1 /******************************************************************************
2 *
3 * Copyright 2008-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for BLE GAP.
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_btm_ble"
26
27 #include <base/bind.h>
28 #include <base/strings/string_number_conversions.h>
29 #include <cstdint>
30 #include <list>
31 #include <memory>
32 #include <vector>
33
34 #include "common/time_util.h"
35 #include "device/include/controller.h"
36 #include "main/shim/acl_api.h"
37 #include "main/shim/btm_api.h"
38 #include "main/shim/shim.h"
39 #include "osi/include/log.h"
40 #include "stack/btm/btm_ble_int.h"
41 #include "stack/btm/btm_ble_int_types.h"
42 #include "stack/btm/btm_dev.h"
43 #include "stack/btm/btm_int_types.h"
44 #include "stack/gatt/gatt_int.h"
45 #include "stack/include/acl_api.h"
46 #include "stack/include/advertise_data_parser.h"
47 #include "stack/include/bt_types.h"
48 #include "stack/include/btm_api_types.h"
49 #include "stack/include/gap_api.h"
50 #include "stack/include/hci_error_code.h"
51 #include "stack/include/hcimsgs.h"
52 #include "stack/include/inq_hci_link_interface.h"
53 #include "types/raw_address.h"
54
55 extern tBTM_CB btm_cb;
56
57 extern void btm_inq_remote_name_timer_timeout(void* data);
58 extern bool btm_ble_init_pseudo_addr(tBTM_SEC_DEV_REC* p_dev_rec,
59 const RawAddress& new_pseudo_addr);
60 extern bool btm_identity_addr_to_random_pseudo(RawAddress* bd_addr,
61 uint8_t* p_addr_type,
62 bool refresh);
63 extern void btm_ble_batchscan_init(void);
64 extern void btm_ble_adv_filter_init(void);
65 extern void btm_clear_all_pending_le_entry(void);
66 extern const tBLE_BD_ADDR convert_to_address_with_type(
67 const RawAddress& bd_addr, const tBTM_SEC_DEV_REC* p_dev_rec);
68
69 #define BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS (30 * 1000)
70 #define MIN_ADV_LENGTH 2
71 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN 9
72 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE \
73 BTM_VSC_CHIP_CAPABILITY_RSP_LEN
74 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_M_RELEASE 15
75 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_S_RELEASE 25
76
77 namespace {
78
79 class AdvertisingCache {
80 public:
81 /* Set the data to |data| for device |addr_type, addr| */
Set(uint8_t addr_type,const RawAddress & addr,std::vector<uint8_t> data)82 const std::vector<uint8_t>& Set(uint8_t addr_type, const RawAddress& addr,
83 std::vector<uint8_t> data) {
84 auto it = Find(addr_type, addr);
85 if (it != items.end()) {
86 it->data = std::move(data);
87 return it->data;
88 }
89
90 if (items.size() > cache_max) {
91 items.pop_back();
92 }
93
94 items.emplace_front(addr_type, addr, std::move(data));
95 return items.front().data;
96 }
97
Exist(uint8_t addr_type,const RawAddress & addr)98 bool Exist(uint8_t addr_type, const RawAddress& addr) {
99 auto it = Find(addr_type, addr);
100 if (it != items.end()) {
101 return true;
102 }
103 return false;
104 }
105
106 /* Append |data| for device |addr_type, addr| */
Append(uint8_t addr_type,const RawAddress & addr,std::vector<uint8_t> data)107 const std::vector<uint8_t>& Append(uint8_t addr_type, const RawAddress& addr,
108 std::vector<uint8_t> data) {
109 auto it = Find(addr_type, addr);
110 if (it != items.end()) {
111 it->data.insert(it->data.end(), data.begin(), data.end());
112 return it->data;
113 }
114
115 if (items.size() > cache_max) {
116 items.pop_back();
117 }
118
119 items.emplace_front(addr_type, addr, std::move(data));
120 return items.front().data;
121 }
122
123 /* Clear data for device |addr_type, addr| */
Clear(uint8_t addr_type,const RawAddress & addr)124 void Clear(uint8_t addr_type, const RawAddress& addr) {
125 auto it = Find(addr_type, addr);
126 if (it != items.end()) {
127 items.erase(it);
128 }
129 }
130
ClearAll()131 void ClearAll() {
132 items.clear();
133 }
134
135 private:
136 struct Item {
137 uint8_t addr_type;
138 RawAddress addr;
139 std::vector<uint8_t> data;
140
Item__anon3c6f61d60111::AdvertisingCache::Item141 Item(uint8_t addr_type, const RawAddress& addr, std::vector<uint8_t> data)
142 : addr_type(addr_type), addr(addr), data(data) {}
143 };
144
Find(uint8_t addr_type,const RawAddress & addr)145 std::list<Item>::iterator Find(uint8_t addr_type, const RawAddress& addr) {
146 for (auto it = items.begin(); it != items.end(); it++) {
147 if (it->addr_type == addr_type && it->addr == addr) {
148 return it;
149 }
150 }
151 return items.end();
152 }
153
154 /* we keep maximum 7 devices in the cache */
155 const size_t cache_max = 7;
156 std::list<Item> items;
157 };
158
159 /* Devices in this cache are waiting for eiter scan response, or chained packets
160 * on secondary channel */
161 AdvertisingCache cache;
162
163 } // namespace
164
165 #if (BLE_VND_INCLUDED == TRUE)
166 static tBTM_BLE_CTRL_FEATURES_CBACK* p_ctrl_le_feature_rd_cmpl_cback = NULL;
167 #endif
168
169 /*******************************************************************************
170 * Local functions
171 ******************************************************************************/
172 static void btm_ble_update_adv_flag(uint8_t flag);
173 void btm_ble_process_adv_pkt_cont(uint16_t evt_type, uint8_t addr_type,
174 const RawAddress& bda, uint8_t primary_phy,
175 uint8_t secondary_phy,
176 uint8_t advertising_sid, int8_t tx_power,
177 int8_t rssi, uint16_t periodic_adv_int,
178 uint8_t data_len, uint8_t* data);
179 static uint8_t btm_set_conn_mode_adv_init_addr(RawAddress& p_peer_addr_ptr,
180 tBLE_ADDR_TYPE* p_peer_addr_type,
181 tBLE_ADDR_TYPE* p_own_addr_type);
182 static void btm_ble_stop_observe(void);
183 static void btm_ble_fast_adv_timer_timeout(void* data);
184 static void btm_ble_start_slow_adv(void);
185 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(void* data);
186 static void btm_ble_inquiry_timer_timeout(void* data);
187 static void btm_ble_observer_timer_timeout(void* data);
188
189 enum : uint8_t {
190 BTM_BLE_NOT_SCANNING = 0x00,
191 BTM_BLE_INQ_RESULT = 0x01,
192 BTM_BLE_OBS_RESULT = 0x02,
193 };
194
ble_evt_type_is_connectable(uint16_t evt_type)195 static bool ble_evt_type_is_connectable(uint16_t evt_type) {
196 return evt_type & (1 << BLE_EVT_CONNECTABLE_BIT);
197 }
198
ble_evt_type_is_scannable(uint16_t evt_type)199 static bool ble_evt_type_is_scannable(uint16_t evt_type) {
200 return evt_type & (1 << BLE_EVT_SCANNABLE_BIT);
201 }
202
ble_evt_type_is_directed(uint16_t evt_type)203 static bool ble_evt_type_is_directed(uint16_t evt_type) {
204 return evt_type & (1 << BLE_EVT_DIRECTED_BIT);
205 }
206
ble_evt_type_is_scan_resp(uint16_t evt_type)207 static bool ble_evt_type_is_scan_resp(uint16_t evt_type) {
208 return evt_type & (1 << BLE_EVT_SCAN_RESPONSE_BIT);
209 }
210
ble_evt_type_is_legacy(uint16_t evt_type)211 static bool ble_evt_type_is_legacy(uint16_t evt_type) {
212 return evt_type & (1 << BLE_EVT_LEGACY_BIT);
213 }
214
ble_evt_type_data_status(uint16_t evt_type)215 static uint8_t ble_evt_type_data_status(uint16_t evt_type) {
216 return (evt_type >> 5) & 3;
217 }
218
219 constexpr uint8_t UNSUPPORTED = 255;
220
221 /* LE states combo bit to check */
222 const uint8_t btm_le_state_combo_tbl[BTM_BLE_STATE_MAX][BTM_BLE_STATE_MAX] = {
223 {
224 /* single state support */
225 HCI_LE_STATES_CONN_ADV_BIT, /* conn_adv */
226 HCI_LE_STATES_INIT_BIT, /* init */
227 HCI_LE_STATES_INIT_BIT, /* central */
228 HCI_LE_STATES_PERIPHERAL_BIT, /* peripheral */
229 UNSUPPORTED, /* todo: lo du dir adv, not covered ? */
230 HCI_LE_STATES_HI_DUTY_DIR_ADV_BIT, /* hi duty dir adv */
231 HCI_LE_STATES_NON_CONN_ADV_BIT, /* non connectable adv */
232 HCI_LE_STATES_PASS_SCAN_BIT, /* passive scan */
233 HCI_LE_STATES_ACTIVE_SCAN_BIT, /* active scan */
234 HCI_LE_STATES_SCAN_ADV_BIT /* scanable adv */
235 },
236 {
237 /* conn_adv =0 */
238 UNSUPPORTED, /* conn_adv */
239 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* init: 32 */
240 HCI_LE_STATES_CONN_ADV_CENTRAL_BIT, /* central: 35 */
241 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* peripheral: 38,*/
242 UNSUPPORTED, /* lo du dir adv */
243 UNSUPPORTED, /* hi duty dir adv */
244 UNSUPPORTED, /* non connectable adv */
245 HCI_LE_STATES_CONN_ADV_PASS_SCAN_BIT, /* passive scan */
246 HCI_LE_STATES_CONN_ADV_ACTIVE_SCAN_BIT, /* active scan */
247 UNSUPPORTED /* scanable adv */
248 },
249 {
250 /* init */
251 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* conn_adv: 32 */
252 UNSUPPORTED, /* init */
253 HCI_LE_STATES_INIT_CENTRAL_BIT, /* central 28 */
254 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* peripheral 41 */
255 HCI_LE_STATES_LO_DUTY_DIR_ADV_INIT_BIT, /* lo du dir adv 34 */
256 HCI_LE_STATES_HI_DUTY_DIR_ADV_INIT_BIT, /* hi duty dir adv 33 */
257 HCI_LE_STATES_NON_CONN_INIT_BIT, /* non connectable adv */
258 HCI_LE_STATES_PASS_SCAN_INIT_BIT, /* passive scan */
259 HCI_LE_STATES_ACTIVE_SCAN_INIT_BIT, /* active scan */
260 HCI_LE_STATES_SCAN_ADV_INIT_BIT /* scanable adv */
261
262 },
263 {
264 /* central */
265 HCI_LE_STATES_CONN_ADV_CENTRAL_BIT, /* conn_adv: 35 */
266 HCI_LE_STATES_INIT_CENTRAL_BIT, /* init 28 */
267 HCI_LE_STATES_INIT_CENTRAL_BIT, /* central 28 */
268 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* peripheral: 32 */
269 HCI_LE_STATES_LO_DUTY_DIR_ADV_CENTRAL_BIT, /* lo duty cycle adv 37 */
270 HCI_LE_STATES_HI_DUTY_DIR_ADV_CENTRAL_BIT, /* hi duty cycle adv 36 */
271 HCI_LE_STATES_NON_CONN_ADV_CENTRAL_BIT, /* non connectable adv*/
272 HCI_LE_STATES_PASS_SCAN_CENTRAL_BIT, /* passive scan */
273 HCI_LE_STATES_ACTIVE_SCAN_CENTRAL_BIT, /* active scan */
274 HCI_LE_STATES_SCAN_ADV_CENTRAL_BIT /* scanable adv */
275
276 },
277 {
278 /* peripheral */
279 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* conn_adv: 38,*/
280 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* init 41 */
281 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* central 41 */
282 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* peripheral: 38,*/
283 HCI_LE_STATES_LO_DUTY_DIR_ADV_PERIPHERAL_BIT, /* lo duty cycle adv 40 */
284 HCI_LE_STATES_HI_DUTY_DIR_ADV_PERIPHERAL_BIT, /* hi duty cycle adv 39 */
285 HCI_LE_STATES_NON_CONN_ADV_PERIPHERAL_BIT, /* non connectable adv */
286 HCI_LE_STATES_PASS_SCAN_PERIPHERAL_BIT, /* passive scan */
287 HCI_LE_STATES_ACTIVE_SCAN_PERIPHERAL_BIT, /* active scan */
288 HCI_LE_STATES_SCAN_ADV_PERIPHERAL_BIT /* scanable adv */
289
290 },
291 {
292 /* lo duty cycle adv */
293 UNSUPPORTED, /* conn_adv: 38,*/
294 HCI_LE_STATES_LO_DUTY_DIR_ADV_INIT_BIT, /* init 34 */
295 HCI_LE_STATES_LO_DUTY_DIR_ADV_CENTRAL_BIT, /* central 37 */
296 HCI_LE_STATES_LO_DUTY_DIR_ADV_PERIPHERAL_BIT, /* peripheral: 40 */
297 UNSUPPORTED, /* lo duty cycle adv 40 */
298 UNSUPPORTED, /* hi duty cycle adv 39 */
299 UNSUPPORTED, /* non connectable adv */
300 UNSUPPORTED, /* TODO: passive scan, not covered? */
301 UNSUPPORTED, /* TODO: active scan, not covered? */
302 UNSUPPORTED /* scanable adv */
303 },
304 {
305 /* hi duty cycle adv */
306 UNSUPPORTED, /* conn_adv: 38,*/
307 HCI_LE_STATES_HI_DUTY_DIR_ADV_INIT_BIT, /* init 33 */
308 HCI_LE_STATES_HI_DUTY_DIR_ADV_CENTRAL_BIT, /* central 36 */
309 HCI_LE_STATES_HI_DUTY_DIR_ADV_PERIPHERAL_BIT, /* peripheral: 39*/
310 UNSUPPORTED, /* lo duty cycle adv 40 */
311 UNSUPPORTED, /* hi duty cycle adv 39 */
312 UNSUPPORTED, /* non connectable adv */
313 HCI_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_BIT, /* passive scan */
314 HCI_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_BIT, /* active scan */
315 UNSUPPORTED /* scanable adv */
316 },
317 {
318 /* non connectable adv */
319 UNSUPPORTED, /* conn_adv: */
320 HCI_LE_STATES_NON_CONN_INIT_BIT, /* init */
321 HCI_LE_STATES_NON_CONN_ADV_CENTRAL_BIT, /* central */
322 HCI_LE_STATES_NON_CONN_ADV_PERIPHERAL_BIT, /* peripheral: */
323 UNSUPPORTED, /* lo duty cycle adv */
324 UNSUPPORTED, /* hi duty cycle adv */
325 UNSUPPORTED, /* non connectable adv */
326 HCI_LE_STATES_NON_CONN_ADV_PASS_SCAN_BIT, /* passive scan */
327 HCI_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_BIT, /* active scan */
328 UNSUPPORTED /* scanable adv */
329 },
330 {
331 /* passive scan */
332 HCI_LE_STATES_CONN_ADV_PASS_SCAN_BIT, /* conn_adv: */
333 HCI_LE_STATES_PASS_SCAN_INIT_BIT, /* init */
334 HCI_LE_STATES_PASS_SCAN_CENTRAL_BIT, /* central */
335 HCI_LE_STATES_PASS_SCAN_PERIPHERAL_BIT, /* peripheral: */
336 UNSUPPORTED, /* lo duty cycle adv */
337 HCI_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_BIT, /* hi duty cycle adv */
338 HCI_LE_STATES_NON_CONN_ADV_PASS_SCAN_BIT, /* non connectable adv */
339 UNSUPPORTED, /* passive scan */
340 UNSUPPORTED, /* active scan */
341 HCI_LE_STATES_SCAN_ADV_PASS_SCAN_BIT /* scanable adv */
342 },
343 {
344 /* active scan */
345 HCI_LE_STATES_CONN_ADV_ACTIVE_SCAN_BIT, /* conn_adv: */
346 HCI_LE_STATES_ACTIVE_SCAN_INIT_BIT, /* init */
347 HCI_LE_STATES_ACTIVE_SCAN_CENTRAL_BIT, /* central */
348 HCI_LE_STATES_ACTIVE_SCAN_PERIPHERAL_BIT, /* peripheral: */
349 UNSUPPORTED, /* lo duty cycle adv */
350 HCI_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_BIT, /* hi duty cycle adv */
351 HCI_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_BIT, /* non connectable adv */
352 UNSUPPORTED, /* TODO: passive scan */
353 UNSUPPORTED, /* TODO: active scan */
354 HCI_LE_STATES_SCAN_ADV_ACTIVE_SCAN_BIT /* scanable adv */
355 },
356 {
357 /* scanable adv */
358 UNSUPPORTED, /* conn_adv: */
359 HCI_LE_STATES_SCAN_ADV_INIT_BIT, /* init */
360 HCI_LE_STATES_SCAN_ADV_CENTRAL_BIT, /* central */
361 HCI_LE_STATES_SCAN_ADV_PERIPHERAL_BIT, /* peripheral: */
362 UNSUPPORTED, /* lo duty cycle adv */
363 UNSUPPORTED, /* hi duty cycle adv */
364 UNSUPPORTED, /* non connectable adv */
365 HCI_LE_STATES_SCAN_ADV_PASS_SCAN_BIT, /* passive scan */
366 HCI_LE_STATES_SCAN_ADV_ACTIVE_SCAN_BIT, /* active scan */
367 UNSUPPORTED /* scanable adv */
368 }};
369
370 /* check LE combo state supported */
BTM_LE_STATES_SUPPORTED(const uint8_t * x,uint8_t bit_num)371 inline bool BTM_LE_STATES_SUPPORTED(const uint8_t* x, uint8_t bit_num) {
372 uint8_t mask = 1 << (bit_num % 8);
373 uint8_t offset = bit_num / 8;
374 return ((x)[offset] & mask);
375 }
376
377 /*******************************************************************************
378 *
379 * Function BTM_BleObserve
380 *
381 * Description This procedure keep the device listening for advertising
382 * events from a broadcast device.
