1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions that handle BTM interface functions for the
22 * Bluetooth device including Rest, HCI buffer size and others
23 *
24 ******************************************************************************/
25
26 #include <base/logging.h>
27 #include <stddef.h>
28 #include <stdlib.h>
29 #include <string.h>
30
31 #include "bta/dm/bta_dm_int.h"
32 #include "bta/sys/bta_sys.h"
33 #include "btcore/include/module.h"
34 #include "btif/include/btif_bqr.h"
35 #include "common/message_loop_thread.h"
36 #include "hci/include/hci_layer.h"
37 #include "hci/include/hci_packet_factory.h"
38 #include "main/shim/btm_api.h"
39 #include "main/shim/controller.h"
40 #include "main/shim/entry.h"
41 #include "main/shim/hci_layer.h"
42 #include "main/shim/shim.h"
43 #include "osi/include/compat.h"
44 #include "osi/include/osi.h"
45 #include "stack/btm/btm_ble_int.h"
46 #include "stack/gatt/connection_manager.h"
47 #include "stack/include/acl_api.h"
48 #include "stack/include/bt_hdr.h"
49 #include "stack/include/l2cap_controller_interface.h"
50 #include "types/raw_address.h"
51
52 extern tBTM_CB btm_cb;
53
54 extern void btm_inq_db_reset(void);
55 extern void btm_pm_reset(void);
56 /******************************************************************************/
57 /* L O C A L D A T A D E F I N I T I O N S */
58 /******************************************************************************/
59
60 #ifndef BTM_DEV_RESET_TIMEOUT
61 #define BTM_DEV_RESET_TIMEOUT 4
62 #endif
63
64 // TODO: Reevaluate this value in the context of timers with ms granularity
65 #define BTM_DEV_NAME_REPLY_TIMEOUT_MS \
66 (2 * 1000) /* 2 seconds for name reply \
67 */
68
69 #define BTM_INFO_TIMEOUT 5 /* 5 seconds for info response */
70
71 /******************************************************************************/
72 /* L O C A L F U N C T I O N P R O T O T Y P E S */
73 /******************************************************************************/
74
75 static void decode_controller_support();
76 static void BTM_BT_Quality_Report_VSE_CBack(uint8_t length,
77 const uint8_t* p_stream);
78
79 /*******************************************************************************
80 *
81 * Function btm_dev_init
82 *
83 * Description This function is on the BTM startup
84 *
85 * Returns void
86 *
87 ******************************************************************************/
btm_dev_init()88 void btm_dev_init() {
89 /* Initialize nonzero defaults */
90 memset(btm_cb.cfg.bd_name, 0, sizeof(tBTM_LOC_BD_NAME));
91
92 btm_cb.devcb.read_local_name_timer = alarm_new("btm.read_local_name_timer");
93 btm_cb.devcb.read_rssi_timer = alarm_new("btm.read_rssi_timer");
94 btm_cb.devcb.read_failed_contact_counter_timer =
95 alarm_new("btm.read_failed_contact_counter_timer");
96 btm_cb.devcb.read_automatic_flush_timeout_timer =
97 alarm_new("btm.read_automatic_flush_timeout_timer");
98 btm_cb.devcb.read_link_quality_timer =
99 alarm_new("btm.read_link_quality_timer");
100 btm_cb.devcb.read_tx_power_timer = alarm_new("btm.read_tx_power_timer");
101 }
102
btm_dev_free()103 void btm_dev_free() {
104 alarm_free(btm_cb.devcb.read_local_name_timer);
105 alarm_free(btm_cb.devcb.read_rssi_timer);
106 alarm_free(btm_cb.devcb.read_failed_contact_counter_timer);
107 alarm_free(btm_cb.devcb.read_automatic_flush_timeout_timer);
108 alarm_free(btm_cb.devcb.read_link_quality_timer);
109 alarm_free(btm_cb.devcb.read_tx_power_timer);
110 }
111
112 /*******************************************************************************
113 *
114 * Function btm_db_reset
115 *
116 * Returns void
117 *
118 ******************************************************************************/
