_len) {
438 AVRC_TRACE_WARNING("Fragmented message too big! - report the partial message");
439 p_pkt->len = buf_len - p_rcb->p_rmsg->offset;
440 pkt_type = AVRC_PKT_END;
441 }
442
443 /* copy contents of p_pkt to p_rx_msg */
444 memcpy((UINT8 *)(p_rcb->p_rmsg + 1) + p_rcb->p_rmsg->offset,
445 (UINT8 *)(p_pkt + 1) + p_pkt->offset, p_pkt->len);
446
447 if (pkt_type == AVRC_PKT_END) {
448 p_rcb->p_rmsg->offset = p_rcb->rasm_offset;
449 p_rcb->p_rmsg->len += p_pkt->len;
450 p_pkt_new = p_rcb->p_rmsg;
451 p_rcb->rasm_offset = 0;
452 p_rcb->p_rmsg = NULL;
453 p_msg->p_vendor_data = (UINT8 *)(p_pkt_new + 1) + p_pkt_new->offset;
454 p_msg->hdr.ctype = p_msg->p_vendor_data[0] & AVRC_CTYPE_MASK;
455 /* 6 = ctype, subunit*, opcode & CO_ID */
456 p_msg->p_vendor_data += AVRC_VENDOR_HDR_SIZE;
457 p_msg->vendor_len = p_pkt_new->len - AVRC_VENDOR_HDR_SIZE;
458 p_data = p_msg->p_vendor_data + 1; /* skip pdu */
459 *p_data++ = AVRC_PKT_SINGLE;
460 UINT16_TO_BE_STREAM(p_data, (p_msg->vendor_len - AVRC_MIN_META_HDR_SIZE));
461 AVRC_TRACE_DEBUG("end frag:%d, total len:%d, offset:%d", p_pkt->len,
462 p_pkt_new->len, p_pkt_new->offset);
463 } else {
464 p_rcb->p_rmsg->offset += p_pkt->len;
465 p_rcb->p_rmsg->len += p_pkt->len;
466 p_pkt_new = NULL;
467 req_continue = TRUE;
468 }
469 osi_free(p_pkt);
470 *pp_pkt = p_pkt_new;
471 }
472 }
473
474 if (cr == AVCT_CMD) {
475 p_rsp = avrc_proc_vendor_command(handle, label, *pp_pkt, p_msg);
476 if (p_rsp) {
477 AVCT_MsgReq( handle, label, AVCT_RSP, p_rsp);
478 drop_code = 3;
479 } else if (p_msg->hdr.opcode == AVRC_OP_DROP) {
480 drop_code = 1;
481 } else if (p_msg->hdr.opcode == AVRC_OP_DROP_N_FREE) {
482 drop_code = 4;
483 }
484
485 } else if (cr == AVCT_RSP && req_continue == TRUE) {
486 avrc_cmd.pdu = AVRC_PDU_REQUEST_CONTINUATION_RSP;
487 avrc_cmd.status = AVRC_STS_NO_ERROR;
488 avrc_cmd.target_pdu = p_rcb->rasm_pdu;
489 if (AVRC_BldCommand ((tAVRC_COMMAND *)&avrc_cmd, &p_cmd) == AVRC_STS_NO_ERROR) {
490 drop_code = 2;
491 AVRC_MsgReq (handle, (UINT8)(label), AVRC_CMD_CTRL, p_cmd);
492 }
493 }
494 }
495
496 return drop_code;
497 }
498 #endif /* (AVRC_METADATA_INCLUDED == TRUE) */
499
500 /******************************************************************************
501 **
502 ** Function avrc_msg_cback
503 **
504 ** Description This is the callback function used by AVCTP to report
505 ** received AV control messages.
506 **
507 ** Returns Nothing.
