1 /******************************************************************************
2 *
3 * Copyright 2000-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /*****************************************************************************
20 *
21 * Name: btm_acl.cc
22 *
23 * Description: This file contains functions that handle ACL connections.
24 * This includes operations such as hold and sniff modes,
25 * supported packet types.
26 *
27 * This module contains both internal and external (API)
28 * functions. External (API) functions are distinguishable
29 * by their names beginning with uppercase BTM.
30 *
31 *
32 *****************************************************************************/
33
34 #define LOG_TAG "btm_acl"
35
36 #include <base/logging.h>
37
38 #include <cstdint>
39
40 #include "bta/include/bta_dm_acl.h"
41 #include "bta/sys/bta_sys.h"
42 #include "btif/include/btif_acl.h"
43 #include "common/metrics.h"
44 #include "device/include/controller.h"
45 #include "device/include/device_iot_config.h"
46 #include "device/include/interop.h"
47 #include "gd/metrics/metrics_state.h"
48 #include "include/l2cap_hci_link_interface.h"
49 #include "main/shim/acl_api.h"
50 #include "main/shim/btm_api.h"
51 #include "main/shim/controller.h"
52 #include "main/shim/dumpsys.h"
53 #include "main/shim/l2c_api.h"
54 #include "main/shim/metrics_api.h"
55 #include "main/shim/shim.h"
56 #include "os/parameter_provider.h"
57 #include "osi/include/allocator.h"
58 #include "osi/include/log.h"
59 #include "osi/include/osi.h" // UNUSED_ATTR
60 #include "osi/include/properties.h"
61 #include "rust/src/connection/ffi/connection_shim.h"
62 #include "rust/src/core/ffi/types.h"
63 #include "stack/acl/acl.h"
64 #include "stack/acl/peer_packet_types.h"
65 #include "stack/btm/btm_dev.h"
66 #include "stack/btm/btm_int_types.h"
67 #include "stack/btm/btm_sec.h"
68 #include "stack/btm/security_device_record.h"
69 #include "stack/gatt/connection_manager.h"
70 #include "stack/include/acl_api.h"
71 #include "stack/include/acl_hci_link_interface.h"
72 #include "stack/include/bt_hdr.h"
73 #include "stack/include/btm_api.h"
74 #include "stack/include/btm_iso_api.h"
75 #include "stack/include/btu.h"
76 #include "stack/include/hci_error_code.h"
77 #include "stack/include/l2cap_acl_interface.h"
78 #include "stack/include/sco_hci_link_interface.h"
79 #include "types/hci_role.h"
80 #include "types/raw_address.h"
81 #include "os/metrics.h"
82
83 #ifndef PROPERTY_LINK_SUPERVISION_TIMEOUT
84 #define PROPERTY_LINK_SUPERVISION_TIMEOUT \
85 "bluetooth.core.acl.link_supervision_timeout"
86 #endif
87
88 void BTM_update_version_info(const RawAddress& bd_addr,
89 const remote_version_info& remote_version_info);
90
91 void gatt_find_in_device_record(const RawAddress& bd_addr,
92 tBLE_BD_ADDR* address_with_type);
93 void l2c_link_hci_conn_comp(tHCI_STATUS status, uint16_t handle,
94 const RawAddress& p_bda);
95
96 void BTM_db_reset(void);
97
98 extern tBTM_CB btm_cb;
99 void btm_iot_save_remote_properties(tACL_CONN* p_acl_cb);
100 void btm_iot_save_remote_versions(tACL_CONN* p_acl_cb);
101
102 struct StackAclBtmAcl {
103 tACL_CONN* acl_allocate_connection();
104 tACL_CONN* acl_get_connection_from_handle(uint16_t handle);
105 tACL_CONN* btm_bda_to_acl(const RawAddress& bda, tBT_TRANSPORT transport);
106 bool change_connection_packet_types(tACL_CONN& link,
107 const uint16_t new_packet_type_bitmask);
108 void btm_establish_continue(tACL_CONN* p_acl_cb);