BTM_db_reset(void)119 void BTM_db_reset(void) {
120 tBTM_CMPL_CB* p_cb;
121
122 btm_inq_db_reset();
123
124 if (btm_cb.devcb.p_rln_cmpl_cb) {
125 p_cb = btm_cb.devcb.p_rln_cmpl_cb;
126 btm_cb.devcb.p_rln_cmpl_cb = NULL;
127
128 if (p_cb) (*p_cb)((void*)NULL);
129 }
130
131 if (btm_cb.devcb.p_rssi_cmpl_cb) {
132 p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
133 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
134
135 if (p_cb) {
136 tBTM_RSSI_RESULT btm_rssi_result;
137 btm_rssi_result.status = BTM_DEV_RESET;
138 (*p_cb)(&btm_rssi_result);
139 }
140 }
141
142 if (btm_cb.devcb.p_failed_contact_counter_cmpl_cb) {
143 p_cb = btm_cb.devcb.p_failed_contact_counter_cmpl_cb;
144 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = NULL;
145
146 if (p_cb) {
147 tBTM_FAILED_CONTACT_COUNTER_RESULT btm_failed_contact_counter_result;
148 btm_failed_contact_counter_result.status = BTM_DEV_RESET;
149 (*p_cb)(&btm_failed_contact_counter_result);
150 }
151 }
152
153 if (btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb) {
154 p_cb = btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb;
155 btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb = NULL;
156
157 if (p_cb) {
158 tBTM_AUTOMATIC_FLUSH_TIMEOUT_RESULT btm_automatic_flush_timeout_result;
159 btm_automatic_flush_timeout_result.status = BTM_DEV_RESET;
160 (*p_cb)(&btm_automatic_flush_timeout_result);
161 }
162 }
163 }
164
set_sec_state_idle(void * data,void * context)165 static bool set_sec_state_idle(void* data, void* context) {
166 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
167 p_dev_rec->sec_state = BTM_SEC_STATE_IDLE;
168 return true;
169 }
170
BTM_reset_complete()171 void BTM_reset_complete() {
172 const controller_t* controller = controller_get_interface();
173
174 /* Tell L2CAP that all connections are gone */
175 l2cu_device_reset();
176
177 /* Clear current security state */
178 list_foreach(btm_cb.sec_dev_rec, set_sec_state_idle, NULL);
179
180 /* After the reset controller should restore all parameters to defaults. */
181 btm_cb.btm_inq_vars.inq_counter = 1;
182 btm_cb.btm_inq_vars.inq_scan_window = HCI_DEF_INQUIRYSCAN_WINDOW;
183 btm_cb.btm_inq_vars.inq_scan_period = HCI_DEF_INQUIRYSCAN_INTERVAL;
184 btm_cb.btm_inq_vars.inq_scan_type = HCI_DEF_SCAN_TYPE;
185
186 btm_cb.btm_inq_vars.page_scan_window = HCI_DEF_PAGESCAN_WINDOW;
187 btm_cb.btm_inq_vars.page_scan_period = HCI_DEF_PAGESCAN_INTERVAL;
188 btm_cb.btm_inq_vars.page_scan_type = HCI_DEF_SCAN_TYPE;
189
190 btm_cb.ble_ctr_cb.set_connection_state_idle();
191 connection_manager::reset(true);
192
193 btm_pm_reset();
194
195 l2c_link_init();
196
197 // setup the random number generator
198 std::srand(std::time(nullptr));
199
200 /* Set up the BLE privacy settings */
201 if (controller->supports_ble() && controller->supports_ble_privacy() &&
202 controller->get_ble_resolving_list_max_size() > 0) {
203 btm_ble_resolving_list_init(controller->get_ble_resolving_list_max_size());
204 /* set the default random private address timeout */
205 btsnd_hcic_ble_set_rand_priv_addr_timeout(
206 btm_get_next_private_addrress_interval_ms() / 1000);
207 } else {
208 LOG_INFO(
209 "Le Address Resolving list disabled due to lack of controller support");
210 }
211
212 if (controller->supports_ble()) {
213 l2c_link_processs_ble_num_bufs(controller->get_acl_buffer_count_ble());
214 }
215
216 BTM_SetPinType(btm_cb.cfg.pin_type, btm_cb.cfg.pin_code,
217 btm_cb.cfg.pin_code_len);
218
219 decode_controller_support();
220 }
221
222 /*******************************************************************************
223 *
224 * Function BTM_IsDeviceUp
225 *
226 * Description This function is called to check if the device is up.