508 **
509 ******************************************************************************/
avrc_msg_cback(UINT8 handle,UINT8 label,UINT8 cr,BT_HDR * p_pkt)510 static void avrc_msg_cback(UINT8 handle, UINT8 label, UINT8 cr,
511 BT_HDR *p_pkt)
512 {
513 UINT8 opcode;
514 tAVRC_MSG msg;
515 UINT8 *p_data;
516 UINT8 *p_begin;
517 BOOLEAN drop = FALSE;
518 BOOLEAN do_free = TRUE;
519 BT_HDR *p_rsp = NULL;
520 UINT8 *p_rsp_data;
521 int xx;
522 BOOLEAN reject = FALSE;
523 #if (BT_USE_TRACES == TRUE)
524 char *p_drop_msg = "dropped";
525 #endif
526 tAVRC_MSG_VENDOR *p_msg = &msg.vendor;
527
528 if (cr == AVCT_CMD &&
529 (p_pkt->layer_specific & AVCT_DATA_CTRL && AVRC_PACKET_LEN < sizeof(p_pkt->len))) {
530 /* Ignore the invalid AV/C command frame */
531 #if (BT_USE_TRACES == TRUE)
532 p_drop_msg = "dropped - too long AV/C cmd frame size";
533 #endif
534 osi_free(p_pkt);
535 return;
536 }
537
538 if (cr == AVCT_REJ) {
539 /* The peer thinks that this PID is no longer open - remove this handle */
540 /* */
541 osi_free(p_pkt);
542 AVCT_RemoveConn(handle);
543 return;
544 }
545
546 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
547 memset(&msg, 0, sizeof(tAVRC_MSG) );
548 {
549 msg.hdr.ctype = p_data[0] & AVRC_CTYPE_MASK;
550 AVRC_TRACE_DEBUG("avrc_msg_cback handle:%d, ctype:%d, offset:%d, len: %d",
551 handle, msg.hdr.ctype, p_pkt->offset, p_pkt->len);
552 msg.hdr.subunit_type = (p_data[1] & AVRC_SUBTYPE_MASK) >> AVRC_SUBTYPE_SHIFT;
553 msg.hdr.subunit_id = p_data[1] & AVRC_SUBID_MASK;
554 opcode = p_data[2];
555 }
556
557 if ( ((avrc_cb.ccb[handle].control & AVRC_CT_TARGET) && (cr == AVCT_CMD)) ||
558 ((avrc_cb.ccb[handle].control & AVRC_CT_CONTROL) && (cr == AVCT_RSP)) ) {
559
560 switch (opcode) {
561 case AVRC_OP_UNIT_INFO:
562 if (cr == AVCT_CMD) {
563 /* send the response to the peer */
564 p_rsp = avrc_copy_packet(p_pkt, AVRC_OP_UNIT_INFO_RSP_LEN);
565 p_rsp_data = avrc_get_data_ptr(p_rsp);
566 *p_rsp_data = AVRC_RSP_IMPL_STBL;
567 /* check & set the offset. set response code, set subunit_type & subunit_id,
568 set AVRC_OP_UNIT_INFO */
569 /* 3 bytes: ctype, subunit*, opcode */
570 p_rsp_data += AVRC_AVC_HDR_SIZE;
571 *p_rsp_data++ = 7;
572 /* Panel subunit & id=0 */
573 *p_rsp_data++ = (AVRC_SUB_PANEL << AVRC_SUBTYPE_SHIFT);
574 AVRC_CO_ID_TO_BE_STREAM(p_rsp_data, avrc_cb.ccb[handle].company_id);
575 p_rsp->len = (UINT16) (p_rsp_data - (UINT8 *)(p_rsp + 1) - p_rsp->offset);
576 cr = AVCT_RSP;
577 #if (BT_USE_TRACES == TRUE)
578 p_drop_msg = "auto respond";
579 #endif
580 } else {
581 /* parse response */
582 p_data += 4; /* 3 bytes: ctype, subunit*, opcode + octet 3 (is 7)*/