109 void btm_set_default_link_policy(tLINK_POLICY settings);
110 void btm_acl_role_changed(tHCI_STATUS hci_status, const RawAddress& bd_addr,
111 tHCI_ROLE new_role);
112 void hci_start_role_switch_to_central(tACL_CONN& p_acl);
set_default_packet_types_supportedStackAclBtmAcl113 void set_default_packet_types_supported(uint16_t packet_types_supported) {
114 btm_cb.acl_cb_.btm_acl_pkt_types_supported = packet_types_supported;
115 }
116 void btm_acl_consolidate(const RawAddress& identity_addr,
117 const RawAddress& rpa);
118 };
119
120 struct RoleChangeView {
121 tHCI_ROLE new_role = HCI_ROLE_UNKNOWN;
122 RawAddress bd_addr;
123 };
124
125 namespace {
126 StackAclBtmAcl internal_;
127 std::unique_ptr<RoleChangeView> delayed_role_change_ = nullptr;
GetLegacyHciInterface()128 const bluetooth::legacy::hci::Interface& GetLegacyHciInterface() {
129 return bluetooth::legacy::hci::GetInterface();
130 }
131 }
132
133 typedef struct {
134 uint16_t handle;
135 uint16_t hci_len;
136 } __attribute__((packed)) acl_header_t;
137
138 constexpr uint8_t BTM_MAX_SW_ROLE_FAILED_ATTEMPTS = 3;
139
140 /* Define masks for supported and exception 2.0 ACL packet types
141 */
142 constexpr uint16_t BTM_ACL_SUPPORTED_PKTS_MASK =
143 (HCI_PKT_TYPES_MASK_DM1 | HCI_PKT_TYPES_MASK_DH1 | HCI_PKT_TYPES_MASK_DM3 |
144 HCI_PKT_TYPES_MASK_DH3 | HCI_PKT_TYPES_MASK_DM5 | HCI_PKT_TYPES_MASK_DH5);
145
146 constexpr uint16_t BTM_ACL_EXCEPTION_PKTS_MASK =
147 (HCI_PKT_TYPES_MASK_NO_2_DH1 | HCI_PKT_TYPES_MASK_NO_3_DH1 |
148 HCI_PKT_TYPES_MASK_NO_2_DH3 | HCI_PKT_TYPES_MASK_NO_3_DH3 |
149 HCI_PKT_TYPES_MASK_NO_2_DH5 | HCI_PKT_TYPES_MASK_NO_3_DH5);
150
IsEprAvailable(const tACL_CONN & p_acl)151 inline bool IsEprAvailable(const tACL_CONN& p_acl) {
152 if (!p_acl.peer_lmp_feature_valid[0]) {
153 LOG_WARN("Checking incomplete feature page read");
154 return false;
155 }
156 return HCI_ATOMIC_ENCRYPT_SUPPORTED(p_acl.peer_lmp_feature_pages[0]) &&
157 controller_get_interface()->supports_encryption_pause();
158 }
159
160 static void btm_process_remote_ext_features(tACL_CONN* p_acl_cb,
161 uint8_t max_page_number);
162 static void btm_read_failed_contact_counter_timeout(void* data);
163 static void btm_read_remote_ext_features(uint16_t handle, uint8_t page_number);
164 static void btm_read_rssi_timeout(void* data);
165 static void btm_read_tx_power_timeout(void* data);
166 static void check_link_policy(tLINK_POLICY* settings);
167 void btm_set_link_policy(tACL_CONN* conn, tLINK_POLICY policy);
168
169 namespace {
NotifyAclLinkUp(tACL_CONN & p_acl)170 void NotifyAclLinkUp(tACL_CONN& p_acl) {
171 if (p_acl.link_up_issued) {
172 LOG_INFO("Already notified BTA layer that the link is up");
173 return;
174 }
175 p_acl.link_up_issued = true;
176 BTA_dm_acl_up(p_acl.remote_addr, p_acl.transport, p_acl.hci_handle);
177 }
178
NotifyAclLinkDown(tACL_CONN & p_acl)179 void NotifyAclLinkDown(tACL_CONN& p_acl) {
180 /* Only notify if link up has had a chance to be issued */
181 if (p_acl.link_up_issued) {
182 p_acl.link_up_issued = false;
183 BTA_dm_acl_down(p_acl.remote_addr, p_acl.transport);
184 }
185 }
186
NotifyAclRoleSwitchComplete(const RawAddress & bda,tHCI_ROLE new_role,tHCI_STATUS hci_status)187 void NotifyAclRoleSwitchComplete(const RawAddress& bda, tHCI_ROLE new_role,
188 tHCI_STATUS hci_status) {
189 BTA_dm_report_role_change(bda, new_role, hci_status);
190 }
191