227 *
228 * Returns true if device is up, else false
229 *
230 ******************************************************************************/
BTM_IsDeviceUp(void)231 bool BTM_IsDeviceUp(void) { return controller_get_interface()->get_is_ready(); }
232
233 /*******************************************************************************
234 *
235 * Function btm_read_local_name_timeout
236 *
237 * Description Callback when reading the local name times out.
238 *
239 * Returns void
240 *
241 ******************************************************************************/
btm_read_local_name_timeout(UNUSED_ATTR void * data)242 static void btm_read_local_name_timeout(UNUSED_ATTR void* data) {
243 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rln_cmpl_cb;
244 btm_cb.devcb.p_rln_cmpl_cb = NULL;
245 if (p_cb) (*p_cb)((void*)NULL);
246 }
247
decode_controller_support()248 static void decode_controller_support() {
249 const controller_t* controller = controller_get_interface();
250
251 /* Create (e)SCO supported packet types mask */
252 btm_cb.btm_sco_pkt_types_supported = 0;
253 btm_cb.sco_cb.esco_supported = false;
254 if (controller->supports_sco()) {
255 btm_cb.btm_sco_pkt_types_supported = ESCO_PKT_TYPES_MASK_HV1;
256
257 if (controller->supports_hv2_packets())
258 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_HV2;
259
260 if (controller->supports_hv3_packets())
261 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_HV3;
262 }
263
264 if (controller->supports_ev3_packets())
265 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_EV3;
266
267 if (controller->supports_ev4_packets())
268 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_EV4;
269
270 if (controller->supports_ev5_packets())
271 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_EV5;
272
273 if (btm_cb.btm_sco_pkt_types_supported & BTM_ESCO_LINK_ONLY_MASK) {
274 btm_cb.sco_cb.esco_supported = true;
275
276 /* Add in EDR related eSCO types */
277 if (controller->supports_esco_2m_phy()) {
278 if (!controller->supports_3_slot_edr_packets())
279 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_NO_2_EV5;
280 } else {
281 btm_cb.btm_sco_pkt_types_supported |=
282 (ESCO_PKT_TYPES_MASK_NO_2_EV3 + ESCO_PKT_TYPES_MASK_NO_2_EV5);
283 }
284
285 if (controller->supports_esco_3m_phy()) {
286 if (!controller->supports_3_slot_edr_packets())
287 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_NO_3_EV5;
288 } else {
289 btm_cb.btm_sco_pkt_types_supported |=
290 (ESCO_PKT_TYPES_MASK_NO_3_EV3 + ESCO_PKT_TYPES_MASK_NO_3_EV5);
291 }
292 }
293
294 BTM_TRACE_DEBUG("Local supported SCO packet types: 0x%04x",
295 btm_cb.btm_sco_pkt_types_supported);
296
297 BTM_acl_after_controller_started(controller_get_interface());
298 btm_sec_dev_reset();
299
300 if (controller->supports_rssi_with_inquiry_results()) {
301 if (controller->supports_extended_inquiry_response())
302 BTM_SetInquiryMode(BTM_INQ_RESULT_EXTENDED);
303 else
304 BTM_SetInquiryMode(BTM_INQ_RESULT_WITH_RSSI);
305 }
306
307 l2cu_set_non_flushable_pbf(controller->supports_non_flushable_pb());
308 BTM_EnableInterlacedPageScan();
309 BTM_EnableInterlacedInquiryScan();
310 }
311
312 /*******************************************************************************
313 *
314 * Function BTM_SetLocalDeviceName
315 *
316 * Description This function is called to set the local device name.