383 *
384 * Parameters start: start or stop observe.
385 * acceptlist: use acceptlist in observer mode or not.
386 *
387 * Returns void
388 *
389 ******************************************************************************/
BTM_BleObserve(bool start,uint8_t duration,tBTM_INQ_RESULTS_CB * p_results_cb,tBTM_CMPL_CB * p_cmpl_cb)390 tBTM_STATUS BTM_BleObserve(bool start, uint8_t duration,
391 tBTM_INQ_RESULTS_CB* p_results_cb,
392 tBTM_CMPL_CB* p_cmpl_cb) {
393 if (bluetooth::shim::is_gd_shim_enabled()) {
394 return bluetooth::shim::BTM_BleObserve(start, duration, p_results_cb,
395 p_cmpl_cb);
396 }
397
398 tBTM_BLE_INQ_CB* p_inq = &btm_cb.ble_ctr_cb.inq_var;
399 tBTM_STATUS status = BTM_WRONG_MODE;
400
401 uint32_t scan_interval =
402 !p_inq->scan_interval ? BTM_BLE_GAP_DISC_SCAN_INT : p_inq->scan_interval;
403 uint32_t scan_window =
404 !p_inq->scan_window ? BTM_BLE_GAP_DISC_SCAN_WIN : p_inq->scan_window;
405
406 BTM_TRACE_EVENT("%s : scan_type:%d, %d, %d", __func__, p_inq->scan_type,
407 p_inq->scan_interval, p_inq->scan_window);
408
409 if (!controller_get_interface()->supports_ble()) return BTM_ILLEGAL_VALUE;
410
411 if (start) {
412 /* shared inquiry database, do not allow observe if any inquiry is active */
413 if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
414 BTM_TRACE_ERROR("%s Observe Already Active", __func__);
415 return status;
416 }
417
418 btm_cb.ble_ctr_cb.p_obs_results_cb = p_results_cb;
419 btm_cb.ble_ctr_cb.p_obs_cmpl_cb = p_cmpl_cb;
420 status = BTM_CMD_STARTED;
421
422 /* scan is not started */
423 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) {
424 /* allow config of scan type */
425 cache.ClearAll();
426 p_inq->scan_type = (p_inq->scan_type == BTM_BLE_SCAN_MODE_NONE)
427 ? BTM_BLE_SCAN_MODE_ACTI
428 : p_inq->scan_type;
429 /* assume observe always not using acceptlist */
430 /* enable resolving list */
431 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
432
433 btm_send_hci_set_scan_params(
434 p_inq->scan_type, (uint16_t)scan_interval, (uint16_t)scan_window,
435 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, BTM_BLE_DEFAULT_SFP);
436
437 btm_ble_start_scan();
438 }
439
440 if (status == BTM_CMD_STARTED) {
441 btm_cb.ble_ctr_cb.set_ble_observe_active();
442 if (duration != 0) {
443 /* start observer timer */
444 uint64_t duration_ms = duration * 1000;
445 alarm_set_on_mloop(btm_cb.ble_ctr_cb.observer_timer, duration_ms,
446 btm_ble_observer_timer_timeout, NULL);
447 }
448 }
449 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
450 status = BTM_CMD_STARTED;
451 btm_ble_stop_observe();
452 } else {
453 BTM_TRACE_ERROR("%s Observe not active", __func__);
454 }
455
456 return status;
457 }
458
459 #if (BLE_VND_INCLUDED == TRUE)
460
btm_get_dynamic_audio_buffer_vsc_cmpl_cback(tBTM_VSC_CMPL * p_vsc_cmpl_params)461 static void btm_get_dynamic_audio_buffer_vsc_cmpl_cback(
462 tBTM_VSC_CMPL* p_vsc_cmpl_params) {
463 LOG(INFO) << __func__;
464
465 if (p_vsc_cmpl_params->param_len < 1) {
466 LOG(ERROR) << __func__
467 << ": The length of returned parameters is less than 1";
468 return;
469 }
470 uint8_t* p_event_param_buf = p_vsc_cmpl_params->p_param_buf;
471 uint8_t status = 0xff;
472 uint8_t opcode = 0xff;
473 uint32_t codec_mask = 0xffffffff;
474
475 // [Return Parameter] | [Size] | [Purpose]
476 // Status | 1 octet | Command complete status
477 // Dynamic_Audio_Buffer_opcode| 1 octet | 0x01 - Get buffer time
478 // Audio_Codedc_Type_Supported| 4 octet | Bit masks for selected codec types
479 // Audio_Codec_Buffer_Time | 192 octet| Default/Max/Min buffer time
480 STREAM_TO_UINT8(status, p_event_param_buf);
481 if (status != HCI_SUCCESS) {
482 LOG(ERROR) << __func__
483 << ": Fail to configure DFTB. status: " << loghex(status);
484 return;
485 }
486
487 if (p_vsc_cmpl_params->param_len != 198) {
488 LOG(FATAL) << __func__
489 << ": The length of returned parameters is not equal to 198: "
490 << std::to_string(p_vsc_cmpl_params->param_len);
491 return;
492 }
493
494 STREAM_TO_UINT8(opcode, p_event_param_buf);
495 LOG(INFO) << __func__ << ": opcode = " << loghex(opcode);
496
497 if (opcode == 0x01) {
498 STREAM_TO_UINT32(codec_mask, p_event_param_buf);
499 LOG(INFO) << __func__ << ": codec_mask = " << loghex(codec_mask);
500
501 for (int i = 0; i < BTM_CODEC_TYPE_MAX_RECORDS; i++) {
502 STREAM_TO_UINT16(btm_cb.dynamic_audio_buffer_cb[i].default_buffer_time,
503 p_event_param_buf);
504 STREAM_TO_UINT16(btm_cb.dynamic_audio_buffer_cb[i].maximum_buffer_time,
505 p_event_param_buf);
506 STREAM_TO_UINT16(btm_cb.dynamic_audio_buffer_cb[i].minimum_buffer_time,
507 p_event_param_buf);
508 }
509
510 LOG(INFO) << __func__ << ": Succeed to receive Media Tx Buffer.";
511 }
512 }
513
514 /*******************************************************************************
515 *
516 * Function btm_vsc_brcm_features_complete
517 *
518 * Description Command Complete callback for HCI_BLE_VENDOR_CAP
519 *
520 * Returns void
521 *
522 ******************************************************************************/
btm_ble_vendor_capability_vsc_cmpl_cback(tBTM_VSC_CMPL * p_vcs_cplt_params)523 static void btm_ble_vendor_capability_vsc_cmpl_cback(
524 tBTM_VSC_CMPL* p_vcs_cplt_params) {
525
526 BTM_TRACE_DEBUG("%s", __func__);
527
528 /* Check status of command complete event */
529 CHECK(p_vcs_cplt_params->opcode == HCI_BLE_VENDOR_CAP);
530 CHECK(p_vcs_cplt_params->param_len > 0);
531
532 const uint8_t* p = p_vcs_cplt_params->p_param_buf;
533 uint8_t raw_status;
534 STREAM_TO_UINT8(raw_status, p);
535 tHCI_STATUS status = to_hci_status_code(raw_status);
536
537 if (status != HCI_SUCCESS) {
538 BTM_TRACE_DEBUG("%s: Status = 0x%02x (0 is success)", __func__, status);
539 return;
540 }
541 CHECK(p_vcs_cplt_params->param_len >= BTM_VSC_CHIP_CAPABILITY_RSP_LEN);
542 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.adv_inst_max, p);
543 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.rpa_offloading, p);
544 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg, p);
545 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz, p);
546 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.filter_support, p);
547 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_filter, p);
548 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.energy_support, p);
549
550 if (p_vcs_cplt_params->param_len >
551 BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE) {
552 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.version_supported, p);
553 } else {
554 btm_cb.cmn_ble_vsc_cb.version_supported = BTM_VSC_CHIP_CAPABILITY_L_VERSION;
555 }
556
557 if (btm_cb.cmn_ble_vsc_cb.version_supported >=
558 BTM_VSC_CHIP_CAPABILITY_M_VERSION) {
559 CHECK(p_vcs_cplt_params->param_len >= BTM_VSC_CHIP_CAPABILITY_RSP_LEN_M_RELEASE);
560 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.total_trackable_advertisers, p);
561 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.extended_scan_support, p);
562 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.debug_logging_supported, p);
563 }
564
565 if (btm_cb.cmn_ble_vsc_cb.version_supported >=
566 BTM_VSC_CHIP_CAPABILITY_S_VERSION) {
567 if (p_vcs_cplt_params->param_len >=
568 BTM_VSC_CHIP_CAPABILITY_RSP_LEN_S_RELEASE) {
569 STREAM_TO_UINT8(
570 btm_cb.cmn_ble_vsc_cb.le_address_generation_offloading_support, p);
571 STREAM_TO_UINT32(
572 btm_cb.cmn_ble_vsc_cb.a2dp_source_offload_capability_mask, p);
573 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.quality_report_support, p);
574 STREAM_TO_UINT32(btm_cb.cmn_ble_vsc_cb.dynamic_audio_buffer_support, p);
575
576 if (btm_cb.cmn_ble_vsc_cb.dynamic_audio_buffer_support != 0) {
577 uint8_t param[3] = {0};
578 uint8_t* p_param = param;
579
580 UINT8_TO_STREAM(p_param, HCI_CONTROLLER_DAB_GET_BUFFER_TIME);
581 BTM_VendorSpecificCommand(HCI_CONTROLLER_DAB, p_param - param, param,
582 btm_get_dynamic_audio_buffer_vsc_cmpl_cback);
583 }
584 }
585 }
586 btm_cb.cmn_ble_vsc_cb.values_read = true;
587
588 BTM_TRACE_DEBUG(
589 "%s: stat=%d, irk=%d, ADV ins:%d, rpa=%d, ener=%d, ext_scan=%d", __func__,
590 status, btm_cb.cmn_ble_vsc_cb.max_irk_list_sz,
591 btm_cb.cmn_ble_vsc_cb.adv_inst_max, btm_cb.cmn_ble_vsc_cb.rpa_offloading,
592 btm_cb.cmn_ble_vsc_cb.energy_support,
593 btm_cb.cmn_ble_vsc_cb.extended_scan_support);
594
595 btm_ble_adv_init();
596
597 if (btm_cb.cmn_ble_vsc_cb.max_filter > 0) btm_ble_adv_filter_init();
598
599 /* VS capability included and non-4.2 device */
600 if (btm_cb.cmn_ble_vsc_cb.max_irk_list_sz > 0 &&
601 controller_get_interface()->get_ble_resolving_list_max_size() == 0)
602 btm_ble_resolving_list_init(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz);
603
604 if (btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg > 0) btm_ble_batchscan_init();
605
606 if (p_ctrl_le_feature_rd_cmpl_cback != NULL)
607 p_ctrl_le_feature_rd_cmpl_cback(static_cast<tHCI_STATUS>(status));
608 }
609 #endif /* (BLE_VND_INCLUDED == TRUE) */
610
611 /*******************************************************************************
612 *
613 * Function BTM_BleGetVendorCapabilities
614 *
615 * Description This function reads local LE features
616 *
617 * Parameters p_cmn_vsc_cb : Locala LE capability structure
618 *
619 * Returns void
620 *
621 ******************************************************************************/
BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB * p_cmn_vsc_cb)622 void BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB* p_cmn_vsc_cb) {
623 if (NULL != p_cmn_vsc_cb) {
624 *p_cmn_vsc_cb = btm_cb.cmn_ble_vsc_cb;
625 }
626 }
627
BTM_BleGetDynamicAudioBuffer(tBTM_BT_DYNAMIC_AUDIO_BUFFER_CB p_dynamic_audio_buffer_cb[])628 void BTM_BleGetDynamicAudioBuffer(
629 tBTM_BT_DYNAMIC_AUDIO_BUFFER_CB p_dynamic_audio_buffer_cb[]) {
630 BTM_TRACE_DEBUG("BTM_BleGetDynamicAudioBuffer");
631
632 if (NULL != p_dynamic_audio_buffer_cb) {
633 for (int i = 0; i < 32; i++) {
634 p_dynamic_audio_buffer_cb[i] = btm_cb.dynamic_audio_buffer_cb[i];
635 }
636 }
637 }
638
639 /******************************************************************************
640 *
641 * Function BTM_BleReadControllerFeatures
642 *
643 * Description Reads BLE specific controller features
644 *
645 * Parameters: tBTM_BLE_CTRL_FEATURES_CBACK : Callback to notify when
646 * features are read
647 *
648 * Returns void
649 *
650 ******************************************************************************/
651 #if (BLE_VND_INCLUDED == TRUE)
BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)652 void BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK* p_vsc_cback) {
653 if (btm_cb.cmn_ble_vsc_cb.values_read) return;
654
655 BTM_TRACE_DEBUG("BTM_BleReadControllerFeatures");
656
657 p_ctrl_le_feature_rd_cmpl_cback = p_vsc_cback;
658 BTM_VendorSpecificCommand(HCI_BLE_VENDOR_CAP, 0, NULL,
659 btm_ble_vendor_capability_vsc_cmpl_cback);
660 }
661 #else
BTM_BleReadControllerFeatures(UNUSED_ATTR tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)662 void BTM_BleReadControllerFeatures(
663 UNUSED_ATTR tBTM_BLE_CTRL_FEATURES_CBACK* p_vsc_cback) {}
664 #endif
665
666 /*******************************************************************************
667 *
668 * Function BTM_BleConfigPrivacy
669 *
670 * Description This function is called to enable or disable the privacy in
671 * LE channel of the local device.