NotifyAclFeaturesReadComplete(tACL_CONN & p_acl,UNUSED_ATTR uint8_t max_page_number)192 void NotifyAclFeaturesReadComplete(tACL_CONN& p_acl,
193 UNUSED_ATTR uint8_t max_page_number) {
194 btm_process_remote_ext_features(&p_acl, max_page_number);
195 btm_set_link_policy(&p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
196 BTA_dm_notify_remote_features_complete(p_acl.remote_addr);
197 }
198
199 } // namespace
200
hci_btsnd_hcic_disconnect(tACL_CONN & p_acl,tHCI_STATUS reason,std::string comment)201 static void hci_btsnd_hcic_disconnect(tACL_CONN& p_acl, tHCI_STATUS reason,
202 std::string comment) {
203 LOG_INFO("Disconnecting peer:%s reason:%s comment:%s",
204 ADDRESS_TO_LOGGABLE_CSTR(p_acl.remote_addr),
205 hci_error_code_text(reason).c_str(), comment.c_str());
206 p_acl.disconnect_reason = reason;
207
208 if (bluetooth::common::init_flags::
209 use_unified_connection_manager_is_enabled()) {
210 if (!p_acl.is_transport_br_edr()) {
211 // TODO(aryarahul): this should be moved into GATT, so when a client
212 // disconnects, it removes its request to autoConnect, even if the ACL
213 // link stays up due to the presence of other clients.
214 bluetooth::connection::GetConnectionManager()
215 .stop_all_connections_to_device(bluetooth::core::ToRustAddress(
216 tBLE_BD_ADDR{.bda = p_acl.active_remote_addr,
217 .type = p_acl.active_remote_addr_type}));
218 }
219 }
220
221 return bluetooth::shim::ACL_Disconnect(
222 p_acl.hci_handle, p_acl.is_transport_br_edr(), reason, comment);
223 }
224
hci_start_role_switch_to_central(tACL_CONN & p_acl)225 void StackAclBtmAcl::hci_start_role_switch_to_central(tACL_CONN& p_acl) {
226 GetLegacyHciInterface().StartRoleSwitch(
227 p_acl.remote_addr, static_cast<uint8_t>(HCI_ROLE_CENTRAL));
228 p_acl.set_switch_role_in_progress();
229 p_acl.rs_disc_pending = BTM_SEC_RS_PENDING;
230 }
231
hci_btm_set_link_supervision_timeout(tACL_CONN & link,uint16_t timeout)232 void hci_btm_set_link_supervision_timeout(tACL_CONN& link, uint16_t timeout) {
233 if (link.link_role != HCI_ROLE_CENTRAL) {
234 /* Only send if current role is Central; 2.0 spec requires this */
235 LOG_WARN("Can only set link supervision timeout if central role:%s",
236 RoleText(link.link_role).c_str());
237 return;
238 }
239
240 if (!bluetooth::shim::
241 controller_is_write_link_supervision_timeout_supported()) {
242 LOG_WARN(
243 "UNSUPPORTED by controller write link supervision timeout:%.2fms "
244 "bd_addr:%s",
245 supervision_timeout_to_seconds(timeout),
246 ADDRESS_TO_LOGGABLE_CSTR(link.RemoteAddress()));
247 return;
248 }
249 LOG_DEBUG("Setting link supervision timeout:%.2fs peer:%s",
250 double(timeout) * 0.01, ADDRESS_TO_LOGGABLE_CSTR(link.RemoteAddress()));
251 link.link_super_tout = timeout;
252 btsnd_hcic_write_link_super_tout(link.Handle(), timeout);
253 }
254
255 /* 3 seconds timeout waiting for responses */
256 #define BTM_DEV_REPLY_TIMEOUT_MS (3 * 1000)
257
BTM_acl_after_controller_started(const controller_t * controller)258 void BTM_acl_after_controller_started(const controller_t* controller) {
259 internal_.btm_set_default_link_policy(
260 HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH | HCI_ENABLE_HOLD_MODE |
261 HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE);
262
263 /* Create ACL supported packet types mask */
264 uint16_t btm_acl_pkt_types_supported =
265 (HCI_PKT_TYPES_MASK_DH1 + HCI_PKT_TYPES_MASK_DM1);
266
267 if (controller->supports_3_slot_packets())
268 btm_acl_pkt_types_supported |=
269 (HCI_PKT_TYPES_MASK_DH3 + HCI_PKT_TYPES_MASK_DM3);