317 *
318 * Returns status of the operation
319 *
320 ******************************************************************************/
BTM_SetLocalDeviceName(const char * p_name)321 tBTM_STATUS BTM_SetLocalDeviceName(const char* p_name) {
322 uint8_t* p;
323
324 if (!p_name || !p_name[0] || (strlen((char*)p_name) > BD_NAME_LEN))
325 return (BTM_ILLEGAL_VALUE);
326
327 if (!controller_get_interface()->get_is_ready()) return (BTM_DEV_RESET);
328 /* Save the device name if local storage is enabled */
329 p = (uint8_t*)btm_cb.cfg.bd_name;
330 if (p != (uint8_t*)p_name)
331 strlcpy((char*)btm_cb.cfg.bd_name, p_name, BTM_MAX_LOC_BD_NAME_LEN + 1);
332
333 btsnd_hcic_change_name(p);
334 return (BTM_CMD_STARTED);
335 }
336
337 /*******************************************************************************
338 *
339 * Function BTM_ReadLocalDeviceName
340 *
341 * Description This function is called to read the local device name.
342 *
343 * Returns status of the operation
344 * If success, BTM_SUCCESS is returned and p_name points stored
345 * local device name
346 * If BTM doesn't store local device name, BTM_NO_RESOURCES is
347 * is returned and p_name is set to NULL
348 *
349 ******************************************************************************/
BTM_ReadLocalDeviceName(const char ** p_name)350 tBTM_STATUS BTM_ReadLocalDeviceName(const char** p_name) {
351 *p_name = (const char*)btm_cb.cfg.bd_name;
352 return (BTM_SUCCESS);
353 }
354
355 /*******************************************************************************
356 *
357 * Function BTM_ReadLocalDeviceNameFromController
358 *
359 * Description Get local device name from controller. Do not use cached
360 * name (used to get chip-id prior to btm reset complete).
361 *
362 * Returns BTM_CMD_STARTED if successful, otherwise an error
363 *
364 ******************************************************************************/
BTM_ReadLocalDeviceNameFromController(tBTM_CMPL_CB * p_rln_cmpl_cback)365 tBTM_STATUS BTM_ReadLocalDeviceNameFromController(
366 tBTM_CMPL_CB* p_rln_cmpl_cback) {
367 /* Check if rln already in progress */
368 if (btm_cb.devcb.p_rln_cmpl_cb) return (BTM_NO_RESOURCES);
369
370 /* Save callback */
371 btm_cb.devcb.p_rln_cmpl_cb = p_rln_cmpl_cback;
372
373 btsnd_hcic_read_name();
374 alarm_set_on_mloop(btm_cb.devcb.read_local_name_timer,
375 BTM_DEV_NAME_REPLY_TIMEOUT_MS, btm_read_local_name_timeout,
376 NULL);
377
378 return BTM_CMD_STARTED;
379 }
380
381 /*******************************************************************************
382 *
383 * Function btm_read_local_name_complete
384 *
385 * Description This function is called when local name read complete.
386 * message is received from the HCI.
387 *
388 * Returns void
389 *
390 ******************************************************************************/
btm_read_local_name_complete(uint8_t * p,UNUSED_ATTR uint16_t evt_len)391 void btm_read_local_name_complete(uint8_t* p, UNUSED_ATTR uint16_t evt_len) {
392 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rln_cmpl_cb;
393 uint8_t status;
394
395 alarm_cancel(btm_cb.devcb.read_local_name_timer);
396
397 /* If there was a callback address for read local name, call it */
398 btm_cb.devcb.p_rln_cmpl_cb = NULL;
399
400 if (p_cb) {
401 STREAM_TO_UINT8(status, p);
402
403 if (status == HCI_SUCCESS)
404 (*p_cb)(p);
405 else
406 (*p_cb)(NULL);
407 }
408 }
409
410 /*******************************************************************************
411 *
412 * Function BTM_SetDeviceClass
413 *
414 * Description This function is called to set the local device class
415 *
416 * Returns status of the operation
417 *
418 ******************************************************************************/
BTM_SetDeviceClass(DEV_CLASS dev_class)419 tBTM_STATUS BTM_SetDeviceClass(DEV_CLASS dev_class) {
420 if (!memcmp(btm_cb.devcb.dev_class, dev_class, DEV_CLASS_LEN))
421 return (BTM_SUCCESS);
422
423 memcpy(btm_cb.devcb.dev_class, dev_class, DEV_CLASS_LEN);
424
425 if (!controller_get_interface()->get_is_ready()) return (BTM_DEV_RESET);
426
427 btsnd_hcic_write_dev_class(dev_class);
428
429 return (BTM_SUCCESS);
430 }
431
432 /*******************************************************************************
433 *
434 * Function BTM_ReadDeviceClass
435 *
436 * Description This function is called to read the local device class
437 *
438 * Returns pointer to the device class
439 *
440 ******************************************************************************/
BTM_ReadDeviceClass(void)441 uint8_t* BTM_ReadDeviceClass(void) {
442 return ((uint8_t*)btm_cb.devcb.dev_class);
443 }
444
445 /*******************************************************************************
446 *
447 * Function BTM_VendorSpecificCommand
448 *
449 * Description Send a vendor specific HCI command to the controller.