583 msg.unit.unit_type = (*p_data & AVRC_SUBTYPE_MASK) >> AVRC_SUBTYPE_SHIFT;
584 msg.unit.unit = *p_data & AVRC_SUBID_MASK;
585 p_data++;
586 AVRC_BE_STREAM_TO_CO_ID(msg.unit.company_id, p_data);
587 }
588 break;
589
590 case AVRC_OP_SUB_INFO:
591 if (cr == AVCT_CMD) {
592 /* send the response to the peer */
593 p_rsp = avrc_copy_packet(p_pkt, AVRC_OP_SUB_UNIT_INFO_RSP_LEN);
594 p_rsp_data = avrc_get_data_ptr(p_rsp);
595 *p_rsp_data = AVRC_RSP_IMPL_STBL;
596 /* check & set the offset. set response code, set (subunit_type & subunit_id),
597 set AVRC_OP_SUB_INFO, set (page & extention code) */
598 p_rsp_data += 4;
599 /* Panel subunit & id=0 */
600 *p_rsp_data++ = (AVRC_SUB_PANEL << AVRC_SUBTYPE_SHIFT);
601 memset(p_rsp_data, AVRC_CMD_OPRND_PAD, AVRC_SUBRSP_OPRND_BYTES);
602 p_rsp_data += AVRC_SUBRSP_OPRND_BYTES;
603 p_rsp->len = (UINT16) (p_rsp_data - (UINT8 *)(p_rsp + 1) - p_rsp->offset);
604 cr = AVCT_RSP;
605 #if (BT_USE_TRACES == TRUE)
606 p_drop_msg = "auto responded";
607 #endif
608 } else {
609 /* parse response */
610 p_data += AVRC_AVC_HDR_SIZE; /* 3 bytes: ctype, subunit*, opcode */
611 msg.sub.page = (*p_data++ >> AVRC_SUB_PAGE_SHIFT) & AVRC_SUB_PAGE_MASK;
612 xx = 0;
613 while (*p_data != AVRC_CMD_OPRND_PAD && xx < AVRC_SUB_TYPE_LEN) {
614 msg.sub.subunit_type[xx] = *p_data++ >> AVRC_SUBTYPE_SHIFT;
615 if (msg.sub.subunit_type[xx] == AVRC_SUB_PANEL) {
616 msg.sub.panel = TRUE;
617 }
618 xx++;
619 }
620 }
621 break;
622
623 case AVRC_OP_VENDOR:
624 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
625 p_begin = p_data;
626 if (p_pkt->len < AVRC_VENDOR_HDR_SIZE) { /* 6 = ctype, subunit*, opcode & CO_ID */
627 if (cr == AVCT_CMD) {
628 reject = TRUE;
629 } else {
630 drop = TRUE;
631 }
632 break;
633 }
634 p_data += AVRC_AVC_HDR_SIZE; /* skip the first 3 bytes: ctype, subunit*, opcode */
635 AVRC_BE_STREAM_TO_CO_ID(p_msg->company_id, p_data);
636 p_msg->p_vendor_data = p_data;
637 p_msg->vendor_len = p_pkt->len - (p_data - p_begin);
638
639 #if (AVRC_METADATA_INCLUDED == TRUE)
640 UINT8 drop_code = 0;
641 if (p_msg->company_id == AVRC_CO_METADATA) {
642 /* Validate length for metadata message */
643 if (p_pkt->len < (AVRC_VENDOR_HDR_SIZE + AVRC_MIN_META_HDR_SIZE)) {
644 if (cr == AVCT_CMD) {
645 reject = TRUE;
646 } else {
647 drop = TRUE;
648 }
649 break;
650 }
651
652 /* Check+handle fragmented messages */
653 drop_code = avrc_proc_far_msg(handle, label, cr, &p_pkt, p_msg);
654 if (drop_code > 0) {
655 drop = TRUE;
656 }
657 }
658 if (drop_code > 0) {
659 if (drop_code != 4) {
660 do_free = FALSE;
661 }
662 #if (BT_USE_TRACES == TRUE)
663 switch (drop_code) {