270
271 if (controller->supports_5_slot_packets())
272 btm_acl_pkt_types_supported |=
273 (HCI_PKT_TYPES_MASK_DH5 + HCI_PKT_TYPES_MASK_DM5);
274
275 /* Add in EDR related ACL types */
276 if (!controller->supports_classic_2m_phy()) {
277 btm_acl_pkt_types_supported |=
278 (HCI_PKT_TYPES_MASK_NO_2_DH1 + HCI_PKT_TYPES_MASK_NO_2_DH3 +
279 HCI_PKT_TYPES_MASK_NO_2_DH5);
280 }
281
282 if (!controller->supports_classic_3m_phy()) {
283 btm_acl_pkt_types_supported |=
284 (HCI_PKT_TYPES_MASK_NO_3_DH1 + HCI_PKT_TYPES_MASK_NO_3_DH3 +
285 HCI_PKT_TYPES_MASK_NO_3_DH5);
286 }
287
288 /* Check to see if 3 and 5 slot packets are available */
289 if (controller->supports_classic_2m_phy() ||
290 controller->supports_classic_3m_phy()) {
291 if (!controller->supports_3_slot_edr_packets())
292 btm_acl_pkt_types_supported |=
293 (HCI_PKT_TYPES_MASK_NO_2_DH3 + HCI_PKT_TYPES_MASK_NO_3_DH3);
294
295 if (!controller->supports_5_slot_edr_packets())
296 btm_acl_pkt_types_supported |=
297 (HCI_PKT_TYPES_MASK_NO_2_DH5 + HCI_PKT_TYPES_MASK_NO_3_DH5);
298 }
299 internal_.set_default_packet_types_supported(btm_acl_pkt_types_supported);
300 }
301
302 /*******************************************************************************
303 *
304 * Function btm_bda_to_acl
305 *
306 * Description This function returns the FIRST acl_db entry for the passed
307 * BDA.
308 *
309 * Parameters bda : BD address of the remote device
310 * transport : Physical transport used for ACL connection
311 * (BR/EDR or LE)
312 *
313 * Returns Returns pointer to the ACL DB for the requested BDA if found.
314 * nullptr if not found.
315 *
316 ******************************************************************************/
btm_bda_to_acl(const RawAddress & bda,tBT_TRANSPORT transport)317 tACL_CONN* StackAclBtmAcl::btm_bda_to_acl(const RawAddress& bda,
318 tBT_TRANSPORT transport) {
319 tACL_CONN* p_acl = &btm_cb.acl_cb_.acl_db[0];
320 for (uint8_t index = 0; index < MAX_L2CAP_LINKS; index++, p_acl++) {
321 if ((p_acl->in_use) && p_acl->remote_addr == bda &&
322 p_acl->transport == transport) {
323 return p_acl;
324 }
325 }
326 return nullptr;
327 }
328
acl_get_connection_from_address(const RawAddress & bd_addr,tBT_TRANSPORT transport)329 tACL_CONN* acl_get_connection_from_address(const RawAddress& bd_addr,
330 tBT_TRANSPORT transport) {
331 return internal_.btm_bda_to_acl(bd_addr, transport);
332 }
333
btm_acl_consolidate(const RawAddress & identity_addr,const RawAddress & rpa)334 void StackAclBtmAcl::btm_acl_consolidate(const RawAddress& identity_addr,
335 const RawAddress& rpa) {
336 tACL_CONN* p_acl = &btm_cb.acl_cb_.acl_db[0];
337 for (uint8_t index = 0; index < MAX_L2CAP_LINKS; index++, p_acl++) {
338 if (!p_acl->in_use) continue;
339
340 if (p_acl->remote_addr == rpa) {
341 LOG_INFO("consolidate %s -> %s", ADDRESS_TO_LOGGABLE_CSTR(rpa),
342 ADDRESS_TO_LOGGABLE_CSTR(identity_addr));
343 p_acl->remote_addr = identity_addr;
344 return;
345 }
346 }
347 }
348
btm_acl_consolidate(const RawAddress & identity_addr,const RawAddress & rpa)349 void btm_acl_consolidate(const RawAddress& identity_addr,
350 const RawAddress& rpa) {
351 return internal_.btm_acl_consolidate(identity_addr, rpa);
352 }
353
354 /*******************************************************************************
355 *
356 * Function btm_handle_to_acl_index
357 *
358 * Description This function returns the FIRST acl_db entry for the passed
359 * hci_handle.