450 *
451 * Notes
452 * Opcode will be OR'd with HCI_GRP_VENDOR_SPECIFIC.
453 *
454 ******************************************************************************/
BTM_VendorSpecificCommand(uint16_t opcode,uint8_t param_len,uint8_t * p_param_buf,tBTM_VSC_CMPL_CB * p_cb)455 void BTM_VendorSpecificCommand(uint16_t opcode, uint8_t param_len,
456 uint8_t* p_param_buf, tBTM_VSC_CMPL_CB* p_cb) {
457 /* Allocate a buffer to hold HCI command plus the callback function */
458 void* p_buf = osi_malloc(sizeof(BT_HDR) + sizeof(tBTM_CMPL_CB*) + param_len +
459 HCIC_PREAMBLE_SIZE);
460
461 BTM_TRACE_EVENT("BTM: %s: Opcode: 0x%04X, ParamLen: %i.", __func__, opcode,
462 param_len);
463
464 /* Send the HCI command (opcode will be OR'd with HCI_GRP_VENDOR_SPECIFIC) */
465 btsnd_hcic_vendor_spec_cmd(p_buf, opcode, param_len, p_param_buf,
466 (void*)p_cb);
467 }
468
469 /*******************************************************************************
470 *
471 * Function btm_vsc_complete
472 *
473 * Description This function is called when local HCI Vendor Specific
474 * Command complete message is received from the HCI.
475 *
476 * Returns void
477 *
478 ******************************************************************************/
btm_vsc_complete(uint8_t * p,uint16_t opcode,uint16_t evt_len,tBTM_VSC_CMPL_CB * p_vsc_cplt_cback)479 void btm_vsc_complete(uint8_t* p, uint16_t opcode, uint16_t evt_len,
480 tBTM_VSC_CMPL_CB* p_vsc_cplt_cback) {
481 tBTM_VSC_CMPL vcs_cplt_params;
482
483 /* If there was a callback address for vcs complete, call it */
484 if (p_vsc_cplt_cback) {
485 /* Pass paramters to the callback function */
486 vcs_cplt_params.opcode = opcode; /* Number of bytes in return info */
487 vcs_cplt_params.param_len = evt_len; /* Number of bytes in return info */
488 vcs_cplt_params.p_param_buf = p;
489 (*p_vsc_cplt_cback)(
490 &vcs_cplt_params); /* Call the VSC complete callback function */
491 }
492 }
493
494 /*******************************************************************************
495 *
496 * Function BTM_RegisterForVSEvents
497 *
498 * Description This function is called to register/deregister for vendor
499 * specific HCI events.
500 *
501 * If is_register=true, then the function will be registered;
502 * otherwise, the the function will be deregistered.
503 *
504 * Returns BTM_SUCCESS if successful,
505 * BTM_BUSY if maximum number of callbacks have already been
506 * registered.