664 case 1:
665 p_drop_msg = "sent_frag";
666 break;
667 case 2:
668 p_drop_msg = "req_cont";
669 break;
670 case 3:
671 p_drop_msg = "sent_frag3";
672 break;
673 case 4:
674 p_drop_msg = "sent_frag_free";
675 break;
676 default:
677 p_drop_msg = "sent_fragd";
678 }
679 #endif
680 }
681 #endif /* (AVRC_METADATA_INCLUDED == TRUE) */
682 break;
683
684 case AVRC_OP_PASS_THRU:
685 if (p_pkt->len < 5) { /* 3 bytes: ctype, subunit*, opcode & op_id & len */
686 if (cr == AVCT_CMD) {
687 reject = TRUE;
688 } else {
689 drop = TRUE;
690 }
691 break;
692 }
693 p_data += AVRC_AVC_HDR_SIZE; /* skip the first 3 bytes: ctype, subunit*, opcode */
694 msg.pass.op_id = (AVRC_PASS_OP_ID_MASK & *p_data);
695 if (AVRC_PASS_STATE_MASK & *p_data) {
696 msg.pass.state = TRUE;
697 } else {
698 msg.pass.state = FALSE;
699 }
700 p_data++;
701 msg.pass.pass_len = *p_data++;
702 if (msg.pass.pass_len != p_pkt->len - 5) {
703 msg.pass.pass_len = p_pkt->len - 5;
704 }
705 if (msg.pass.pass_len) {
706 msg.pass.p_pass_data = p_data;
707 } else {
708 msg.pass.p_pass_data = NULL;
709 }
710 break;
711
712
713 default:
714 if ((avrc_cb.ccb[handle].control & AVRC_CT_TARGET) && (cr == AVCT_CMD)) {
715 /* reject unsupported opcode */
716 reject = TRUE;
717 }
718 drop = TRUE;
719 break;
720 }
721 } else { /* drop the event */
722 drop = TRUE;
723 }
724
725 if (reject) {
726 /* reject unsupported opcode */
727 p_rsp = avrc_copy_packet(p_pkt, AVRC_OP_REJ_MSG_LEN);
728 p_rsp_data = avrc_get_data_ptr(p_rsp);
729 *p_rsp_data = AVRC_RSP_REJ;
730 #if (BT_USE_TRACES == TRUE)
731 p_drop_msg = "rejected";
732 #endif
733 cr = AVCT_RSP;
734 drop = TRUE;
735 }
736
737 if (p_rsp) {
738 /* set to send response right away */
739 AVCT_MsgReq( handle, label, cr, p_rsp);
740 drop = TRUE;
741 }
742
743 if (drop == FALSE) {
744 msg.hdr.opcode = opcode;
745 (*avrc_cb.ccb[handle].p_msg_cback)(handle, label, opcode, &msg);
746 }
747 #if (BT_USE_TRACES == TRUE)
748 else {
749 AVRC_TRACE_WARNING("avrc_msg_cback %s msg handle:%d, control:%d, cr:%d, opcode:x%x",
750 p_drop_msg,
751 handle, avrc_cb.ccb[handle].control, cr, opcode);
752 }
753 #endif
754
755
756 if (do_free) {
757 osi_free(p_pkt);
758 }
759 }
760
761
762
763
764 /******************************************************************************
765 **
766 ** Function avrc_pass_msg
767 **
768 ** Description Compose a PASS THROUGH command according to p_msg
769 **
770 ** Input Parameters:
771 ** p_msg: Pointer to PASS THROUGH message structure.
772 **
773 ** Output Parameters:
774 ** None.
775 **
776 ** Returns pointer to a valid GKI buffer if successful.
777 ** NULL if p_msg is NULL.