672 *
673 * Parameters privacy_mode: privacy mode on or off.
674 *
675 * Returns bool privacy mode set success; otherwise failed.
676 *
677 ******************************************************************************/
BTM_BleConfigPrivacy(bool privacy_mode)678 bool BTM_BleConfigPrivacy(bool privacy_mode) {
679 tBTM_BLE_CB* p_cb = &btm_cb.ble_ctr_cb;
680
681 BTM_TRACE_EVENT("%s", __func__);
682
683 /* if LE is not supported, return error */
684 if (!controller_get_interface()->supports_ble()) return false;
685
686 tGAP_BLE_ATTR_VALUE gap_ble_attr_value;
687 gap_ble_attr_value.addr_resolution = 0;
688 if (!privacy_mode) /* if privacy disabled, always use public address */
689 {
690 p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
691 p_cb->privacy_mode = BTM_PRIVACY_NONE;
692 } else /* privacy is turned on*/
693 {
694 /* always set host random address, used when privacy 1.1 or priavcy 1.2 is
695 * disabled */
696 p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
697 btm_gen_resolvable_private_addr(base::Bind(&btm_gen_resolve_paddr_low));
698
699 /* 4.2 controller only allow privacy 1.2 or mixed mode, resolvable private
700 * address in controller */
701 if (controller_get_interface()->supports_ble_privacy()) {
702 gap_ble_attr_value.addr_resolution = 1;
703 p_cb->privacy_mode = BTM_PRIVACY_1_2;
704 } else /* 4.1/4.0 controller */
705 p_cb->privacy_mode = BTM_PRIVACY_1_1;
706 }
707
708 GAP_BleAttrDBUpdate(GATT_UUID_GAP_CENTRAL_ADDR_RESOL, &gap_ble_attr_value);
709
710 if (bluetooth::shim::is_gd_acl_enabled() ||
711 bluetooth::shim::is_gd_l2cap_enabled()) {
712 bluetooth::shim::ACL_ConfigureLePrivacy(privacy_mode);
713 }
714 return true;
715 }
716
717 /*******************************************************************************
718 *
719 * Function BTM_BleMaxMultiAdvInstanceCount
720 *
721 * Description Returns max number of multi adv instances supported by
722 * controller
723 *
724 * Returns Max multi adv instance count
725 *
726 ******************************************************************************/
BTM_BleMaxMultiAdvInstanceCount(void)727 uint8_t BTM_BleMaxMultiAdvInstanceCount(void) {
728 if (bluetooth::shim::is_gd_shim_enabled()) {
729 return bluetooth::shim::BTM_BleMaxMultiAdvInstanceCount();
730 }
731 return btm_cb.cmn_ble_vsc_cb.adv_inst_max < BTM_BLE_MULTI_ADV_MAX
732 ? btm_cb.cmn_ble_vsc_cb.adv_inst_max
733 : BTM_BLE_MULTI_ADV_MAX;
734 }
735
736 /*******************************************************************************
737 *
738 * Function BTM_BleLocalPrivacyEnabled
739 *
740 * Description Checks if local device supports private address
741 *
742 * Returns Return true if local privacy is enabled else false
743 *
744 ******************************************************************************/
BTM_BleLocalPrivacyEnabled(void)745 bool BTM_BleLocalPrivacyEnabled(void) {
746 if (bluetooth::shim::is_gd_shim_enabled()) {
747 return bluetooth::shim::BTM_BleLocalPrivacyEnabled();
748 }
749 return (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE);
750 }
751
is_resolving_list_bit_set(void * data,void * context)752 static bool is_resolving_list_bit_set(void* data, void* context) {
753 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
754
755 if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) != 0)
756 return false;
757
758 return true;
759 }
760
761 /*******************************************************************************
762 *
763 * Function btm_set_conn_mode_adv_init_addr
764 *
765 * Description set initator address type and local address type based on
766 * adv mode.
767 *
768 *
769 ******************************************************************************/
btm_set_conn_mode_adv_init_addr(RawAddress & p_peer_addr_ptr,tBLE_ADDR_TYPE * p_peer_addr_type,tBLE_ADDR_TYPE * p_own_addr_type)770 static uint8_t btm_set_conn_mode_adv_init_addr(
771 RawAddress& p_peer_addr_ptr, tBLE_ADDR_TYPE* p_peer_addr_type,
772 tBLE_ADDR_TYPE* p_own_addr_type) {
773 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
774 uint8_t evt_type;
775 tBTM_SEC_DEV_REC* p_dev_rec;
776
777 if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE) {
778 if (p_cb->scan_rsp) {
779 evt_type = BTM_BLE_DISCOVER_EVT;
780 } else {
781 evt_type = BTM_BLE_NON_CONNECT_EVT;
782 }
783 } else {
784 evt_type = BTM_BLE_CONNECT_EVT;
785 }
786
787 if (evt_type == BTM_BLE_CONNECT_EVT) {
788 evt_type = p_cb->directed_conn;
789
790 if (p_cb->directed_conn == BTM_BLE_CONNECT_DIR_EVT ||
791 p_cb->directed_conn == BTM_BLE_CONNECT_LO_DUTY_DIR_EVT) {
792 /* for privacy 1.2, convert peer address as static, own address set as ID
793 * addr */
794 if (btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 ||
795 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED) {
796 /* only do so for bonded device */
797 if ((p_dev_rec = btm_find_or_alloc_dev(p_cb->direct_bda.bda)) != NULL &&
798 p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) {
799 btm_ble_enable_resolving_list(BTM_BLE_RL_ADV);
800 p_peer_addr_ptr = p_dev_rec->ble.identity_address_with_type.bda;
801 *p_peer_addr_type = p_dev_rec->ble.identity_address_with_type.type;
802 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
803 return evt_type;
804 }
805 /* otherwise fall though as normal directed adv */
806 else {
807 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, true);
808 }
809 }
810 /* direct adv mode does not have privacy, if privacy is not enabled */
811 *p_peer_addr_type = p_cb->direct_bda.type;
812 p_peer_addr_ptr = p_cb->direct_bda.bda;
813 return evt_type;
814 }
815 }
816
817 /* undirect adv mode or non-connectable mode*/
818 /* when privacy 1.2 privacy only mode is used, or mixed mode */
819 if ((btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 &&
820 p_cb->afp != AP_SCAN_CONN_ALL) ||
821 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED) {
822 list_node_t* n =
823 list_foreach(btm_cb.sec_dev_rec, is_resolving_list_bit_set, NULL);
824 if (n) {
825 /* if enhanced privacy is required, set Identity address and matching IRK
826 * peer */
827 tBTM_SEC_DEV_REC* p_dev_rec =
828 static_cast<tBTM_SEC_DEV_REC*>(list_node(n));
829 p_peer_addr_ptr = p_dev_rec->ble.identity_address_with_type.bda;
830 *p_peer_addr_type = p_dev_rec->ble.identity_address_with_type.type;
831
832 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
833 } else {
834 /* resolving list is empty, not enabled */
835 *p_own_addr_type = BLE_ADDR_RANDOM;
836 }
837 }
838 /* privacy 1.1, or privacy 1.2, general discoverable/connectable mode, disable
839 privacy in */
840 /* controller fall back to host based privacy */
841 else if (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE) {
842 *p_own_addr_type = BLE_ADDR_RANDOM;
843 }
844
845 /* if no privacy,do not set any peer address,*/
846 /* local address type go by global privacy setting */
847 return evt_type;
848 }
849
850 /**
851 * This function is called to set scan parameters. |cb| is called with operation
852 * status
853 **/
BTM_BleSetScanParams(uint32_t scan_interval,uint32_t scan_window,tBLE_SCAN_MODE scan_mode,base::Callback<void (uint8_t)> cb)854 void BTM_BleSetScanParams(uint32_t scan_interval, uint32_t scan_window,
855 tBLE_SCAN_MODE scan_mode,
856 base::Callback<void(uint8_t)> cb) {
857 if (!controller_get_interface()->supports_ble()) {
858 LOG_INFO("Controller does not support ble");
859 return;
860 }
861
862 uint32_t max_scan_interval = BTM_BLE_EXT_SCAN_INT_MAX;
863 uint32_t max_scan_window = BTM_BLE_EXT_SCAN_WIN_MAX;
864 if (btm_cb.cmn_ble_vsc_cb.extended_scan_support == 0) {
865 max_scan_interval = BTM_BLE_SCAN_INT_MAX;
866 max_scan_window = BTM_BLE_SCAN_WIN_MAX;
867 }
868
869 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
870 if (BTM_BLE_ISVALID_PARAM(scan_interval, BTM_BLE_SCAN_INT_MIN,
871 max_scan_interval) &&
872 BTM_BLE_ISVALID_PARAM(scan_window, BTM_BLE_SCAN_WIN_MIN,
873 max_scan_window) &&
874 (scan_mode == BTM_BLE_SCAN_MODE_ACTI ||
875 scan_mode == BTM_BLE_SCAN_MODE_PASS)) {
876 p_cb->scan_type = scan_mode;
877 p_cb->scan_interval = scan_interval;
878 p_cb->scan_window = scan_window;
879
880 cb.Run(BTM_SUCCESS);
881 } else {
882 cb.Run(BTM_ILLEGAL_VALUE);
883 LOG_WARN("Illegal params: scan_interval = %d scan_window = %d",
884 scan_interval, scan_window);
885 }
886 }
887
888 /*******************************************************************************
889 *
890 * Function BTM__BLEReadDiscoverability
891 *
892 * Description This function is called to read the current LE
893 * discoverability mode of the device.
894 *
895 * Returns BTM_BLE_NON_DISCOVERABLE ,BTM_BLE_LIMITED_DISCOVERABLE or
896 * BTM_BLE_GENRAL_DISCOVERABLE
897 *
898 ******************************************************************************/
BTM_BleReadDiscoverability()899 uint16_t BTM_BleReadDiscoverability() {
900 BTM_TRACE_API("%s", __func__);
901
902 return (btm_cb.ble_ctr_cb.inq_var.discoverable_mode);
903 }
904
905 /*******************************************************************************
906 *
907 * Function BTM__BLEReadConnectability
908 *
909 * Description This function is called to read the current LE
910 * connectability mode of the device.
911 *
912 * Returns BTM_BLE_NON_CONNECTABLE or BTM_BLE_CONNECTABLE
913 *
914 ******************************************************************************/
BTM_BleReadConnectability()915 uint16_t BTM_BleReadConnectability() {
916 BTM_TRACE_API("%s", __func__);
917
918 return (btm_cb.ble_ctr_cb.inq_var.connectable_mode);
919 }
920
921 /*******************************************************************************
922 *
923 * Function btm_ble_select_adv_interval
924 *
925 * Description select adv interval based on device mode
926 *
927 * Returns void
928 *
929 ******************************************************************************/
btm_ble_select_adv_interval(uint8_t evt_type,uint16_t * p_adv_int_min,uint16_t * p_adv_int_max)930 static void btm_ble_select_adv_interval(uint8_t evt_type,
931 uint16_t* p_adv_int_min,
932 uint16_t* p_adv_int_max) {
933 switch (evt_type) {
934 case BTM_BLE_CONNECT_EVT:
935 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
936 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_1;
937 break;
938
939 case BTM_BLE_NON_CONNECT_EVT:
940 case BTM_BLE_DISCOVER_EVT:
941 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_2;
942 break;
943
944 /* connectable directed event */
945 case BTM_BLE_CONNECT_DIR_EVT:
946 *p_adv_int_min = BTM_BLE_GAP_ADV_DIR_MIN_INT;
947 *p_adv_int_max = BTM_BLE_GAP_ADV_DIR_MAX_INT;
948 break;
949
950 default:
951 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_SLOW_INT;
952 break;
953 }
954 }
955
956 /*******************************************************************************
957 *
958 * Function btm_ble_update_dmt_flag_bits
959 *
960 * Description Obtain updated adv flag value based on connect and
961 * discoverability mode. Also, setup DMT support value in the
962 * flag based on whether the controller supports both LE and
963 * BR/EDR.