507 *
508 ******************************************************************************/
BTM_RegisterForVSEvents(tBTM_VS_EVT_CB * p_cb,bool is_register)509 tBTM_STATUS BTM_RegisterForVSEvents(tBTM_VS_EVT_CB* p_cb, bool is_register) {
510 tBTM_STATUS retval = BTM_SUCCESS;
511 uint8_t i, free_idx = BTM_MAX_VSE_CALLBACKS;
512
513 /* See if callback is already registered */
514 for (i = 0; i < BTM_MAX_VSE_CALLBACKS; i++) {
515 if (btm_cb.devcb.p_vend_spec_cb[i] == NULL) {
516 /* Found a free slot. Store index */
517 free_idx = i;
518 } else if (btm_cb.devcb.p_vend_spec_cb[i] == p_cb) {
519 /* Found callback in lookup table. If deregistering, clear the entry. */
520 if (!is_register) {
521 btm_cb.devcb.p_vend_spec_cb[i] = NULL;
522 BTM_TRACE_EVENT("BTM Deregister For VSEvents is successfully");
523 }
524 return (BTM_SUCCESS);
525 }
526 }
527
528 /* Didn't find callback. Add callback to free slot if registering */
529 if (is_register) {
530 if (free_idx < BTM_MAX_VSE_CALLBACKS) {
531 btm_cb.devcb.p_vend_spec_cb[free_idx] = p_cb;
532 BTM_TRACE_EVENT("BTM Register For VSEvents is successfully");
533 } else {
534 /* No free entries available */
535 BTM_TRACE_ERROR("BTM_RegisterForVSEvents: too many callbacks registered");
536
537 retval = BTM_NO_RESOURCES;
538 }
539 }
540
541 return (retval);
542 }
543
544 /*******************************************************************************
545 *
546 * Function btm_vendor_specific_evt
547 *
548 * Description Process event HCI_VENDOR_SPECIFIC_EVT
549 *
550 * Returns void
551 *
552 ******************************************************************************/
btm_vendor_specific_evt(const uint8_t * p,uint8_t evt_len)553 void btm_vendor_specific_evt(const uint8_t* p, uint8_t evt_len) {
554 uint8_t i;
555
556 BTM_TRACE_DEBUG("BTM Event: Vendor Specific event from controller");
557
558 // Handle BQR events
559 const uint8_t* bqr_ptr = p;
560 uint8_t event_code;
561 uint8_t len;
562
563 if (evt_len >= 2) {
564 STREAM_TO_UINT8(event_code, bqr_ptr);
565 STREAM_TO_UINT8(len, bqr_ptr);
566 // Check if there's at least a subevent code
567 if (len > 1 && evt_len >= 2 + 1 && event_code == HCI_VENDOR_SPECIFIC_EVT) {
568 uint8_t sub_event_code;
569 STREAM_TO_UINT8(sub_event_code, bqr_ptr);
570 if (sub_event_code == HCI_VSE_SUBCODE_BQR_SUB_EVT) {
571 // Excluding the HCI Event packet header and 1 octet sub-event code
572 int16_t bqr_parameter_length = evt_len - HCIE_PREAMBLE_SIZE - 1;
573 const uint8_t* p_bqr_event = bqr_ptr;
574 // The stream currently points to the BQR sub-event parameters
575 switch (sub_event_code) {
576 case bluetooth::bqr::QUALITY_REPORT_ID_LMP_LL_MESSAGE_TRACE:
577 if (bqr_parameter_length >= bluetooth::bqr::kLogDumpParamTotalLen) {
578 bluetooth::bqr::DumpLmpLlMessage(bqr_parameter_length, p_bqr_event);
579 } else {
580 LOG_INFO("Malformed LMP event of length %hd", bqr_parameter_length);
581 }
582
583 break;
584
585 case bluetooth::bqr::QUALITY_REPORT_ID_BT_SCHEDULING_TRACE:
586 if (bqr_parameter_length >= bluetooth::bqr::kLogDumpParamTotalLen) {
587 bluetooth::bqr::DumpBtScheduling(bqr_parameter_length, p_bqr_event);
588 } else {
589 LOG_INFO("Malformed TRACE event of length %hd",
590 bqr_parameter_length);
591 }
592 break;
593
594 default:
595 LOG_INFO("Unhandled BQR subevent 0x%02hxx", sub_event_code);
596 }
597 }
598 }
599 }
600
601 for (i = 0; i < BTM_MAX_VSE_CALLBACKS; i++) {
602 if (btm_cb.devcb.p_vend_spec_cb[i])
603 (*btm_cb.devcb.p_vend_spec_cb[i])(evt_len, p);
604 }
605 }
606
607 /*******************************************************************************
608 *
609 * Function BTM_WritePageTimeout
610 *
611 * Description Send HCI Write Page Timeout.