360 *
361 * Returns index to the acl_db or MAX_L2CAP_LINKS.
362 *
363 ******************************************************************************/
btm_handle_to_acl_index(uint16_t hci_handle)364 uint8_t btm_handle_to_acl_index(uint16_t hci_handle) {
365 tACL_CONN* p = &btm_cb.acl_cb_.acl_db[0];
366 uint8_t xx;
367 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
368 if ((p->in_use) && (p->hci_handle == hci_handle)) {
369 break;
370 }
371 }
372
373 /* If here, no BD Addr found */
374 return (xx);
375 }
376
acl_get_connection_from_handle(uint16_t hci_handle)377 tACL_CONN* StackAclBtmAcl::acl_get_connection_from_handle(uint16_t hci_handle) {
378 uint8_t index = btm_handle_to_acl_index(hci_handle);
379 if (index >= MAX_L2CAP_LINKS) return nullptr;
380 return &btm_cb.acl_cb_.acl_db[index];
381 }
382
acl_get_connection_from_handle(uint16_t handle)383 tACL_CONN* acl_get_connection_from_handle(uint16_t handle) {
384 return internal_.acl_get_connection_from_handle(handle);
385 }
386
btm_acl_process_sca_cmpl_pkt(uint8_t len,uint8_t * data)387 void btm_acl_process_sca_cmpl_pkt(uint8_t len, uint8_t* data) {
388 uint16_t handle;
389 uint8_t sca;
390 uint8_t status;
391
392 if (len < 4) {
393 LOG_WARN("Malformatted packet, not containing enough data");
394 return;
395 }
396
397 STREAM_TO_UINT8(status, data);
398
399 if (status != HCI_SUCCESS) {
400 LOG_WARN("Peer SCA Command complete failed:%s",
401 hci_error_code_text(static_cast<tHCI_STATUS>(status)).c_str());
402 return;
403 }
404
405 STREAM_TO_UINT16(handle, data);
406 STREAM_TO_UINT8(sca, data);
407
408 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
409 if (p_acl == nullptr) {
410 LOG_WARN("Unable to find active acl");
411 return;
412 }
413 p_acl->sca = sca;
414 }
415
acl_allocate_connection()416 tACL_CONN* StackAclBtmAcl::acl_allocate_connection() {
417 tACL_CONN* p_acl = &btm_cb.acl_cb_.acl_db[0];
418 for (uint8_t xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl++) {
419 if (!p_acl->in_use) {
420 return p_acl;
421 }
422 }
423 return nullptr;
424 }
425
btm_acl_created(const RawAddress & bda,uint16_t hci_handle,tHCI_ROLE link_role,tBT_TRANSPORT transport)426 void btm_acl_created(const RawAddress& bda, uint16_t hci_handle,
427 tHCI_ROLE link_role, tBT_TRANSPORT transport) {
428 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bda, transport);
429 if (p_acl != (tACL_CONN*)NULL) {
430 p_acl->hci_handle = hci_handle;
431 p_acl->link_role = link_role;
432 p_acl->transport = transport;
433 if (transport == BT_TRANSPORT_BR_EDR) {
434 btm_set_link_policy(p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
435 }
436 LOG_WARN(
437 "Unable to create duplicate acl when one already exists handle:%hu"
438 " role:%s transport:%s",
439 hci_handle, RoleText(link_role).c_str(),
440 bt_transport_text(transport).c_str());
441 return;
442 }
443
444 p_acl = internal_.acl_allocate_connection();
445 if (p_acl == nullptr) {
446 LOG_WARN("Unable to find active acl");
447 return;
448 }
449
450 p_acl->in_use = true;
451 p_acl->hci_handle = hci_handle;
452 p_acl->link_role = link_role;
453 p_acl->link_up_issued = false;
454 p_acl->remote_addr = bda;
455 p_acl->sca = 0xFF;
456 p_acl->transport = transport;
457 p_acl->switch_role_failed_attempts = 0;
458 p_acl->reset_switch_role();
459
460 LOG_DEBUG(
461 "Created new ACL connection peer:%s role:%s handle:0x%04x transport:%s",
462 ADDRESS_TO_LOGGABLE_CSTR(bda), RoleText(p_acl->link_role).c_str(), hci_handle,
463 bt_transport_text(transport).c_str());
464
465 if (p_acl->is_transport_br_edr()) {
466 BTM_PM_OnConnected(hci_handle, bda);
467 btm_set_link_policy(p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
468 }
469
470 // save remote properties to iot conf file
471 btm_iot_save_remote_properties(p_acl);
472
473 /* if BR/EDR do something more */
474 if (transport == BT_TRANSPORT_BR_EDR) {