964 *
965 * Parameters: flag_value (Input / Output) - flag value
966 * connect_mode (Input) - Connect mode value
967 * disc_mode (Input) - discoverability mode
968 *
969 * Returns void
970 *
971 ******************************************************************************/
btm_ble_update_dmt_flag_bits(uint8_t * adv_flag_value,const uint16_t connect_mode,const uint16_t disc_mode)972 void btm_ble_update_dmt_flag_bits(uint8_t* adv_flag_value,
973 const uint16_t connect_mode,
974 const uint16_t disc_mode) {
975 /* BR/EDR non-discoverable , non-connectable */
976 if ((disc_mode & BTM_DISCOVERABLE_MASK) == 0 &&
977 (connect_mode & BTM_CONNECTABLE_MASK) == 0)
978 *adv_flag_value |= BTM_BLE_BREDR_NOT_SPT;
979 else
980 *adv_flag_value &= ~BTM_BLE_BREDR_NOT_SPT;
981
982 /* if local controller support, mark both controller and host support in flag
983 */
984 if (controller_get_interface()->supports_simultaneous_le_bredr())
985 *adv_flag_value |= (BTM_BLE_DMT_CONTROLLER_SPT | BTM_BLE_DMT_HOST_SPT);
986 else
987 *adv_flag_value &= ~(BTM_BLE_DMT_CONTROLLER_SPT | BTM_BLE_DMT_HOST_SPT);
988 }
989
990 /*******************************************************************************
991 *
992 * Function btm_ble_set_adv_flag
993 *
994 * Description Set adv flag in adv data.
995 *
996 * Parameters: connect_mode (Input)- Connect mode value
997 * disc_mode (Input) - discoverability mode
998 *
999 * Returns void
1000 *
1001 ******************************************************************************/
btm_ble_set_adv_flag(uint16_t connect_mode,uint16_t disc_mode)1002 void btm_ble_set_adv_flag(uint16_t connect_mode, uint16_t disc_mode) {
1003 uint8_t flag = 0, old_flag = 0;
1004 tBTM_BLE_LOCAL_ADV_DATA* p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1005
1006 if (p_adv_data->p_flags != NULL) flag = old_flag = *(p_adv_data->p_flags);
1007
1008 btm_ble_update_dmt_flag_bits(&flag, connect_mode, disc_mode);
1009
1010 LOG_INFO("disc_mode %04x", disc_mode);
1011 /* update discoverable flag */
1012 if (disc_mode & BTM_BLE_LIMITED_DISCOVERABLE) {
1013 flag &= ~BTM_BLE_GEN_DISC_FLAG;
1014 flag |= BTM_BLE_LIMIT_DISC_FLAG;
1015 } else if (disc_mode & BTM_BLE_GENERAL_DISCOVERABLE) {
1016 flag |= BTM_BLE_GEN_DISC_FLAG;
1017 flag &= ~BTM_BLE_LIMIT_DISC_FLAG;
1018 } else /* remove all discoverable flags */
1019 {
1020 flag &= ~(BTM_BLE_LIMIT_DISC_FLAG | BTM_BLE_GEN_DISC_FLAG);
1021 }
1022
1023 if (flag != old_flag) {
1024 btm_ble_update_adv_flag(flag);
1025 }
1026 }
1027 /*******************************************************************************
1028 *
1029 * Function btm_ble_set_discoverability
1030 *
1031 * Description This function is called to set BLE discoverable mode.
1032 *
1033 * Parameters: combined_mode: discoverability mode.
1034 *
1035 * Returns BTM_SUCCESS is status set successfully; otherwise failure.
1036 *
1037 ******************************************************************************/
btm_ble_set_discoverability(uint16_t combined_mode)1038 tBTM_STATUS btm_ble_set_discoverability(uint16_t combined_mode) {
1039 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1040 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
1041 uint16_t mode = (combined_mode & BTM_BLE_DISCOVERABLE_MASK);
1042 uint8_t new_mode = BTM_BLE_ADV_ENABLE;
1043 uint8_t evt_type;
1044 tBTM_STATUS status = BTM_SUCCESS;
1045 RawAddress address = RawAddress::kEmpty;
1046 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC,
1047 own_addr_type = p_addr_cb->own_addr_type;
1048 uint16_t adv_int_min, adv_int_max;
1049
1050 BTM_TRACE_EVENT("%s mode=0x%0x combined_mode=0x%x", __func__, mode,
1051 combined_mode);
1052
1053 /*** Check mode parameter ***/
1054 if (mode > BTM_BLE_MAX_DISCOVERABLE) return (BTM_ILLEGAL_VALUE);
1055
1056 p_cb->discoverable_mode = mode;
1057
1058 evt_type =
1059 btm_set_conn_mode_adv_init_addr(address, &init_addr_type, &own_addr_type);
1060
1061 if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE &&
1062 mode == BTM_BLE_NON_DISCOVERABLE)
1063 new_mode = BTM_BLE_ADV_DISABLE;
1064
1065 btm_ble_select_adv_interval(evt_type, &adv_int_min, &adv_int_max);
1066
1067 alarm_cancel(p_cb->fast_adv_timer);
1068
1069 /* update adv params if start advertising */
1070 BTM_TRACE_EVENT("evt_type=0x%x p-cb->evt_type=0x%x ", evt_type,
1071 p_cb->evt_type);
1072
1073 if (new_mode == BTM_BLE_ADV_ENABLE) {
1074 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode, combined_mode);
1075
1076 if (evt_type != p_cb->evt_type || p_cb->adv_addr_type != own_addr_type ||
1077 !p_cb->fast_adv_on) {
1078 btm_ble_stop_adv();
1079
1080 /* update adv params */
1081 btsnd_hcic_ble_write_adv_params(adv_int_min, adv_int_max, evt_type,
1082 own_addr_type, init_addr_type, address,
1083 p_cb->adv_chnl_map, p_cb->afp);
1084 p_cb->evt_type = evt_type;
1085 p_cb->adv_addr_type = own_addr_type;
1086 }
1087 }
1088
1089 if (status == BTM_SUCCESS && p_cb->adv_mode != new_mode) {
1090 if (new_mode == BTM_BLE_ADV_ENABLE)
1091 status = btm_ble_start_adv();
1092 else
1093 status = btm_ble_stop_adv();
1094 }
1095
1096 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
1097 p_cb->fast_adv_on = true;
1098 /* start initial GAP mode adv timer */
1099 alarm_set_on_mloop(p_cb->fast_adv_timer, BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1100 btm_ble_fast_adv_timer_timeout, NULL);
1101 } else {
1102 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, true);
1103 }
1104
1105 /* set up stop advertising timer */
1106 if (status == BTM_SUCCESS && mode == BTM_BLE_LIMITED_DISCOVERABLE) {
1107 BTM_TRACE_EVENT("start timer for limited disc mode duration=%d ms",
1108 BTM_BLE_GAP_LIM_TIMEOUT_MS);
1109 /* start Tgap(lim_timeout) */
1110 alarm_set_on_mloop(p_cb->inquiry_timer, BTM_BLE_GAP_LIM_TIMEOUT_MS,
1111 btm_ble_inquiry_timer_gap_limited_discovery_timeout,
1112 NULL);
1113 }
1114 return status;
1115 }
1116
1117 /*******************************************************************************
1118 *
1119 * Function btm_ble_set_connectability
1120 *
1121 * Description This function is called to set BLE connectability mode.
1122 *
1123 * Parameters: combined_mode: connectability mode.
1124 *
1125 * Returns BTM_SUCCESS is status set successfully; otherwise failure.
1126 *
1127 ******************************************************************************/
btm_ble_set_connectability(uint16_t combined_mode)1128 tBTM_STATUS btm_ble_set_connectability(uint16_t combined_mode) {
1129 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1130 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
1131 uint16_t mode = (combined_mode & BTM_BLE_CONNECTABLE_MASK);
1132 uint8_t new_mode = BTM_BLE_ADV_ENABLE;
1133 uint8_t evt_type;
1134 tBTM_STATUS status = BTM_SUCCESS;
1135 RawAddress address = RawAddress::kEmpty;
1136 tBLE_ADDR_TYPE peer_addr_type = BLE_ADDR_PUBLIC,
1137 own_addr_type = p_addr_cb->own_addr_type;
1138 uint16_t adv_int_min, adv_int_max;
1139
1140 BTM_TRACE_EVENT("%s mode=0x%0x combined_mode=0x%x", __func__, mode,
1141 combined_mode);
1142
1143 /*** Check mode parameter ***/
1144 if (mode > BTM_BLE_MAX_CONNECTABLE) return (BTM_ILLEGAL_VALUE);
1145
1146 p_cb->connectable_mode = mode;
1147
1148 evt_type =
1149 btm_set_conn_mode_adv_init_addr(address, &peer_addr_type, &own_addr_type);
1150
1151 if (mode == BTM_BLE_NON_CONNECTABLE &&
1152 p_cb->discoverable_mode == BTM_BLE_NON_DISCOVERABLE)
1153 new_mode = BTM_BLE_ADV_DISABLE;
1154
1155 btm_ble_select_adv_interval(evt_type, &adv_int_min, &adv_int_max);
1156
1157 alarm_cancel(p_cb->fast_adv_timer);
1158 /* update adv params if needed */
1159 if (new_mode == BTM_BLE_ADV_ENABLE) {
1160 btm_ble_set_adv_flag(combined_mode, btm_cb.btm_inq_vars.discoverable_mode);
1161 if (p_cb->evt_type != evt_type ||
1162 p_cb->adv_addr_type != p_addr_cb->own_addr_type || !p_cb->fast_adv_on) {
1163 btm_ble_stop_adv();
1164
1165 btsnd_hcic_ble_write_adv_params(adv_int_min, adv_int_max, evt_type,
1166 own_addr_type, peer_addr_type, address,
1167 p_cb->adv_chnl_map, p_cb->afp);
1168 p_cb->evt_type = evt_type;
1169 p_cb->adv_addr_type = own_addr_type;
1170 }
1171 }
1172
1173 /* update advertising mode */
1174 if (status == BTM_SUCCESS && new_mode != p_cb->adv_mode) {
1175 if (new_mode == BTM_BLE_ADV_ENABLE)
1176 status = btm_ble_start_adv();
1177 else
1178 status = btm_ble_stop_adv();
1179 }
1180
1181 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
1182 p_cb->fast_adv_on = true;
1183 /* start initial GAP mode adv timer */
1184 alarm_set_on_mloop(p_cb->fast_adv_timer, BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1185 btm_ble_fast_adv_timer_timeout, NULL);
1186 } else {
1187 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, true);
1188 }
1189 return status;
1190 }
1191
btm_send_hci_scan_enable(uint8_t enable,uint8_t filter_duplicates)1192 static void btm_send_hci_scan_enable(uint8_t enable,
1193 uint8_t filter_duplicates) {
1194 if (controller_get_interface()->supports_ble_extended_advertising()) {
1195 btsnd_hcic_ble_set_extended_scan_enable(enable, filter_duplicates, 0x0000,
1196 0x0000);
1197 } else {
1198 btsnd_hcic_ble_set_scan_enable(enable, filter_duplicates);
1199 }
1200 }
1201
btm_send_hci_set_scan_params(uint8_t scan_type,uint16_t scan_int,uint16_t scan_win,uint8_t addr_type_own,uint8_t scan_filter_policy)1202 void btm_send_hci_set_scan_params(uint8_t scan_type, uint16_t scan_int,
1203 uint16_t scan_win, uint8_t addr_type_own,
1204 uint8_t scan_filter_policy) {
1205 if (controller_get_interface()->supports_ble_extended_advertising()) {
1206 scanning_phy_cfg phy_cfg;
1207 phy_cfg.scan_type = scan_type;
1208 phy_cfg.scan_int = scan_int;
1209 phy_cfg.scan_win = scan_win;
1210
1211 btsnd_hcic_ble_set_extended_scan_params(addr_type_own, scan_filter_policy,
1212 1, &phy_cfg);
1213 } else {
1214 btsnd_hcic_ble_set_scan_params(scan_type, scan_int, scan_win, addr_type_own,
1215 scan_filter_policy);
1216 }
1217 }
1218
1219 /*******************************************************************************
1220 *
1221 * Function btm_ble_start_inquiry
1222 *
1223 * Description This function is called to start BLE inquiry procedure.
1224 * If the duration is zero, the periodic inquiry mode is
1225 * cancelled.
1226 *
1227 * Parameters: mode - GENERAL or LIMITED inquiry
1228 * p_inq_params - pointer to the BLE inquiry parameter.
1229 * p_results_cb - callback returning pointer to results
1230 * (tBTM_INQ_RESULTS)
1231 * p_cmpl_cb - callback indicating the end of an inquiry
1232 *
1233 *
1234 *
1235 * Returns BTM_CMD_STARTED if successfully started
1236 * BTM_NO_RESOURCES if could not allocate a message buffer
1237 * BTM_BUSY - if an inquiry is already active
1238 *
1239 ******************************************************************************/
btm_ble_start_inquiry(uint8_t duration)1240 tBTM_STATUS btm_ble_start_inquiry(uint8_t duration) {
1241 tBTM_STATUS status = BTM_CMD_STARTED;
1242 tBTM_BLE_CB* p_ble_cb = &btm_cb.ble_ctr_cb;
1243 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1244
1245 BTM_TRACE_DEBUG("btm_ble_start_inquiry: inq_active = 0x%02x",
1246 btm_cb.btm_inq_vars.inq_active);
1247
1248 /* if selective connection is active, or inquiry is already active, reject it
1249 */
1250 if (p_ble_cb->is_ble_inquiry_active()) {
1251 BTM_TRACE_ERROR("LE Inquiry is active, can not start inquiry");
1252 return (BTM_BUSY);
1253 }
1254
1255 if (!p_ble_cb->is_ble_scan_active()) {
1256 cache.ClearAll();
1257 btm_send_hci_set_scan_params(
1258 BTM_BLE_SCAN_MODE_ACTI, BTM_BLE_LOW_LATENCY_SCAN_INT,
1259 BTM_BLE_LOW_LATENCY_SCAN_WIN,
1260 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, SP_ADV_ALL);
1261 /* enable IRK list */
1262 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
1263 p_ble_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_ACTI;
1264 btm_ble_start_scan();
1265 } else if ((p_ble_cb->inq_var.scan_interval !=
1266 BTM_BLE_LOW_LATENCY_SCAN_INT) ||
1267 (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
1268 BTM_TRACE_DEBUG("%s, restart LE scan with low latency scan params",
1269 __func__);
1270 btm_send_hci_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
1271 btm_send_hci_set_scan_params(
1272 BTM_BLE_SCAN_MODE_ACTI, BTM_BLE_LOW_LATENCY_SCAN_INT,
1273 BTM_BLE_LOW_LATENCY_SCAN_WIN,
1274 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, SP_ADV_ALL);
1275 btm_send_hci_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
1276 }
1277
1278 if (status == BTM_CMD_STARTED) {
1279 p_inq->inq_active |= BTM_BLE_GENERAL_INQUIRY;
1280 p_ble_cb->set_ble_inquiry_active();
1281
1282 BTM_TRACE_DEBUG("btm_ble_start_inquiry inq_active = 0x%02x",
1283 p_inq->inq_active);
1284
1285 if (duration != 0) {
1286 /* start inquiry timer */
1287 uint64_t duration_ms = duration * 1000;
1288 alarm_set_on_mloop(p_ble_cb->inq_var.inquiry_timer, duration_ms,
1289 btm_ble_inquiry_timer_timeout, NULL);
1290 }
1291 }
1292
1293 return status;
1294 }
1295
1296 /*******************************************************************************
1297 *
1298 * Function btm_ble_read_remote_name_cmpl
1299 *
1300 * Description This function is called when BLE remote name is received.