778 **
779 ******************************************************************************/
avrc_pass_msg(tAVRC_MSG_PASS * p_msg)780 static BT_HDR *avrc_pass_msg(tAVRC_MSG_PASS *p_msg)
781 {
782 BT_HDR *p_cmd = NULL;
783 UINT8 *p_data;
784
785 assert(p_msg != NULL);
786 assert(AVRC_CMD_BUF_SIZE > (AVRC_MIN_CMD_LEN+p_msg->pass_len));
787
788 if ((p_cmd = (BT_HDR *) osi_malloc(AVRC_CMD_BUF_SIZE)) != NULL) {
789 p_cmd->offset = AVCT_MSG_OFFSET;
790 p_cmd->layer_specific = AVCT_DATA_CTRL;
791 p_data = (UINT8 *)(p_cmd + 1) + p_cmd->offset;
792 *p_data++ = (p_msg->hdr.ctype & AVRC_CTYPE_MASK);
793 *p_data++ = (AVRC_SUB_PANEL << AVRC_SUBTYPE_SHIFT); /* Panel subunit & id=0 */
794 *p_data++ = AVRC_OP_PASS_THRU;
795 *p_data = (AVRC_PASS_OP_ID_MASK & p_msg->op_id);
796 if (p_msg->state) {
797 *p_data |= AVRC_PASS_STATE_MASK;
798 }
799 p_data++;
800
801 if (p_msg->op_id == AVRC_ID_VENDOR) {
802 *p_data++ = p_msg->pass_len;
803 if (p_msg->pass_len && p_msg->p_pass_data) {
804 memcpy(p_data, p_msg->p_pass_data, p_msg->pass_len);
805 p_data += p_msg->pass_len;
806 }
807 } else { /* set msg len to 0 for other op_id */
808 /* set msg len to 0 for other op_id */
809 *p_data++ = 0;
810 }
811 p_cmd->len = (UINT16) (p_data - (UINT8 *)(p_cmd + 1) - p_cmd->offset);
812 }
813 return p_cmd;
814 }
815
816 /******************************************************************************
817 **
818 ** Function AVRC_Open
819 **
820 ** Description This function is called to open a connection to AVCTP.
821 ** The connection can be either an initiator or acceptor, as
822 ** determined by the p_ccb->stream parameter.
823 ** The connection can be a target, a controller or for both role,
824 ** as determined by the p_ccb->control parameter.
825 ** By definition, a target connection is an acceptor connection
826 ** that waits for an incoming AVCTP connection from the peer.
827 ** The connection remains available to the application until
828 ** the application closes it by calling AVRC_Close(). The
829 ** application does not need to reopen the connection after an
830 ** AVRC_CLOSE_IND_EVT is received.
831 **
832 ** Input Parameters:
833 ** p_ccb->company_id: Company Identifier.
834 **
835 ** p_ccb->p_ctrl_cback: Pointer to control callback function.
836 **
837 ** p_ccb->p_msg_cback: Pointer to message callback function.
838 **
839 ** p_ccb->conn: AVCTP connection role. This is set to
840 ** AVCTP_INT for initiator connections and AVCTP_ACP
841 ** for acceptor connections.
842 **
843 ** p_ccb->control: Control role. This is set to
844 ** AVRC_CT_TARGET for target connections, AVRC_CT_CONTROL
845 ** for control connections or (AVRC_CT_TARGET|AVRC_CT_CONTROL)
846 ** for connections that support both roles.
847 **
848 ** peer_addr: BD address of peer device. This value is
849 ** only used for initiator connections; for acceptor
850 ** connections it can be set to NULL.
851 **
852 ** Output Parameters:
853 ** p_handle: Pointer to handle. This parameter is only
854 ** valid if AVRC_SUCCESS is returned.
855 **
856 ** Returns AVRC_SUCCESS if successful.
857 ** AVRC_NO_RESOURCES if there are not enough resources to open
858 ** the connection.