475 btsnd_hcic_read_rmt_clk_offset(hci_handle);
476 }
477
478 if (transport == BT_TRANSPORT_LE) {
479 btm_ble_get_acl_remote_addr(hci_handle, p_acl->active_remote_addr,
480 &p_acl->active_remote_addr_type);
481
482 if (controller_get_interface()
483 ->supports_ble_peripheral_initiated_feature_exchange() ||
484 link_role == HCI_ROLE_CENTRAL) {
485 btsnd_hcic_ble_read_remote_feat(p_acl->hci_handle);
486 } else {
487 internal_.btm_establish_continue(p_acl);
488 }
489 }
490 }
491
btm_acl_create_failed(const RawAddress & bda,tBT_TRANSPORT transport,tHCI_STATUS hci_status)492 void btm_acl_create_failed(const RawAddress& bda, tBT_TRANSPORT transport,
493 tHCI_STATUS hci_status) {
494 BTA_dm_acl_up_failed(bda, transport, hci_status);
495 }
496
btm_configure_data_path(uint8_t direction,uint8_t path_id,std::vector<uint8_t> vendor_config)497 void btm_configure_data_path(uint8_t direction, uint8_t path_id,
498 std::vector<uint8_t> vendor_config) {
499 if (direction != btm_data_direction::CONTROLLER_TO_HOST &&
500 direction != btm_data_direction::HOST_TO_CONTROLLER) {
501 LOG_WARN("Unknown data direction");
502 return;
503 }
504
505 btsnd_hcic_configure_data_path(direction, path_id, vendor_config);
506 }
507
508 /*******************************************************************************
509 *
510 * Function btm_acl_removed
511 *
512 * Description This function is called by L2CAP when an ACL connection
513 * is removed. Since only L2CAP creates ACL links, we use
514 * the L2CAP link index as our index into the control blocks.
515 *
516 * Returns void
517 *
518 ******************************************************************************/
btm_acl_removed(uint16_t handle)519 void btm_acl_removed(uint16_t handle) {
520 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
521 if (p_acl == nullptr) {
522 LOG_WARN("Unable to find active acl");
523 return;
524 }
525 p_acl->in_use = false;
526 NotifyAclLinkDown(*p_acl);
527 if (p_acl->is_transport_br_edr()) {
528 BTM_PM_OnDisconnected(handle);
529 }
530 p_acl->Reset();
531 }
532
533 /*******************************************************************************
534 *
535 * Function btm_acl_device_down
536 *
537 * Description This function is called when the local device is deemed
538 * to be down. It notifies L2CAP of the failure.
539 *
540 * Returns void
541 *
542 ******************************************************************************/
btm_acl_device_down(void)543 void btm_acl_device_down(void) {
544 tACL_CONN* p = &btm_cb.acl_cb_.acl_db[0];
545 uint16_t xx;
546 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
547 if (p->in_use) {
548 l2c_link_hci_disc_comp(p->hci_handle, HCI_ERR_HW_FAILURE);
549 }
550 }
551 BTM_db_reset();
552 }
553
btm_acl_set_paging(bool value)554 void btm_acl_set_paging(bool value) { btm_cb.is_paging = value; }
555
btm_acl_update_inquiry_status(uint8_t status)556 void btm_acl_update_inquiry_status(uint8_t status) {
557 btm_cb.is_inquiry = status == BTM_INQUIRY_STARTED;
558 BTIF_dm_report_inquiry_status_change(status);
559 }
560
BTM_GetRole(const RawAddress & remote_bd_addr,tHCI_ROLE * p_role)561 tBTM_STATUS BTM_GetRole(const RawAddress& remote_bd_addr, tHCI_ROLE* p_role) {
562 if (p_role == nullptr) {
563 return BTM_ILLEGAL_VALUE;
564 }
565 *p_role = HCI_ROLE_UNKNOWN;
566
567 tACL_CONN* p_acl =
568 internal_.btm_bda_to_acl(remote_bd_addr, BT_TRANSPORT_BR_EDR);
569 if (p_acl == nullptr) {
570 LOG_WARN("Unable to find active acl");
571 return BTM_UNKNOWN_ADDR;
572 }
573 *p_role = p_acl->link_role;
574 return BTM_SUCCESS;
575 }
576
577 /*******************************************************************************
578 *
579 * Function BTM_SwitchRoleToCentral
580 *
581 * Description This function is called to switch role between central and
582 * peripheral. If role is already set it will do nothing.