1301 *
1302 * Returns void
1303 *
1304 ******************************************************************************/
btm_ble_read_remote_name_cmpl(bool status,const RawAddress & bda,uint16_t length,char * p_name)1305 void btm_ble_read_remote_name_cmpl(bool status, const RawAddress& bda,
1306 uint16_t length, char* p_name) {
1307 tHCI_STATUS hci_status = HCI_SUCCESS;
1308 BD_NAME bd_name;
1309
1310 memset(bd_name, 0, (BD_NAME_LEN + 1));
1311 if (length > BD_NAME_LEN) {
1312 length = BD_NAME_LEN;
1313 }
1314 memcpy((uint8_t*)bd_name, p_name, length);
1315
1316 if ((!status) || (length == 0)) {
1317 hci_status = HCI_ERR_HOST_TIMEOUT;
1318 }
1319
1320 btm_process_remote_name(&bda, bd_name, length + 1, hci_status);
1321 btm_sec_rmt_name_request_complete(&bda, (uint8_t*)p_name, hci_status);
1322 }
1323
1324 /*******************************************************************************
1325 *
1326 * Function btm_ble_read_remote_name
1327 *
1328 * Description This function read remote LE device name using GATT read
1329 * procedure.
1330 *
1331 * Parameters: None.
1332 *
1333 * Returns void
1334 *
1335 ******************************************************************************/
btm_ble_read_remote_name(const RawAddress & remote_bda,tBTM_CMPL_CB * p_cb)1336 tBTM_STATUS btm_ble_read_remote_name(const RawAddress& remote_bda,
1337 tBTM_CMPL_CB* p_cb) {
1338 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1339
1340 if (!controller_get_interface()->supports_ble()) return BTM_ERR_PROCESSING;
1341
1342 tINQ_DB_ENT* p_i = btm_inq_db_find(remote_bda);
1343 if (p_i && !ble_evt_type_is_connectable(p_i->inq_info.results.ble_evt_type)) {
1344 BTM_TRACE_DEBUG("name request to non-connectable device failed.");
1345 return BTM_ERR_PROCESSING;
1346 }
1347
1348 /* read remote device name using GATT procedure */
1349 if (p_inq->remname_active) return BTM_BUSY;
1350
1351 if (!GAP_BleReadPeerDevName(remote_bda, btm_ble_read_remote_name_cmpl))
1352 return BTM_BUSY;
1353
1354 p_inq->p_remname_cmpl_cb = p_cb;
1355 p_inq->remname_active = true;
1356 p_inq->remname_bda = remote_bda;
1357
1358 alarm_set_on_mloop(p_inq->remote_name_timer, BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS,
1359 btm_inq_remote_name_timer_timeout, NULL);
1360
1361 return BTM_CMD_STARTED;
1362 }
1363
1364 /*******************************************************************************
1365 *
1366 * Function btm_ble_cancel_remote_name
1367 *
1368 * Description This function cancel read remote LE device name.
1369 *
1370 * Parameters: None.
1371 *
1372 * Returns void
1373 *
1374 ******************************************************************************/
btm_ble_cancel_remote_name(const RawAddress & remote_bda)1375 bool btm_ble_cancel_remote_name(const RawAddress& remote_bda) {
1376 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1377 bool status;
1378
1379 status = GAP_BleCancelReadPeerDevName(remote_bda);
1380
1381 p_inq->remname_active = false;
1382 p_inq->remname_bda = RawAddress::kEmpty;
1383 alarm_cancel(p_inq->remote_name_timer);
1384
1385 return status;
1386 }
1387
1388 /*******************************************************************************
1389 *
1390 * Function btm_ble_update_adv_flag
1391 *
1392 * Description This function update the limited discoverable flag in the
1393 * adv data.
1394 *
1395 * Parameters: None.
1396 *
1397 * Returns void
1398 *
1399 ******************************************************************************/
btm_ble_update_adv_flag(uint8_t flag)1400 static void btm_ble_update_adv_flag(uint8_t flag) {
1401 tBTM_BLE_LOCAL_ADV_DATA* p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1402 uint8_t* p;
1403
1404 BTM_TRACE_DEBUG("btm_ble_update_adv_flag new=0x%x", flag);
1405
1406 if (p_adv_data->p_flags != NULL) {
1407 BTM_TRACE_DEBUG("btm_ble_update_adv_flag old=0x%x", *p_adv_data->p_flags);
1408 *p_adv_data->p_flags = flag;
1409 } else /* no FLAGS in ADV data*/
1410 {
1411 p = (p_adv_data->p_pad == NULL) ? p_adv_data->ad_data : p_adv_data->p_pad;
1412 /* need 3 bytes space to stuff in the flags, if not */
1413 /* erase all written data, just for flags */
1414 if ((BTM_BLE_AD_DATA_LEN - (p - p_adv_data->ad_data)) < 3) {
1415 p = p_adv_data->p_pad = p_adv_data->ad_data;
1416 memset(p_adv_data->ad_data, 0, BTM_BLE_AD_DATA_LEN);
1417 }
1418
1419 *p++ = 2;
1420 *p++ = BTM_BLE_AD_TYPE_FLAG;
1421 p_adv_data->p_flags = p;
1422 *p++ = flag;
1423 p_adv_data->p_pad = p;
1424 }
1425
1426 btsnd_hcic_ble_set_adv_data(
1427 (uint8_t)(p_adv_data->p_pad - p_adv_data->ad_data), p_adv_data->ad_data);
1428 p_adv_data->data_mask |= BTM_BLE_AD_BIT_FLAGS;
1429 }
1430
1431 /**
1432 * Check ADV flag to make sure device is discoverable and match the search
1433 * condition
1434 */
btm_ble_is_discoverable(const RawAddress & bda,std::vector<uint8_t> const & adv_data)1435 static uint8_t btm_ble_is_discoverable(const RawAddress& bda,
1436 std::vector<uint8_t> const& adv_data) {
1437 uint8_t scan_state = BTM_BLE_NOT_SCANNING;
1438
1439 /* for observer, always "discoverable */
1440 if (btm_cb.ble_ctr_cb.is_ble_observe_active())
1441 scan_state |= BTM_BLE_OBS_RESULT;
1442
1443 if (!adv_data.empty()) {
1444 uint8_t flag = 0;
1445 uint8_t data_len;
1446 const uint8_t* p_flag = AdvertiseDataParser::GetFieldByType(
1447 adv_data, BTM_BLE_AD_TYPE_FLAG, &data_len);
1448 if (p_flag != NULL && data_len != 0) {
1449 flag = *p_flag;
1450
1451 if ((btm_cb.btm_inq_vars.inq_active & BTM_BLE_GENERAL_INQUIRY) &&
1452 (flag & (BTM_BLE_LIMIT_DISC_FLAG | BTM_BLE_GEN_DISC_FLAG)) != 0) {
1453 scan_state |= BTM_BLE_INQ_RESULT;
1454 }
1455 }
1456 }
1457 return scan_state;
1458 }
1459
btm_ble_appearance_to_cod(uint16_t appearance,uint8_t * dev_class)1460 static void btm_ble_appearance_to_cod(uint16_t appearance, uint8_t* dev_class) {
1461 dev_class[0] = 0;
1462
1463 switch (appearance) {
1464 case BTM_BLE_APPEARANCE_GENERIC_PHONE:
1465 dev_class[1] = BTM_COD_MAJOR_PHONE;
1466 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1467 break;
1468 case BTM_BLE_APPEARANCE_GENERIC_COMPUTER:
1469 dev_class[1] = BTM_COD_MAJOR_COMPUTER;
1470 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1471 break;
1472 case BTM_BLE_APPEARANCE_GENERIC_REMOTE:
1473 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1474 dev_class[2] = BTM_COD_MINOR_REMOTE_CONTROL;
1475 break;
1476 case BTM_BLE_APPEARANCE_GENERIC_THERMOMETER:
1477 case BTM_BLE_APPEARANCE_THERMOMETER_EAR:
1478 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1479 dev_class[2] = BTM_COD_MINOR_THERMOMETER;
1480 break;
1481 case BTM_BLE_APPEARANCE_GENERIC_HEART_RATE:
1482 case BTM_BLE_APPEARANCE_HEART_RATE_BELT:
1483 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1484 dev_class[2] = BTM_COD_MINOR_HEART_PULSE_MONITOR;
1485 break;
1486 case BTM_BLE_APPEARANCE_GENERIC_BLOOD_PRESSURE:
1487 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_ARM:
1488 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_WRIST:
1489 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1490 dev_class[2] = BTM_COD_MINOR_BLOOD_MONITOR;
1491 break;
1492 case BTM_BLE_APPEARANCE_GENERIC_PULSE_OXIMETER:
1493 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_FINGERTIP:
1494 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_WRIST:
1495 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1496 dev_class[2] = BTM_COD_MINOR_PULSE_OXIMETER;
1497 break;
1498 case BTM_BLE_APPEARANCE_GENERIC_GLUCOSE:
1499 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1500 dev_class[2] = BTM_COD_MINOR_GLUCOSE_METER;
1501 break;
1502 case BTM_BLE_APPEARANCE_GENERIC_WEIGHT:
1503 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1504 dev_class[2] = BTM_COD_MINOR_WEIGHING_SCALE;
1505 break;
1506 case BTM_BLE_APPEARANCE_GENERIC_WALKING:
1507 case BTM_BLE_APPEARANCE_WALKING_IN_SHOE:
1508 case BTM_BLE_APPEARANCE_WALKING_ON_SHOE:
1509 case BTM_BLE_APPEARANCE_WALKING_ON_HIP:
1510 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1511 dev_class[2] = BTM_COD_MINOR_STEP_COUNTER;
1512 break;
1513 case BTM_BLE_APPEARANCE_GENERIC_WATCH:
1514 case BTM_BLE_APPEARANCE_SPORTS_WATCH:
1515 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
1516 dev_class[2] = BTM_COD_MINOR_WRIST_WATCH;
1517 break;
1518 case BTM_BLE_APPEARANCE_GENERIC_EYEGLASSES:
1519 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
1520 dev_class[2] = BTM_COD_MINOR_GLASSES;
1521 break;
1522 case BTM_BLE_APPEARANCE_GENERIC_DISPLAY:
1523 dev_class[1] = BTM_COD_MAJOR_IMAGING;
1524 dev_class[2] = BTM_COD_MINOR_DISPLAY;
1525 break;
1526 case BTM_BLE_APPEARANCE_GENERIC_MEDIA_PLAYER:
1527 dev_class[1] = BTM_COD_MAJOR_AUDIO;
1528 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1529 break;
1530 case BTM_BLE_APPEARANCE_GENERIC_BARCODE_SCANNER:
1531 case BTM_BLE_APPEARANCE_HID_BARCODE_SCANNER:
1532 case BTM_BLE_APPEARANCE_GENERIC_HID:
1533 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1534 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1535 break;
1536 case BTM_BLE_APPEARANCE_HID_KEYBOARD:
1537 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1538 dev_class[2] = BTM_COD_MINOR_KEYBOARD;
1539 break;
1540 case BTM_BLE_APPEARANCE_HID_MOUSE:
1541 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1542 dev_class[2] = BTM_COD_MINOR_POINTING;
1543 break;
1544 case BTM_BLE_APPEARANCE_HID_JOYSTICK:
1545 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1546 dev_class[2] = BTM_COD_MINOR_JOYSTICK;
1547 break;
1548 case BTM_BLE_APPEARANCE_HID_GAMEPAD:
1549 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1550 dev_class[2] = BTM_COD_MINOR_GAMEPAD;
1551 break;
1552 case BTM_BLE_APPEARANCE_HID_DIGITIZER_TABLET:
1553 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1554 dev_class[2] = BTM_COD_MINOR_DIGITIZING_TABLET;
1555 break;
1556 case BTM_BLE_APPEARANCE_HID_CARD_READER:
1557 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1558 dev_class[2] = BTM_COD_MINOR_CARD_READER;
1559 break;
1560 case BTM_BLE_APPEARANCE_HID_DIGITAL_PEN:
1561 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1562 dev_class[2] = BTM_COD_MINOR_DIGITAL_PAN;
1563 break;
1564 case BTM_BLE_APPEARANCE_UKNOWN:
1565 case BTM_BLE_APPEARANCE_GENERIC_CLOCK:
1566 case BTM_BLE_APPEARANCE_GENERIC_TAG:
1567 case BTM_BLE_APPEARANCE_GENERIC_KEYRING:
1568 case BTM_BLE_APPEARANCE_GENERIC_CYCLING:
1569 case BTM_BLE_APPEARANCE_CYCLING_COMPUTER:
1570 case BTM_BLE_APPEARANCE_CYCLING_SPEED:
1571 case BTM_BLE_APPEARANCE_CYCLING_CADENCE:
1572 case BTM_BLE_APPEARANCE_CYCLING_POWER:
1573 case BTM_BLE_APPEARANCE_CYCLING_SPEED_CADENCE:
1574 case BTM_BLE_APPEARANCE_GENERIC_OUTDOOR_SPORTS:
1575 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION:
1576 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_AND_NAV:
1577 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD:
1578 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD_AND_NAV:
1579 default:
1580 dev_class[1] = BTM_COD_MAJOR_UNCLASSIFIED;
1581 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1582 };
1583 }
1584
1585 /**
1586 * Update adv packet information into inquiry result.