859 **
860 ******************************************************************************/
AVRC_Open(UINT8 * p_handle,tAVRC_CONN_CB * p_ccb,BD_ADDR_PTR peer_addr)861 UINT16 AVRC_Open(UINT8 *p_handle, tAVRC_CONN_CB *p_ccb, BD_ADDR_PTR peer_addr)
862 {
863 UINT16 status;
864 tAVCT_CC cc;
865
866 cc.p_ctrl_cback = avrc_ctrl_cback; /* Control callback */
867 cc.p_msg_cback = avrc_msg_cback; /* Message callback */
868 cc.pid = UUID_SERVCLASS_AV_REMOTE_CONTROL; /* Profile ID */
869 cc.role = p_ccb->conn; /* Initiator/acceptor role */
870 cc.control = p_ccb->control; /* Control role (Control/Target) */
871
872 status = AVCT_CreateConn(p_handle, &cc, peer_addr);
873 if (status == AVCT_SUCCESS) {
874 memcpy(&avrc_cb.ccb[*p_handle], p_ccb, sizeof(tAVRC_CONN_CB));
875 #if (AVRC_METADATA_INCLUDED == TRUE)
876 memset(&avrc_cb.fcb[*p_handle], 0, sizeof(tAVRC_FRAG_CB));
877 memset(&avrc_cb.rcb[*p_handle], 0, sizeof(tAVRC_RASM_CB));
878 #endif
879 }
880 AVRC_TRACE_DEBUG("AVRC_Open role: %d, control:%d status:%d, handle:%d", cc.role, cc.control,
881 status, *p_handle);
882
883 return status;
884 }
885
886 /******************************************************************************
887 **
888 ** Function AVRC_Close
889 **
890 ** Description Close a connection opened with AVRC_Open().
891 ** This function is called when the
892 ** application is no longer using a connection.
893 **
894 ** Input Parameters:
895 ** handle: Handle of this connection.
896 **
897 ** Output Parameters:
898 ** None.
899 **
900 ** Returns AVRC_SUCCESS if successful.
901 ** AVRC_BAD_HANDLE if handle is invalid.
902 **
903 ******************************************************************************/
AVRC_Close(UINT8 handle)904 UINT16 AVRC_Close(UINT8 handle)
905 {
906 AVRC_TRACE_DEBUG("AVRC_Close handle:%d", handle);
907 return AVCT_RemoveConn(handle);
908 }
909
910
911 /******************************************************************************
912 **
913 ** Function AVRC_MsgReq
914 **
915 ** Description This function is used to send the AVRCP byte stream in p_pkt
916 ** down to AVCTP.
917 **
918 ** It is expected that p_pkt->offset is at least AVCT_MSG_OFFSET
919 ** p_pkt->layer_specific is AVCT_DATA_CTRL or AVCT_DATA_BROWSE
920 ** p_pkt->event is AVRC_OP_VENDOR, AVRC_OP_PASS_THRU or AVRC_OP_BROWSE
921 ** The above BT_HDR settings are set by the AVRC_Bld* functions.
922 **
923 ** Returns AVRC_SUCCESS if successful.
924 ** AVRC_BAD_HANDLE if handle is invalid.