583 *
584 * Returns BTM_SUCCESS if already in specified role.
585 * BTM_CMD_STARTED if command issued to controller.
586 * BTM_NO_RESOURCES if couldn't allocate memory to issue
587 * command
588 * BTM_UNKNOWN_ADDR if no active link with bd addr specified
589 * BTM_MODE_UNSUPPORTED if local device does not support role
590 * switching
591 * BTM_BUSY if the previous command is not completed
592 *
593 ******************************************************************************/
BTM_SwitchRoleToCentral(const RawAddress & remote_bd_addr)594 tBTM_STATUS BTM_SwitchRoleToCentral(const RawAddress& remote_bd_addr) {
595 if (bluetooth::shim::is_gd_l2cap_enabled()) {
596 bluetooth::shim::L2CA_SwitchRoleToCentral(remote_bd_addr);
597 return BTM_SUCCESS;
598 }
599 if (!controller_get_interface()->supports_central_peripheral_role_switch()) {
600 LOG_INFO("Local controller does not support role switching");
601 return BTM_MODE_UNSUPPORTED;
602 }
603
604 tACL_CONN* p_acl =
605 internal_.btm_bda_to_acl(remote_bd_addr, BT_TRANSPORT_BR_EDR);
606 if (p_acl == nullptr) {
607 LOG_WARN("Unable to find active acl");
608 return BTM_UNKNOWN_ADDR;
609 }
610
611 if (p_acl->link_role == HCI_ROLE_CENTRAL) {
612 LOG_INFO("Requested role is already in effect");
613 return BTM_SUCCESS;
614 }
615
616 if (interop_match_addr(INTEROP_DISABLE_ROLE_SWITCH, &remote_bd_addr)) {
617 LOG_INFO("Remote device is on list preventing role switch");
618 return BTM_DEV_RESTRICT_LISTED;
619 }
620
621 if (BTM_IsScoActiveByBdaddr(remote_bd_addr)) {
622 LOG_INFO("An active SCO to device prevents role switch at this time");
623 return BTM_NO_RESOURCES;
624 }
625
626 if (!p_acl->is_switch_role_idle()) {
627 LOG_INFO("Role switch is already progress");
628 return BTM_BUSY;
629 }
630
631 if (interop_match_addr(INTEROP_DYNAMIC_ROLE_SWITCH, &remote_bd_addr)) {
632 LOG_DEBUG("Device restrict listed under INTEROP_DYNAMIC_ROLE_SWITCH");
633 return BTM_DEV_RESTRICT_LISTED;
634 }
635
636 tBTM_PM_MODE pwr_mode;
637 if (!BTM_ReadPowerMode(p_acl->remote_addr, &pwr_mode)) {
638 LOG_WARN(
639 "Unable to find device to read current power mode prior to role "
640 "switch");
641 return BTM_UNKNOWN_ADDR;
642 };
643
644 if (pwr_mode == BTM_PM_MD_PARK || pwr_mode == BTM_PM_MD_SNIFF) {
645 if (!BTM_SetLinkPolicyActiveMode(p_acl->remote_addr)) {
646 LOG_WARN("Unable to set link policy active before attempting switch");
647 return BTM_WRONG_MODE;
648 }
649 p_acl->set_switch_role_changing();
650 }
651 /* some devices do not support switch while encryption is on */
652 else {
653 if (p_acl->is_encrypted && !IsEprAvailable(*p_acl)) {
654 /* bypass turning off encryption if change link key is already doing it */
655 p_acl->set_encryption_off();
656 p_acl->set_switch_role_encryption_off();
657 } else {
658 internal_.hci_start_role_switch_to_central(*p_acl);
659 }
660 }
661
662 return BTM_CMD_STARTED;
663 }
664
665 /*******************************************************************************
666 *
667 * Function btm_acl_encrypt_change
668 *
669 * Description This function is when encryption of the connection is
670 * completed by the LM. Checks to see if a role switch or
671 * change of link key was active and initiates or continues
672 * process if needed.