1587 */
btm_ble_update_inq_result(tINQ_DB_ENT * p_i,uint8_t addr_type,const RawAddress & bda,uint16_t evt_type,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,std::vector<uint8_t> const & data)1588 void btm_ble_update_inq_result(tINQ_DB_ENT* p_i, uint8_t addr_type,
1589 const RawAddress& bda, uint16_t evt_type,
1590 uint8_t primary_phy, uint8_t secondary_phy,
1591 uint8_t advertising_sid, int8_t tx_power,
1592 int8_t rssi, uint16_t periodic_adv_int,
1593 std::vector<uint8_t> const& data) {
1594 tBTM_INQ_RESULTS* p_cur = &p_i->inq_info.results;
1595 uint8_t len;
1596 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1597
1598 /* Save the info */
1599 p_cur->inq_result_type |= BTM_INQ_RESULT_BLE;
1600 p_cur->ble_addr_type = static_cast<tBLE_ADDR_TYPE>(addr_type);
1601 p_cur->rssi = rssi;
1602 p_cur->ble_primary_phy = primary_phy;
1603 p_cur->ble_secondary_phy = secondary_phy;
1604 p_cur->ble_advertising_sid = advertising_sid;
1605 p_cur->ble_tx_power = tx_power;
1606 p_cur->ble_periodic_adv_int = periodic_adv_int;
1607
1608 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI &&
1609 ble_evt_type_is_scannable(evt_type) &&
1610 !ble_evt_type_is_scan_resp(evt_type)) {
1611 p_i->scan_rsp = false;
1612 } else
1613 p_i->scan_rsp = true;
1614
1615 if (p_i->inq_count != p_inq->inq_counter)
1616 p_cur->device_type = BT_DEVICE_TYPE_BLE;
1617 else
1618 p_cur->device_type |= BT_DEVICE_TYPE_BLE;
1619
1620 if (evt_type != BTM_BLE_SCAN_RSP_EVT) p_cur->ble_evt_type = evt_type;
1621
1622 p_i->inq_count = p_inq->inq_counter; /* Mark entry for current inquiry */
1623
1624 if (!data.empty()) {
1625 const uint8_t* p_flag =
1626 AdvertiseDataParser::GetFieldByType(data, BTM_BLE_AD_TYPE_FLAG, &len);
1627 if (p_flag != NULL && len != 0) p_cur->flag = *p_flag;
1628 }
1629
1630 if (!data.empty()) {
1631 /* Check to see the BLE device has the Appearance UUID in the advertising
1632 * data. If it does
1633 * then try to convert the appearance value to a class of device value
1634 * Bluedroid can use.
1635 * Otherwise fall back to trying to infer if it is a HID device based on the
1636 * service class.
1637 */
1638 const uint8_t* p_uuid16 = AdvertiseDataParser::GetFieldByType(
1639 data, BTM_BLE_AD_TYPE_APPEARANCE, &len);
1640 if (p_uuid16 && len == 2) {
1641 btm_ble_appearance_to_cod((uint16_t)p_uuid16[0] | (p_uuid16[1] << 8),
1642 p_cur->dev_class);
1643 } else {
1644 p_uuid16 = AdvertiseDataParser::GetFieldByType(
1645 data, BTM_BLE_AD_TYPE_16SRV_CMPL, &len);
1646 if (p_uuid16 != NULL) {
1647 uint8_t i;
1648 for (i = 0; i + 2 <= len; i = i + 2) {
1649 /* if this BLE device support HID over LE, set HID Major in class of
1650 * device */
1651 if ((p_uuid16[i] | (p_uuid16[i + 1] << 8)) == UUID_SERVCLASS_LE_HID) {
1652 p_cur->dev_class[0] = 0;
1653 p_cur->dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1654 p_cur->dev_class[2] = 0;
1655 break;
1656 }
1657 }
1658 }
1659 }
1660 }
1661
1662 if ((p_cur->flag & BTM_BLE_BREDR_NOT_SPT) == 0 &&
1663 !ble_evt_type_is_directed(evt_type)) {
1664 if (p_cur->ble_addr_type != BLE_ADDR_RANDOM) {
1665 LOG_VERBOSE("NOT_BR_EDR support bit not set, treat device as DUMO");
1666 p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
1667 } else {
1668 LOG_VERBOSE("Random address, treat device as LE only");
1669 }
1670 } else {
1671 LOG_VERBOSE("NOT_BR/EDR support bit set, treat device as LE only");
1672 }
1673 }
1674
1675 /*******************************************************************************
1676 *
1677 * Function btm_clear_all_pending_le_entry
1678 *
1679 * Description This function is called to clear all LE pending entry in
1680 * inquiry database.
1681 *
1682 * Returns void
1683 *
1684 ******************************************************************************/
btm_clear_all_pending_le_entry(void)1685 void btm_clear_all_pending_le_entry(void) {
1686 uint16_t xx;
1687 tINQ_DB_ENT* p_ent = btm_cb.btm_inq_vars.inq_db;
1688
1689 for (xx = 0; xx < BTM_INQ_DB_SIZE; xx++, p_ent++) {
1690 /* mark all pending LE entry as unused if an LE only device has scan
1691 * response outstanding */
1692 if ((p_ent->in_use) &&
1693 (p_ent->inq_info.results.device_type == BT_DEVICE_TYPE_BLE) &&
1694 !p_ent->scan_rsp)
1695 p_ent->in_use = false;
1696 }
1697 }
1698
btm_ble_process_adv_addr(RawAddress & bda,uint8_t * addr_type)1699 void btm_ble_process_adv_addr(RawAddress& bda, uint8_t* addr_type) {
1700 /* map address to security record */
1701 bool match = btm_identity_addr_to_random_pseudo(&bda, addr_type, false);
1702
1703 VLOG(1) << __func__ << ": bda=" << bda;
1704 /* always do RRA resolution on host */
1705 if (!match && BTM_BLE_IS_RESOLVE_BDA(bda)) {
1706 tBTM_SEC_DEV_REC* match_rec = btm_ble_resolve_random_addr(bda);
1707 if (match_rec) {
1708 match_rec->ble.active_addr_type = tBTM_SEC_BLE::BTM_BLE_ADDR_RRA;
1709 match_rec->ble.cur_rand_addr = bda;
1710
1711 if (btm_ble_init_pseudo_addr(match_rec, bda)) {
1712 bda = match_rec->bd_addr;
1713 } else {
1714 // Assign the original address to be the current report address
1715 bda = match_rec->ble.pseudo_addr;
1716 *addr_type = match_rec->ble.ble_addr_type;
1717 }
1718 }
1719 }
1720 }
1721
1722 /**
1723 * This function is called when extended advertising report event is received .
1724 * It updates the inquiry database. If the inquiry database is full, the oldest
1725 * entry is discarded.
1726 */
btm_ble_process_ext_adv_pkt(uint8_t data_len,uint8_t * data)1727 void btm_ble_process_ext_adv_pkt(uint8_t data_len, uint8_t* data) {
1728 RawAddress bda, direct_address;
1729 uint8_t* p = data;
1730 uint8_t addr_type, num_reports, pkt_data_len, primary_phy, secondary_phy,
1731 advertising_sid;
1732 int8_t rssi, tx_power;
1733 uint16_t event_type, periodic_adv_int, direct_address_type;
1734
1735 /* Only process the results if the inquiry is still active */
1736 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) return;
1737
1738 /* Extract the number of reports in this event. */
1739 STREAM_TO_UINT8(num_reports, p);
1740
1741 constexpr int extended_report_header_size = 24;
1742 while (num_reports--) {
1743 if (p + extended_report_header_size > data + data_len) {
1744 // TODO(jpawlowski): we should crash the stack here
1745 BTM_TRACE_ERROR(
1746 "Malformed LE Extended Advertising Report Event from controller - "
1747 "can't loop the data");
1748 return;
1749 }
1750
1751 /* Extract inquiry results */
1752 STREAM_TO_UINT16(event_type, p);
1753 STREAM_TO_UINT8(addr_type, p);
1754 STREAM_TO_BDADDR(bda, p);
1755 STREAM_TO_UINT8(primary_phy, p);
1756 STREAM_TO_UINT8(secondary_phy, p);
1757 STREAM_TO_UINT8(advertising_sid, p);
1758 STREAM_TO_INT8(tx_power, p);
1759 STREAM_TO_INT8(rssi, p);
1760 STREAM_TO_UINT16(periodic_adv_int, p);
1761 STREAM_TO_UINT8(direct_address_type, p);
1762 STREAM_TO_BDADDR(direct_address, p);
1763 STREAM_TO_UINT8(pkt_data_len, p);
1764
1765 uint8_t* pkt_data = p;
1766 p += pkt_data_len; /* Advance to the the next packet*/
1767 if (p > data + data_len) {
1768 LOG(ERROR) << "Invalid pkt_data_len: " << +pkt_data_len;
1769 return;
1770 }
1771
1772 if (rssi >= 21 && rssi <= 126) {
1773 BTM_TRACE_ERROR("%s: bad rssi value in advertising report: %d", __func__,
1774 rssi);
1775 }
1776
1777 if (addr_type != BLE_ADDR_ANONYMOUS) {
1778 btm_ble_process_adv_addr(bda, &addr_type);
1779 }
1780
1781 btm_ble_process_adv_pkt_cont(event_type, addr_type, bda, primary_phy,
1782 secondary_phy, advertising_sid, tx_power, rssi,
1783 periodic_adv_int, pkt_data_len, pkt_data);
1784 }
1785 }
1786
1787 /**
1788 * This function is called when advertising report event is received. It updates
1789 * the inquiry database. If the inquiry database is full, the oldest entry is
1790 * discarded.
1791 */
btm_ble_process_adv_pkt(uint8_t data_len,uint8_t * data)1792 void btm_ble_process_adv_pkt(uint8_t data_len, uint8_t* data) {
1793 RawAddress bda;
1794 uint8_t* p = data;
1795 uint8_t legacy_evt_type, addr_type, num_reports, pkt_data_len;
1796 int8_t rssi;
1797
1798 /* Only process the results if the inquiry is still active */
1799 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) return;
1800
1801 /* Extract the number of reports in this event. */
1802 STREAM_TO_UINT8(num_reports, p);
1803
1804 constexpr int report_header_size = 10;
1805 while (num_reports--) {
1806 if (p + report_header_size > data + data_len) {
1807 // TODO(jpawlowski): we should crash the stack here
1808 BTM_TRACE_ERROR("Malformed LE Advertising Report Event from controller");
1809 return;
1810 }
1811
1812 /* Extract inquiry results */
1813 STREAM_TO_UINT8(legacy_evt_type, p);
1814 STREAM_TO_UINT8(addr_type, p);
1815 STREAM_TO_BDADDR(bda, p);
1816 STREAM_TO_UINT8(pkt_data_len, p);
1817
1818 uint8_t* pkt_data = p;
1819 p += pkt_data_len; /* Advance to the the rssi byte */
1820 if (p > data + data_len - sizeof(rssi)) {
1821 LOG(ERROR) << "Invalid pkt_data_len: " << +pkt_data_len;
1822 return;
1823 }
1824
1825 STREAM_TO_INT8(rssi, p);
1826
1827 if (rssi >= 21 && rssi <= 126) {
1828 BTM_TRACE_ERROR("%s: bad rssi value in advertising report: ", __func__,
1829 pkt_data_len, rssi);
1830 }
1831
1832 btm_ble_process_adv_addr(bda, &addr_type);
1833
1834 uint16_t event_type;
1835 event_type = 1 << BLE_EVT_LEGACY_BIT;
1836 if (legacy_evt_type == BTM_BLE_ADV_IND_EVT) {
1837 event_type |= (1 << BLE_EVT_CONNECTABLE_BIT)|
1838 (1 << BLE_EVT_SCANNABLE_BIT);
1839 } else if (legacy_evt_type == BTM_BLE_ADV_DIRECT_IND_EVT) {
1840 event_type |= (1 << BLE_EVT_CONNECTABLE_BIT)|
1841 (1 << BLE_EVT_DIRECTED_BIT);
1842 } else if (legacy_evt_type == BTM_BLE_ADV_SCAN_IND_EVT) {
1843 event_type |= (1 << BLE_EVT_SCANNABLE_BIT);
1844 } else if (legacy_evt_type == BTM_BLE_ADV_NONCONN_IND_EVT) {
1845 event_type = (1 << BLE_EVT_LEGACY_BIT);//0x0010;
1846 } else if (legacy_evt_type == BTM_BLE_SCAN_RSP_EVT) { // SCAN_RSP;
1847 // We can't distinguish between "SCAN_RSP to an ADV_IND", and "SCAN_RSP to
1848 // an ADV_SCAN_IND", so always return "SCAN_RSP to an ADV_IND"
1849 event_type |= (1 << BLE_EVT_CONNECTABLE_BIT)|
1850 (1 << BLE_EVT_SCANNABLE_BIT)|
1851 (1 << BLE_EVT_SCAN_RESPONSE_BIT);
1852 } else {
1853 BTM_TRACE_ERROR(
1854 "Malformed LE Advertising Report Event - unsupported "
1855 "legacy_event_type 0x%02x",
1856 legacy_evt_type);
1857 return;
1858 }
1859
1860 btm_ble_process_adv_pkt_cont(
1861 event_type, addr_type, bda, PHY_LE_1M, PHY_LE_NO_PACKET, NO_ADI_PRESENT,
1862 TX_POWER_NOT_PRESENT, rssi, 0x00 /* no periodic adv */, pkt_data_len,
1863 pkt_data);
1864 }
1865 }
1866
1867 /**
1868 * This function is called after random address resolution is done, and proceed
1869 * to process adv packet.
1870 */
btm_ble_process_adv_pkt_cont(uint16_t evt_type,uint8_t addr_type,const RawAddress & bda,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,uint8_t data_len,uint8_t * data)1871 void btm_ble_process_adv_pkt_cont(uint16_t evt_type, uint8_t addr_type,
1872 const RawAddress& bda, uint8_t primary_phy,
1873 uint8_t secondary_phy,
1874 uint8_t advertising_sid, int8_t tx_power,
1875 int8_t rssi, uint16_t periodic_adv_int,
1876 uint8_t data_len, uint8_t* data) {
1877 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1878 bool update = true;
1879
1880 std::vector<uint8_t> tmp;
1881 if (data_len != 0) tmp.insert(tmp.begin(), data, data + data_len);
1882
1883 bool is_scannable = ble_evt_type_is_scannable(evt_type);
1884 bool is_scan_resp = ble_evt_type_is_scan_resp(evt_type);
1885 bool is_legacy = ble_evt_type_is_legacy(evt_type);
1886
1887 // We might receive a legacy scan response without receving a ADV_IND
1888 // or ADV_SCAN_IND before. Only parsing the scan response data which
1889 // has no ad flag, the device will be set to DUMO mode. The createbond
1890 // procedure will use the wrong device mode.