612 *
613 ******************************************************************************/
BTM_WritePageTimeout(uint16_t timeout)614 void BTM_WritePageTimeout(uint16_t timeout) {
615 BTM_TRACE_EVENT("BTM: BTM_WritePageTimeout: Timeout: %d.", timeout);
616
617 /* Send the HCI command */
618 btsnd_hcic_write_page_tout(timeout);
619 }
620
621 /*******************************************************************************
622 *
623 * Function BTM_WriteVoiceSettings
624 *
625 * Description Send HCI Write Voice Settings command.
626 * See hcidefs.h for settings bitmask values.
627 *
628 ******************************************************************************/
BTM_WriteVoiceSettings(uint16_t settings)629 void BTM_WriteVoiceSettings(uint16_t settings) {
630 BTM_TRACE_EVENT("BTM: BTM_WriteVoiceSettings: Settings: 0x%04x.", settings);
631
632 /* Send the HCI command */
633 btsnd_hcic_write_voice_settings((uint16_t)(settings & 0x03ff));
634 }
635
636 /*******************************************************************************
637 *
638 * Function BTM_EnableTestMode
639 *
640 * Description Send HCI the enable device under test command.
641 *
642 * Note: Controller can only be taken out of this mode by
643 * resetting the controller.
644 *
645 * Returns
646 * BTM_SUCCESS Command sent.
647 * BTM_NO_RESOURCES If out of resources to send the command.
648 *
649 *
650 ******************************************************************************/
BTM_EnableTestMode(void)651 tBTM_STATUS BTM_EnableTestMode(void) {
652 uint8_t cond;
653
654 BTM_TRACE_EVENT("BTM: BTM_EnableTestMode");
655
656 /* set auto accept connection as this is needed during test mode */
657 /* Allocate a buffer to hold HCI command */
658 cond = HCI_DO_AUTO_ACCEPT_CONNECT;
659 btsnd_hcic_set_event_filter(HCI_FILTER_CONNECTION_SETUP,
660 HCI_FILTER_COND_NEW_DEVICE, &cond, sizeof(cond));
661
662 /* put device to connectable mode */
663 if (BTM_SetConnectability(BTM_CONNECTABLE) != BTM_SUCCESS) {
664 return BTM_NO_RESOURCES;
665 }
666
667 /* put device to discoverable mode */
668 if (BTM_SetDiscoverability(BTM_GENERAL_DISCOVERABLE) != BTM_SUCCESS) {
669 return BTM_NO_RESOURCES;
670 }
671
672 /* mask off all of event from controller */
673 bluetooth::shim::controller_clear_event_mask();
674
675 /* Send the HCI command */
676 btsnd_hcic_enable_test_mode();
677 return (BTM_SUCCESS);
678 }
679
680 /*******************************************************************************
681 *
682 * Function BTM_DeleteStoredLinkKey
683 *
684 * Description This function is called to delete link key for the specified
685 * device addresses from the NVRAM storage attached to the
686 * Bluetooth controller.
687 *
688 * Parameters: bd_addr - Addresses of the devices
689 * p_cb - Call back function to be called to return
690 * the results
691 *
692 ******************************************************************************/
BTM_DeleteStoredLinkKey(const RawAddress * bd_addr,tBTM_CMPL_CB * p_cb)693 tBTM_STATUS BTM_DeleteStoredLinkKey(const RawAddress* bd_addr,
694 tBTM_CMPL_CB* p_cb) {
695 /* Check if the previous command is completed */
696 if (btm_cb.devcb.p_stored_link_key_cmpl_cb) return (BTM_BUSY);
697
698 bool delete_all_flag = !bd_addr;
699
700 BTM_TRACE_EVENT("BTM: BTM_DeleteStoredLinkKey: delete_all_flag: %s",
701 delete_all_flag ? "true" : "false");
702
703 btm_cb.devcb.p_stored_link_key_cmpl_cb = p_cb;
704 if (!bd_addr) {
705 /* This is to delete all link keys */
706 /* We don't care the BD address. Just pass a non zero pointer */
707 RawAddress local_bd_addr = RawAddress::kEmpty;
708 btsnd_hcic_delete_stored_key(local_bd_addr, delete_all_flag);
709 } else {
710 btsnd_hcic_delete_stored_key(*bd_addr, delete_all_flag);
711 }
712
713 return (BTM_SUCCESS);
714 }
715
716 /*******************************************************************************
717 *
718 * Function btm_delete_stored_link_key_complete
719 *
720 * Description This function is called when the command complete message
721 * is received from the HCI for the delete stored link key
722 * command.