925 **
926 ******************************************************************************/
AVRC_MsgReq(UINT8 handle,UINT8 label,UINT8 ctype,BT_HDR * p_pkt)927 UINT16 AVRC_MsgReq (UINT8 handle, UINT8 label, UINT8 ctype, BT_HDR *p_pkt)
928 {
929 #if (AVRC_METADATA_INCLUDED == TRUE)
930 UINT8 *p_data;
931 UINT8 cr = AVCT_CMD;
932 BOOLEAN chk_frag = TRUE;
933 UINT8 *p_start = NULL;
934 tAVRC_FRAG_CB *p_fcb;
935 UINT16 len;
936 BT_HDR *p_pkt_new;
937
938 if (!p_pkt) {
939 return AVRC_BAD_PARAM;
940 }
941
942 AVRC_TRACE_DEBUG("%s handle = %u label = %u ctype = %u len = %d",
943 __func__, handle, label, ctype, p_pkt->len);
944
945 if (ctype >= AVRC_RSP_NOT_IMPL) {
946 cr = AVCT_RSP;
947 }
948
949 if (p_pkt->event == AVRC_OP_VENDOR) {
950 /* add AVRCP Vendor Dependent headers */
951 p_start = ((UINT8 *)(p_pkt + 1) + p_pkt->offset);
952 p_pkt->offset -= AVRC_VENDOR_HDR_SIZE;
953 p_pkt->len += AVRC_VENDOR_HDR_SIZE;
954 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
955 *p_data++ = (ctype & AVRC_CTYPE_MASK);
956 *p_data++ = (AVRC_SUB_PANEL << AVRC_SUBTYPE_SHIFT);
957 *p_data++ = AVRC_OP_VENDOR;
958 AVRC_CO_ID_TO_BE_STREAM(p_data, AVRC_CO_METADATA);
959 } else if (p_pkt->event == AVRC_OP_PASS_THRU) {
960 /* add AVRCP Pass Through headers */
961 p_start = ((UINT8 *)(p_pkt + 1) + p_pkt->offset);
962 p_pkt->offset -= AVRC_PASS_THRU_SIZE;
963 p_pkt->len += AVRC_PASS_THRU_SIZE;
964 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
965 *p_data++ = (ctype & AVRC_CTYPE_MASK);
966 *p_data++ = (AVRC_SUB_PANEL << AVRC_SUBTYPE_SHIFT);
967 *p_data++ = AVRC_OP_PASS_THRU;/* opcode */
968 *p_data++ = AVRC_ID_VENDOR; /* operation id */
969 *p_data++ = 5; /* operation data len */
970 AVRC_CO_ID_TO_BE_STREAM(p_data, AVRC_CO_METADATA);
971 }
972
973 /* abandon previous fragments */
974 p_fcb = &avrc_cb.fcb[handle];
975 if (p_fcb->frag_enabled) {
976 p_fcb->frag_enabled = FALSE;
977 }
978
979 if (p_fcb->p_fmsg) {
980 osi_free(p_fcb->p_fmsg);
981 p_fcb->p_fmsg = NULL;
982 }
983
984 /* AVRCP spec has not defined any control channel commands that needs fragmentation at this level
985 * check for fragmentation only on the response */
986 if ((cr == AVCT_RSP) && (chk_frag == TRUE)) {
987 if (p_pkt->len > AVRC_MAX_CTRL_DATA_LEN) {
988 int offset_len = MAX(AVCT_MSG_OFFSET, p_pkt->offset);
989 p_pkt_new = (BT_HDR *)osi_malloc((UINT16)(AVRC_PACKET_LEN + offset_len
990 + BT_HDR_SIZE));
991 if (p_pkt_new && (p_start != NULL)) {
992 p_fcb->frag_enabled = TRUE;
993 p_fcb->p_fmsg = p_pkt;
994 p_fcb->frag_pdu = *p_start;
995 p_pkt = p_pkt_new;
996 p_pkt_new = p_fcb->p_fmsg;
997 p_pkt->len = AVRC_MAX_CTRL_DATA_LEN;
998 p_pkt->offset = p_pkt_new->offset;
999 p_pkt->layer_specific = p_pkt_new->layer_specific;
1000 p_pkt->event = p_pkt_new->event;
1001 p_data = (UINT8 *)(p_pkt + 1) + p_pkt->offset;
1002 p_start -= AVRC_VENDOR_HDR_SIZE;
1003 memcpy (p_data, p_start, AVRC_MAX_CTRL_DATA_LEN);
1004 /* use AVRC start packet type */
1005 p_data += AVRC_VENDOR_HDR_SIZE;
1006 p_data++; /* pdu */
1007 *p_data++ = AVRC_PKT_START;
1008 /* 4 pdu, pkt_type & len */
1009 len = (AVRC_MAX_CTRL_DATA_LEN - AVRC_VENDOR_HDR_SIZE - AVRC_MIN_META_HDR_SIZE);
1010 UINT16_TO_BE_STREAM(p_data, len);
1011
1012 /* prepare the left over for as an end fragment */
1013 avrc_prep_end_frag (handle);
1014 AVRC_TRACE_DEBUG ("%s p_pkt len:%d/%d, next len:%d", __func__,
1015 p_pkt->len, len, p_fcb->p_fmsg->len );
1016 } else {
1017 AVRC_TRACE_ERROR ("AVRC_MsgReq no buffers for fragmentation" );
1018 osi_free(p_pkt);
1019 return AVRC_NO_RESOURCES;
1020 }
1021 }
1022 }
1023
1024 return AVCT_MsgReq( handle, label, cr, p_pkt);
1025 #else
1026 return AVRC_NO_RESOURCES;
1027 #endif
1028 }
1029
1030
1031 /******************************************************************************
1032 **
1033 ** Function AVRC_PassCmd
1034 **
1035 ** Description Send a PASS THROUGH command to the peer device. This
1036 ** function can only be called for controller role connections.