1891 // In such case no necessary to report scan response
1892 if(is_legacy && is_scan_resp && !cache.Exist(addr_type, bda))
1893 return;
1894
1895 bool is_start = is_legacy && is_scannable && !is_scan_resp;
1896
1897 if (is_legacy)
1898 AdvertiseDataParser::RemoveTrailingZeros(tmp);
1899
1900 // We might have send scan request to this device before, but didn't get the
1901 // response. In such case make sure data is put at start, not appended to
1902 // already existing data.
1903 std::vector<uint8_t> const& adv_data =
1904 is_start ? cache.Set(addr_type, bda, std::move(tmp))
1905 : cache.Append(addr_type, bda, std::move(tmp));
1906
1907 bool data_complete = (ble_evt_type_data_status(evt_type) != 0x01);
1908
1909 if (!data_complete) {
1910 // If we didn't receive whole adv data yet, don't report the device.
1911 DVLOG(1) << "Data not complete yet, waiting for more " << bda;
1912 return;
1913 }
1914
1915 bool is_active_scan =
1916 btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI;
1917 if (is_active_scan && is_scannable && !is_scan_resp) {
1918 // If we didn't receive scan response yet, don't report the device.
1919 DVLOG(1) << " Waiting for scan response " << bda;
1920 return;
1921 }
1922
1923 if (!AdvertiseDataParser::IsValid(adv_data)) {
1924 DVLOG(1) << __func__ << "Dropping bad advertisement packet: "
1925 << base::HexEncode(adv_data.data(), adv_data.size());
1926 cache.Clear(addr_type, bda);
1927 return;
1928 }
1929
1930 tINQ_DB_ENT* p_i = btm_inq_db_find(bda);
1931
1932 /* Check if this address has already been processed for this inquiry */
1933 if (btm_inq_find_bdaddr(bda)) {
1934 /* never been report as an LE device */
1935 if (p_i && (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
1936 /* scan response to be updated */
1937 (!p_i->scan_rsp))) {
1938 update = true;
1939 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
1940 update = false;
1941 } else {
1942 /* if yes, skip it */
1943 cache.Clear(addr_type, bda);
1944 return; /* assumption: one result per event */
1945 }
1946 }
1947 /* If existing entry, use that, else get a new one (possibly reusing the
1948 * oldest) */
1949 if (p_i == NULL) {
1950 p_i = btm_inq_db_new(bda);
1951 if (p_i != NULL) {
1952 p_inq->inq_cmpl_info.num_resp++;
1953 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
1954 } else
1955 return;
1956 } else if (p_i->inq_count !=
1957 p_inq->inq_counter) /* first time seen in this inquiry */
1958 {
1959 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
1960 p_inq->inq_cmpl_info.num_resp++;
1961 }
1962
1963 /* update the LE device information in inquiry database */
1964 btm_ble_update_inq_result(p_i, addr_type, bda, evt_type, primary_phy,
1965 secondary_phy, advertising_sid, tx_power, rssi,
1966 periodic_adv_int, adv_data);
1967
1968 uint8_t result = btm_ble_is_discoverable(bda, adv_data);
1969 if (result == 0) {
1970 // Device no longer discoverable so discard outstanding advertising packet
1971 cache.Clear(addr_type, bda);
1972 return;
1973 }
1974
1975 if (!update) result &= ~BTM_BLE_INQ_RESULT;
1976
1977 tBTM_INQ_RESULTS_CB* p_inq_results_cb = p_inq->p_inq_results_cb;
1978 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT)) {
1979 (p_inq_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
1980 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
1981 }
1982
1983 tBTM_INQ_RESULTS_CB* p_obs_results_cb = btm_cb.ble_ctr_cb.p_obs_results_cb;
1984 if (p_obs_results_cb && (result & BTM_BLE_OBS_RESULT)) {
1985 (p_obs_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
1986 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
1987 }
1988
1989 cache.Clear(addr_type, bda);
1990 }
1991
1992 /**
1993 * This function copy from btm_ble_process_adv_pkt_cont to process adv packet
1994 * from gd scanning module to handle inquiry result callback.
1995 */
btm_ble_process_adv_pkt_cont_for_inquiry(uint16_t evt_type,uint8_t addr_type,const RawAddress & bda,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,std::vector<uint8_t> advertising_data)1996 void btm_ble_process_adv_pkt_cont_for_inquiry(
1997 uint16_t evt_type, uint8_t addr_type, const RawAddress& bda,
1998 uint8_t primary_phy, uint8_t secondary_phy, uint8_t advertising_sid,
1999 int8_t tx_power, int8_t rssi, uint16_t periodic_adv_int,
2000 std::vector<uint8_t> advertising_data) {
2001 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
2002 bool update = true;
2003
2004 tINQ_DB_ENT* p_i = btm_inq_db_find(bda);
2005
2006 /* Check if this address has already been processed for this inquiry */
2007 if (btm_inq_find_bdaddr(bda)) {
2008 /* never been report as an LE device */
2009 if (p_i && (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2010 /* scan response to be updated */
2011 (!p_i->scan_rsp))) {
2012 update = true;
2013 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
2014 update = false;
2015 } else {
2016 /* if yes, skip it */
2017 return; /* assumption: one result per event */
2018 }
2019 }
2020
2021 /* If existing entry, use that, else get a new one (possibly reusing the
2022 * oldest) */
2023 if (p_i == NULL) {
2024 p_i = btm_inq_db_new(bda);
2025 if (p_i != NULL) {
2026 p_inq->inq_cmpl_info.num_resp++;
2027 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2028 } else
2029 return;
2030 } else if (p_i->inq_count !=
2031 p_inq->inq_counter) /* first time seen in this inquiry */
2032 {
2033 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2034 p_inq->inq_cmpl_info.num_resp++;
2035 }
2036
2037 /* update the LE device information in inquiry database */
2038 btm_ble_update_inq_result(p_i, addr_type, bda, evt_type, primary_phy,
2039 secondary_phy, advertising_sid, tx_power, rssi,
2040 periodic_adv_int, advertising_data);
2041
2042 uint8_t result = btm_ble_is_discoverable(bda, advertising_data);
2043 if (result == 0) {
2044 return;
2045 }
2046
2047 if (!update) result &= ~BTM_BLE_INQ_RESULT;
2048
2049 tBTM_INQ_RESULTS_CB* p_inq_results_cb = p_inq->p_inq_results_cb;
2050 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT)) {
2051 (p_inq_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2052 const_cast<uint8_t*>(advertising_data.data()),
2053 advertising_data.size());
2054 }
2055 }
2056
btm_ble_process_phy_update_pkt(uint8_t len,uint8_t * data)2057 void btm_ble_process_phy_update_pkt(uint8_t len, uint8_t* data) {
2058 uint8_t status, tx_phy, rx_phy;
2059 uint16_t handle;
2060
2061 LOG_ASSERT(len == 5);
2062 uint8_t* p = data;
2063 STREAM_TO_UINT8(status, p);
2064 STREAM_TO_UINT16(handle, p);
2065 handle = handle & 0x0FFF;
2066 STREAM_TO_UINT8(tx_phy, p);
2067 STREAM_TO_UINT8(rx_phy, p);
2068
2069 gatt_notify_phy_updated(static_cast<tGATT_STATUS>(status), handle, tx_phy,
2070 rx_phy);
2071 }
2072
2073 /*******************************************************************************
2074 *
2075 * Function btm_ble_start_scan
2076 *
2077 * Description Start the BLE scan.
2078 *
2079 * Returns void
2080 *
2081 ******************************************************************************/
btm_ble_start_scan()2082 void btm_ble_start_scan() {
2083 tBTM_BLE_INQ_CB* p_inq = &btm_cb.ble_ctr_cb.inq_var;
2084 /* start scan, disable duplicate filtering */
2085 btm_send_hci_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
2086
2087 if (p_inq->scan_type == BTM_BLE_SCAN_MODE_ACTI)
2088 btm_ble_set_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2089 else
2090 btm_ble_set_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2091 }
2092
2093 /*******************************************************************************
2094 *
2095 * Function btm_ble_stop_scan
2096 *
2097 * Description Stop the BLE scan.
2098 *
2099 * Returns void
2100 *
2101 ******************************************************************************/
btm_ble_stop_scan(void)2102 void btm_ble_stop_scan(void) {
2103 BTM_TRACE_EVENT("btm_ble_stop_scan ");
2104
2105 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI)
2106 btm_ble_clear_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2107 else
2108 btm_ble_clear_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2109
2110 /* Clear the inquiry callback if set */
2111 btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2112
2113 /* stop discovery now */
2114 btm_send_hci_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2115
2116 btm_update_scanner_filter_policy(SP_ADV_ALL);
2117 }
2118 /*******************************************************************************
2119 *
2120 * Function btm_ble_stop_inquiry
2121 *
2122 * Description Stop the BLE Inquiry.
2123 *
2124 * Returns void
2125 *
2126 ******************************************************************************/
btm_ble_stop_inquiry(void)2127 void btm_ble_stop_inquiry(void) {
2128 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
2129 tBTM_BLE_CB* p_ble_cb = &btm_cb.ble_ctr_cb;
2130
2131 alarm_cancel(p_ble_cb->inq_var.inquiry_timer);
2132
2133 p_ble_cb->reset_ble_inquiry();
2134
2135 /* If no more scan activity, stop LE scan now */
2136 if (!p_ble_cb->is_ble_scan_active()) {
2137 btm_ble_stop_scan();
2138 } else if ((p_ble_cb->inq_var.scan_interval !=
2139 BTM_BLE_LOW_LATENCY_SCAN_INT) ||
2140 (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
2141 BTM_TRACE_DEBUG("%s: setting default params for ongoing observe", __func__);
2142 btm_ble_stop_scan();
2143 btm_ble_start_scan();
2144 }
2145
2146 /* If we have a callback registered for inquiry complete, call it */
2147 BTM_TRACE_DEBUG("BTM Inq Compl Callback: status 0x%02x, num results %d",
2148 p_inq->inq_cmpl_info.status, p_inq->inq_cmpl_info.num_resp);
2149
2150 btm_process_inq_complete(
2151 HCI_SUCCESS, (uint8_t)(p_inq->inqparms.mode & BTM_BLE_INQUIRY_MASK));
2152 }
2153
2154 /*******************************************************************************
2155 *
2156 * Function btm_ble_stop_observe
2157 *
2158 * Description Stop the BLE Observe.
2159 *
2160 * Returns void
2161 *
2162 ******************************************************************************/
btm_ble_stop_observe(void)2163 static void btm_ble_stop_observe(void) {
2164 tBTM_BLE_CB* p_ble_cb = &btm_cb.ble_ctr_cb;
2165 tBTM_CMPL_CB* p_obs_cb = p_ble_cb->p_obs_cmpl_cb;
2166
2167 alarm_cancel(p_ble_cb->observer_timer);
2168
2169 p_ble_cb->reset_ble_observe();
2170
2171 p_ble_cb->p_obs_results_cb = NULL;
2172 p_ble_cb->p_obs_cmpl_cb = NULL;
2173
2174 if (!p_ble_cb->is_ble_scan_active()) {
2175 btm_ble_stop_scan();
2176 }
2177
2178 if (p_obs_cb) (p_obs_cb)(&btm_cb.btm_inq_vars.inq_cmpl_info);
2179 }
2180 /*******************************************************************************
2181 *
2182 * Function btm_ble_adv_states_operation
2183 *
2184 * Description Set or clear adv states in topology mask
2185 *
2186 * Returns operation status. true if sucessful, false otherwise.
2187 *
2188 ******************************************************************************/
2189 typedef bool(BTM_TOPOLOGY_FUNC_PTR)(tBTM_BLE_STATE_MASK);
btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR * p_handler,uint8_t adv_evt)2190 static bool btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR* p_handler,
2191 uint8_t adv_evt) {
2192 bool rt = false;
2193
2194 switch (adv_evt) {
2195 case BTM_BLE_CONNECT_EVT:
2196 rt = (*p_handler)(BTM_BLE_STATE_CONN_ADV_BIT);
2197 break;
2198
2199 case BTM_BLE_NON_CONNECT_EVT:
2200 rt = (*p_handler)(BTM_BLE_STATE_NON_CONN_ADV_BIT);
2201 break;
2202 case BTM_BLE_CONNECT_DIR_EVT:
2203 rt = (*p_handler)(BTM_BLE_STATE_HI_DUTY_DIR_ADV_BIT);
2204 break;
2205
2206 case BTM_BLE_DISCOVER_EVT:
2207 rt = (*p_handler)(BTM_BLE_STATE_SCAN_ADV_BIT);
2208 break;
2209
2210 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
2211 rt = (*p_handler)(BTM_BLE_STATE_LO_DUTY_DIR_ADV_BIT);
2212 break;
2213
2214 default:
2215 BTM_TRACE_ERROR("unknown adv event : %d", adv_evt);
2216 break;
2217 }
2218
2219 return rt;
2220 }
2221
2222 /*******************************************************************************
2223 *
2224 * Function btm_ble_start_adv
2225 *
2226 * Description start the BLE advertising.
2227 *
2228 * Returns void
2229 *
2230 ******************************************************************************/
btm_ble_start_adv(void)2231 tBTM_STATUS btm_ble_start_adv(void) {
2232 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2233
2234 if (!btm_ble_adv_states_operation(btm_ble_topology_check, p_cb->evt_type))
2235 return BTM_WRONG_MODE;
2236
2237 /* To relax resolving list, always have resolving list enabled, unless
2238 * directed adv */
2239 if (p_cb->evt_type != BTM_BLE_CONNECT_LO_DUTY_DIR_EVT &&
2240 p_cb->evt_type != BTM_BLE_CONNECT_DIR_EVT)
2241 /* enable resolving list is desired */
2242 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_ADV);
2243
2244 btsnd_hcic_ble_set_adv_enable(BTM_BLE_ADV_ENABLE);
2245 p_cb->adv_mode = BTM_BLE_ADV_ENABLE;
2246 btm_ble_adv_states_operation(btm_ble_set_topology_mask, p_cb->evt_type);
2247 return BTM_SUCCESS;
2248 }
2249
2250 /*******************************************************************************
2251 *
2252 * Function btm_ble_stop_adv
2253 *
2254 * Description Stop the BLE advertising.