723 *
724 * Returns void
725 *
726 ******************************************************************************/
btm_delete_stored_link_key_complete(uint8_t * p,uint16_t evt_len)727 void btm_delete_stored_link_key_complete(uint8_t* p, uint16_t evt_len) {
728 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_stored_link_key_cmpl_cb;
729 tBTM_DELETE_STORED_LINK_KEY_COMPLETE result;
730
731 /* If there was a callback registered for read stored link key, call it */
732 btm_cb.devcb.p_stored_link_key_cmpl_cb = NULL;
733
734 if (p_cb) {
735 /* Set the call back event to indicate command complete */
736 result.event = BTM_CB_EVT_DELETE_STORED_LINK_KEYS;
737
738 if (evt_len < 3) {
739 LOG(ERROR) << __func__ << "Malformatted event packet, too short";
740 return;
741 }
742
743 /* Extract the result fields from the HCI event */
744 STREAM_TO_UINT8(result.status, p);
745 STREAM_TO_UINT16(result.num_keys, p);
746
747 /* Call the call back and pass the result */
748 (*p_cb)(&result);
749 }
750 }
751
752 /*******************************************************************************
753 *
754 * Function BTM_BT_Quality_Report_VSE_CBack
755 *
756 * Description Callback invoked on receiving of Vendor Specific Events.
757 * This function will call registered BQR report receiver if
758 * Bluetooth Quality Report sub-event is identified.
759 *
760 * Parameters: length - Lengths of all of the parameters contained in the
761 * Vendor Specific Event.
762 * p_stream - A pointer to the quality report which is sent
763 * from the Bluetooth controller via Vendor Specific Event.
764 *
765 ******************************************************************************/
BTM_BT_Quality_Report_VSE_CBack(uint8_t length,const uint8_t * p_stream)766 static void BTM_BT_Quality_Report_VSE_CBack(uint8_t length,
767 const uint8_t* p_stream) {
768 if (length == 0) {
769 LOG(WARNING) << __func__ << ": Lengths of all of the parameters are zero.";
770 return;
771 }
772
773 uint8_t sub_event = 0;
774 STREAM_TO_UINT8(sub_event, p_stream);
775 length--;
776
777 if (sub_event == HCI_VSE_SUBCODE_BQR_SUB_EVT) {
778 if (btm_cb.p_bqr_report_receiver == nullptr) {
779 LOG(WARNING) << __func__ << ": No registered report receiver.";
780 return;
781 }
782
783 btm_cb.p_bqr_report_receiver(length, p_stream);
784 }
785 }
786
787 /*******************************************************************************
788 *
789 * Function BTM_BT_Quality_Report_VSE_Register
790 *
791 * Description Register/Deregister for Bluetooth Quality Report VSE sub
792 * event Callback.
793 *
794 * Parameters: is_register - True/False to register/unregister for VSE.
795 * p_bqr_report_receiver - The receiver for receiving Bluetooth
796 * Quality Report VSE sub event.
797 *
798 ******************************************************************************/
BTM_BT_Quality_Report_VSE_Register(bool is_register,tBTM_BT_QUALITY_REPORT_RECEIVER * p_bqr_report_receiver)799 tBTM_STATUS BTM_BT_Quality_Report_VSE_Register(
800 bool is_register, tBTM_BT_QUALITY_REPORT_RECEIVER* p_bqr_report_receiver) {
801 tBTM_STATUS retval =
802 BTM_RegisterForVSEvents(BTM_BT_Quality_Report_VSE_CBack, is_register);
803
804 if (retval != BTM_SUCCESS) {
805 LOG(WARNING) << __func__ << ": Fail to (un)register VSEvents: " << retval
806 << ", is_register: " << logbool(is_register);
807 return retval;
808 }
809
810 if (is_register) {
811 btm_cb.p_bqr_report_receiver = p_bqr_report_receiver;
812 } else {
813 btm_cb.p_bqr_report_receiver = nullptr;
814 }
815
816 LOG(INFO) << __func__ << ": Success to (un)register VSEvents."
817 << " is_register: " << logbool(is_register);
818 return retval;
819 }
820