1037 ** Any response message from the peer is passed back through
1038 ** the tAVRC_MSG_CBACK callback function.
1039 **
1040 ** Input Parameters:
1041 ** handle: Handle of this connection.
1042 **
1043 ** label: Transaction label.
1044 **
1045 ** p_msg: Pointer to PASS THROUGH message structure.
1046 **
1047 ** Output Parameters:
1048 ** None.
1049 **
1050 ** Returns AVRC_SUCCESS if successful.
1051 ** AVRC_BAD_HANDLE if handle is invalid.
1052 **
1053 ******************************************************************************/
AVRC_PassCmd(UINT8 handle,UINT8 label,tAVRC_MSG_PASS * p_msg)1054 UINT16 AVRC_PassCmd(UINT8 handle, UINT8 label, tAVRC_MSG_PASS *p_msg)
1055 {
1056 BT_HDR *p_buf;
1057 assert(p_msg != NULL);
1058 if (p_msg) {
1059 p_msg->hdr.ctype = AVRC_CMD_CTRL;
1060 p_buf = avrc_pass_msg(p_msg);
1061 if (p_buf) {
1062 return AVCT_MsgReq( handle, label, AVCT_CMD, p_buf);
1063 }
1064 }
1065 return AVRC_NO_RESOURCES;
1066 }
1067
1068 /******************************************************************************
1069 **
1070 ** Function AVRC_PassRsp
1071 **
1072 ** Description Send a PASS THROUGH response to the peer device. This
1073 ** function can only be called for target role connections.
1074 ** This function must be called when a PASS THROUGH command
1075 ** message is received from the peer through the
1076 ** tAVRC_MSG_CBACK callback function.
1077 **
1078 ** Input Parameters:
1079 ** handle: Handle of this connection.
1080 **
1081 ** label: Transaction label. Must be the same value as
1082 ** passed with the command message in the callback function.
1083 **
1084 ** p_msg: Pointer to PASS THROUGH message structure.
1085 **
1086 ** Output Parameters:
1087 ** None.
1088 **
1089 ** Returns AVRC_SUCCESS if successful.
1090 ** AVRC_BAD_HANDLE if handle is invalid.
1091 **
1092 ******************************************************************************/
AVRC_PassRsp(UINT8 handle,UINT8 label,tAVRC_MSG_PASS * p_msg)1093 UINT16 AVRC_PassRsp(UINT8 handle, UINT8 label, tAVRC_MSG_PASS *p_msg)
1094 {
1095 BT_HDR *p_buf;
1096 assert(p_msg != NULL);
1097 if (p_msg) {
1098 p_buf = avrc_pass_msg(p_msg);
1099 if (p_buf) {
1100 return AVCT_MsgReq( handle, label, AVCT_RSP, p_buf);
1101 }
1102 }
1103 return AVRC_NO_RESOURCES;
1104 }
1105
1106 #endif /* #if (defined(AVRC_INCLUDED) && AVRC_INCLUDED == TRUE) */
1107