2255 *
2256 * Returns void
2257 *
2258 ******************************************************************************/
btm_ble_stop_adv(void)2259 tBTM_STATUS btm_ble_stop_adv(void) {
2260 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2261
2262 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
2263 btsnd_hcic_ble_set_adv_enable(BTM_BLE_ADV_DISABLE);
2264
2265 p_cb->fast_adv_on = false;
2266 p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
2267
2268 /* clear all adv states */
2269 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2270 }
2271 return BTM_SUCCESS;
2272 }
2273
btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void * data)2274 static void btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void* data) {
2275 /* fast adv is completed, fall back to slow adv interval */
2276 btm_ble_start_slow_adv();
2277 }
2278
2279 /*******************************************************************************
2280 *
2281 * Function btm_ble_start_slow_adv
2282 *
2283 * Description Restart adv with slow adv interval
2284 *
2285 * Returns void
2286 *
2287 ******************************************************************************/
btm_ble_start_slow_adv(void)2288 static void btm_ble_start_slow_adv(void) {
2289 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2290
2291 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
2292 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
2293 RawAddress address = RawAddress::kEmpty;
2294 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
2295 tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
2296
2297 btm_ble_stop_adv();
2298
2299 p_cb->evt_type = btm_set_conn_mode_adv_init_addr(address, &init_addr_type,
2300 &own_addr_type);
2301
2302 /* slow adv mode never goes into directed adv */
2303 btsnd_hcic_ble_write_adv_params(
2304 BTM_BLE_GAP_ADV_SLOW_INT, BTM_BLE_GAP_ADV_SLOW_INT, p_cb->evt_type,
2305 own_addr_type, init_addr_type, address, p_cb->adv_chnl_map, p_cb->afp);
2306
2307 btm_ble_start_adv();
2308 }
2309 }
2310
btm_ble_inquiry_timer_gap_limited_discovery_timeout(UNUSED_ATTR void * data)2311 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(
2312 UNUSED_ATTR void* data) {
2313 /* lim_timeout expired, limited discovery should exit now */
2314 btm_cb.btm_inq_vars.discoverable_mode &= ~BTM_BLE_LIMITED_DISCOVERABLE;
2315 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode,
2316 btm_cb.btm_inq_vars.discoverable_mode);
2317 }
2318
btm_ble_inquiry_timer_timeout(UNUSED_ATTR void * data)2319 static void btm_ble_inquiry_timer_timeout(UNUSED_ATTR void* data) {
2320 btm_ble_stop_inquiry();
2321 }
2322
btm_ble_observer_timer_timeout(UNUSED_ATTR void * data)2323 static void btm_ble_observer_timer_timeout(UNUSED_ATTR void* data) {
2324 btm_ble_stop_observe();
2325 }
2326
2327 /*******************************************************************************
2328 *
2329 * Function btm_ble_read_remote_features_complete
2330 *
2331 * Description This function is called when the command complete message
2332 * is received from the HCI for the read LE remote feature
2333 * supported complete event.
2334 *
2335 * Returns void
2336 *
2337 ******************************************************************************/
btm_ble_read_remote_features_complete(uint8_t * p)2338 void btm_ble_read_remote_features_complete(uint8_t* p) {
2339 uint16_t handle;
2340 uint8_t status;
2341 STREAM_TO_UINT8(status, p);
2342 STREAM_TO_UINT16(handle, p);
2343 handle = handle & 0x0FFF; // only 12 bits meaningful
2344
2345 if (status != HCI_SUCCESS) {
2346 if (status != HCI_ERR_UNSUPPORTED_REM_FEATURE) {
2347 LOG_ERROR("Failed to read remote features status:%s",
2348 hci_error_code_text(static_cast<tHCI_STATUS>(status)).c_str());
2349 return;
2350 }
2351 LOG_WARN("Remote does not support reading remote feature");
2352 }
2353
2354 if (status == HCI_SUCCESS) {
2355 if (!acl_set_peer_le_features_from_handle(handle, p)) {
2356 LOG_ERROR(
2357 "Unable to find existing connection after read remote features");
2358 return;
2359 }
2360 }
2361
2362 btsnd_hcic_rmt_ver_req(handle);
2363 }
2364
2365 /*******************************************************************************
2366 *
2367 * Function btm_ble_write_adv_enable_complete
2368 *
2369 * Description This function process the write adv enable command complete.
2370 *
2371 * Returns void
2372 *
2373 ******************************************************************************/
btm_ble_write_adv_enable_complete(uint8_t * p)2374 void btm_ble_write_adv_enable_complete(uint8_t* p) {
2375 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2376
2377 /* if write adv enable/disbale not succeed */
2378 if (*p != HCI_SUCCESS) {
2379 /* toggle back the adv mode */
2380 p_cb->adv_mode = !p_cb->adv_mode;
2381 }
2382 }
2383
2384 /*******************************************************************************
2385 *
2386 * Function btm_ble_dir_adv_tout
2387 *
2388 * Description when directed adv time out
2389 *
2390 * Returns void
2391 *
2392 ******************************************************************************/
btm_ble_dir_adv_tout(void)2393 void btm_ble_dir_adv_tout(void) {
2394 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2395
2396 /* make device fall back into undirected adv mode by default */
2397 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2398 }
2399
2400 /*******************************************************************************
2401 *
2402 * Function btm_ble_set_topology_mask
2403 *
2404 * Description set BLE topology mask
2405 *
2406 * Returns true is request is allowed, false otherwise.
2407 *
2408 ******************************************************************************/
btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)2409 bool btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask) {
2410 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
2411 btm_cb.ble_ctr_cb.cur_states |= (request_state_mask & BTM_BLE_STATE_ALL_MASK);
2412 return true;
2413 }
2414
2415 /*******************************************************************************
2416 *
2417 * Function btm_ble_clear_topology_mask
2418 *
2419 * Description Clear BLE topology bit mask
2420 *
2421 * Returns true is request is allowed, false otherwise.
2422 *
2423 ******************************************************************************/
btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)2424 bool btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask) {
2425 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
2426 btm_cb.ble_ctr_cb.cur_states &= ~request_state_mask;
2427 return true;
2428 }
2429
2430 /*******************************************************************************
2431 *
2432 * Function btm_ble_update_link_topology_mask
2433 *
2434 * Description This function update the link topology mask
2435 *
2436 * Returns void
2437 *
2438 ******************************************************************************/
btm_ble_update_link_topology_mask(uint8_t link_role,bool increase)2439 static void btm_ble_update_link_topology_mask(uint8_t link_role,
2440 bool increase) {
2441 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_CONN_MASK);
2442
2443 if (increase)
2444 btm_cb.ble_ctr_cb.link_count[link_role]++;
2445 else if (btm_cb.ble_ctr_cb.link_count[link_role] > 0)
2446 btm_cb.ble_ctr_cb.link_count[link_role]--;
2447
2448 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_CENTRAL])
2449 btm_ble_set_topology_mask(BTM_BLE_STATE_CENTRAL_BIT);
2450
2451 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_PERIPHERAL])
2452 btm_ble_set_topology_mask(BTM_BLE_STATE_PERIPHERAL_BIT);
2453
2454 if (link_role == HCI_ROLE_PERIPHERAL && increase) {
2455 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2456 /* make device fall back into undirected adv mode by default */
2457 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2458 /* clear all adv states */
2459 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2460 }
2461 }
2462
btm_ble_increment_link_topology_mask(uint8_t link_role)2463 void btm_ble_increment_link_topology_mask(uint8_t link_role) {
2464 btm_ble_update_link_topology_mask(link_role, true);
2465 }
2466
btm_ble_decrement_link_topology_mask(uint8_t link_role)2467 void btm_ble_decrement_link_topology_mask(uint8_t link_role) {
2468 btm_ble_update_link_topology_mask(link_role, false);
2469 }
2470
2471 /*******************************************************************************
2472 *
2473 * Function btm_ble_update_mode_operation
2474 *
2475 * Description This function update the GAP role operation when a link
2476 * status is updated.
2477 *
2478 * Returns void
2479 *
2480 ******************************************************************************/
btm_ble_update_mode_operation(uint8_t link_role,const RawAddress * bd_addr,tHCI_STATUS status)2481 void btm_ble_update_mode_operation(uint8_t link_role, const RawAddress* bd_addr,
2482 tHCI_STATUS status) {
2483 if (status == HCI_ERR_ADVERTISING_TIMEOUT) {
2484 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2485 /* make device fall back into undirected adv mode by default */
2486 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2487 /* clear all adv states */
2488 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2489 }
2490
2491 if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_CONNECTABLE) {
2492 btm_ble_set_connectability(btm_cb.btm_inq_vars.connectable_mode |
2493 btm_cb.ble_ctr_cb.inq_var.connectable_mode);
2494 }
2495
2496 /* in case of disconnected, we must cancel bgconn and restart
2497 in order to add back device to acceptlist in order to reconnect */
2498 if (bd_addr != nullptr) {
2499 const RawAddress bda(*bd_addr);
2500 if (bluetooth::shim::is_gd_acl_enabled()) {
2501 if (acl_check_and_clear_ignore_auto_connect_after_disconnect(bda)) {
2502 LOG_DEBUG(
2503 "Local disconnect initiated so skipping re-add to acceptlist "
2504 "device:%s",
2505 PRIVATE_ADDRESS(bda));
2506 } else {
2507 if (!bluetooth::shim::ACL_AcceptLeConnectionFrom(
2508 convert_to_address_with_type(bda, btm_find_dev(bda)),
2509 /* is_direct */ false)) {
2510 LOG_ERROR("Unable to add to acceptlist as it is full:%s",
2511 PRIVATE_ADDRESS(bda));
2512 }
2513 }
2514 } else {
2515 btm_ble_bgconn_cancel_if_disconnected(bda);
2516 }
2517 }
2518
2519 /* when no connection is attempted, and controller is not rejecting last
2520 request
2521 due to resource limitation, start next direct connection or background
2522 connection
2523 now in order */
2524 if (btm_cb.ble_ctr_cb.is_connection_state_idle() &&
2525 status != HCI_ERR_HOST_REJECT_RESOURCES &&
2526 status != HCI_ERR_MAX_NUM_OF_CONNECTIONS) {
2527 LOG_DEBUG("Resuming le background connections");
2528 btm_ble_resume_bg_conn();
2529 }
2530 }
2531
2532 /*******************************************************************************
2533 *
2534 * Function btm_ble_init
2535 *
2536 * Description Initialize the control block variable values.
2537 *
2538 * Returns void
2539 *
2540 ******************************************************************************/
btm_ble_init(void)2541 void btm_ble_init(void) {
2542 tBTM_BLE_CB* p_cb = &btm_cb.ble_ctr_cb;
2543
2544 BTM_TRACE_DEBUG("%s", __func__);
2545
2546 alarm_free(p_cb->observer_timer);
2547 alarm_free(p_cb->inq_var.fast_adv_timer);
2548 memset(p_cb, 0, sizeof(tBTM_BLE_CB));
2549 memset(&(btm_cb.cmn_ble_vsc_cb), 0, sizeof(tBTM_BLE_VSC_CB));
2550 btm_cb.cmn_ble_vsc_cb.values_read = false;
2551
2552 p_cb->observer_timer = alarm_new("btm_ble.observer_timer");
2553 p_cb->cur_states = 0;
2554
2555 p_cb->inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2556 p_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2557 p_cb->inq_var.adv_chnl_map = BTM_BLE_DEFAULT_ADV_CHNL_MAP;
2558 p_cb->inq_var.afp = BTM_BLE_DEFAULT_AFP;
2559 p_cb->inq_var.sfp = BTM_BLE_DEFAULT_SFP;
2560 p_cb->inq_var.connectable_mode = BTM_BLE_NON_CONNECTABLE;
2561 p_cb->inq_var.discoverable_mode = BTM_BLE_NON_DISCOVERABLE;
2562 p_cb->inq_var.fast_adv_timer = alarm_new("btm_ble_inq.fast_adv_timer");
2563 p_cb->inq_var.inquiry_timer = alarm_new("btm_ble_inq.inquiry_timer");
2564
2565 /* for background connection, reset connection params to be undefined */
2566 p_cb->scan_int = p_cb->scan_win = BTM_BLE_SCAN_PARAM_UNDEF;
2567
2568 p_cb->inq_var.evt_type = BTM_BLE_NON_CONNECT_EVT;
2569
2570 p_cb->addr_mgnt_cb.refresh_raddr_timer =
2571 alarm_new("btm_ble_addr.refresh_raddr_timer");
2572
2573 #if (BLE_VND_INCLUDED == FALSE)
2574 btm_ble_adv_filter_init();
2575 #endif
2576 }
2577
2578 // Clean up btm ble control block
btm_ble_free()2579 void btm_ble_free() {
2580 tBTM_BLE_CB* p_cb = &btm_cb.ble_ctr_cb;
2581 alarm_free(p_cb->addr_mgnt_cb.refresh_raddr_timer);
2582 }
2583
2584 /*******************************************************************************
2585 *
2586 * Function btm_ble_topology_check
2587 *
2588 * Description check to see requested state is supported. One state check
2589 * at a time is supported
2590 *
2591 * Returns true is request is allowed, false otherwise.
2592 *
2593 ******************************************************************************/
btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)2594 bool btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask) {
2595 bool rt = false;
2596
2597 uint8_t state_offset = 0;
2598 uint16_t cur_states = btm_cb.ble_ctr_cb.cur_states;
2599 uint8_t request_state = 0;
2600
2601 /* check only one bit is set and within valid range */
2602 if (request_state_mask == BTM_BLE_STATE_INVALID ||
2603 request_state_mask > BTM_BLE_STATE_SCAN_ADV_BIT ||
2604 (request_state_mask & (request_state_mask - 1)) != 0) {
2605 BTM_TRACE_ERROR("illegal state requested: %d", request_state_mask);
2606 return rt;
2607 }
2608
2609 while (request_state_mask) {
2610 request_state_mask >>= 1;
2611 request_state++;
2612 }
2613
2614 /* check if the requested state is supported or not */
2615 uint8_t bit_num = btm_le_state_combo_tbl[0][request_state - 1];
2616 const uint8_t* ble_supported_states =
2617 controller_get_interface()->get_ble_supported_states();
2618
2619 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, bit_num)) {
2620 BTM_TRACE_ERROR("state requested not supported: %d", request_state);
2621 return rt;
2622 }
2623
2624 rt = true;
2625 /* make sure currently active states are all supported in conjunction with the
2626 requested state. If the bit in table is UNSUPPORTED, the combination is not
2627 supported */
2628 while (cur_states != 0) {
2629 if (cur_states & 0x01) {
2630 uint8_t bit_num = btm_le_state_combo_tbl[request_state][state_offset];
2631 if (bit_num != UNSUPPORTED) {
2632 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, bit_num)) {
2633 rt = false;
2634 break;
2635 }
2636 }
2637 }
2638 cur_states >>= 1;
2639 state_offset++;
2640 }
2641 return rt;
2642 }
2643