673 *
674 * Returns void
675 *
676 ******************************************************************************/
btm_acl_encrypt_change(uint16_t handle,uint8_t status,uint8_t encr_enable)677 void btm_acl_encrypt_change(uint16_t handle, uint8_t status,
678 uint8_t encr_enable) {
679 tACL_CONN* p = internal_.acl_get_connection_from_handle(handle);
680 if (p == nullptr) {
681 LOG_WARN("Unable to find active acl");
682 return;
683 }
684
685 /* Common Criteria mode only: if we are trying to drop encryption on an
686 * encrypted connection, drop the connection */
687 if (bluetooth::os::ParameterProvider::IsCommonCriteriaMode()) {
688 if (p->is_encrypted && !encr_enable) {
689 LOG(ERROR)
690 << __func__
691 << " attempting to decrypt encrypted connection, disconnecting. "
692 "handle: "
693 << loghex(handle);
694
695 acl_disconnect_from_handle(handle, HCI_ERR_HOST_REJECT_SECURITY,
696 "stack::btu::btu_hcif::read_drop_encryption "
697 "Connection Already Encrypted");
698 return;
699 }
700 }
701
702 p->is_encrypted = encr_enable;
703
704 /* Process Role Switch if active */
705 if (p->is_switch_role_encryption_off()) {
706 /* if encryption turn off failed we still will try to switch role */
707 if (encr_enable) {
708 p->set_encryption_idle();
709 p->reset_switch_role();
710 } else {
711 p->set_encryption_switching();
712 p->set_switch_role_switching();
713 }
714 internal_.hci_start_role_switch_to_central(*p);
715 }
716 /* Finished enabling Encryption after role switch */
717 else if (p->is_switch_role_encryption_on()) {
718 p->reset_switch_role();
719 p->set_encryption_idle();
720 NotifyAclRoleSwitchComplete(
721 btm_cb.acl_cb_.switch_role_ref_data.remote_bd_addr,
722 btm_cb.acl_cb_.switch_role_ref_data.role,
723 btm_cb.acl_cb_.switch_role_ref_data.hci_status);
724
725 /* If a disconnect is pending, issue it now that role switch has completed
726 */
727 if (p->rs_disc_pending == BTM_SEC_DISC_PENDING) {
728 hci_btsnd_hcic_disconnect(
729 *p, HCI_ERR_PEER_USER,
730 "stack::acl::btm_acl::encrypt after role switch");
731 }
732 p->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
733 }
734 }
735
check_link_policy(tLINK_POLICY * settings)736 static void check_link_policy(tLINK_POLICY* settings) {
737 const controller_t* controller = controller_get_interface();
738
739 if ((*settings & HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH) &&
740 (!controller->supports_role_switch())) {
741 *settings &= (~HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
742 LOG_INFO("Role switch not supported (settings: 0x%04x)", *settings);
743 }
744 if ((*settings & HCI_ENABLE_HOLD_MODE) &&
745 (!controller->supports_hold_mode())) {
746 *settings &= (~HCI_ENABLE_HOLD_MODE);
747 LOG_INFO("hold not supported (settings: 0x%04x)", *settings);
748 }
749 if ((*settings & HCI_ENABLE_SNIFF_MODE) &&
750 (!controller->supports_sniff_mode())) {
751 *settings &= (~HCI_ENABLE_SNIFF_MODE);
752 LOG_INFO("sniff not supported (settings: 0x%04x)", *settings);
753 }
754 if ((*settings & HCI_ENABLE_PARK_MODE) &&
755 (!controller->supports_park_mode())) {
756 *settings &= (~HCI_ENABLE_PARK_MODE);
757 LOG_INFO("park not supported (settings: 0x%04x)", *settings);
758 }
759 }
760
btm_set_link_policy(tACL_CONN * conn,tLINK_POLICY policy)761 void btm_set_link_policy(tACL_CONN* conn, tLINK_POLICY policy) {
762 conn->link_policy = policy;
763 check_link_policy(&conn->link_policy);
764 if ((conn->link_policy & HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH) &&
765 interop_match_addr(INTEROP_DISABLE_SNIFF, &(conn->remote_addr))) {
766 conn->link_policy &= (~HCI_ENABLE_SNIFF_MODE);
767 }
768 btsnd_hcic_write_policy_set(conn->hci_handle,
769 static_cast<uint16_t>(conn->link_policy));
770 }
771
btm_toggle_policy_on_for(const RawAddress & peer_addr,uint16_t flag)772 static void btm_toggle_policy_on_for(const RawAddress& peer_addr,
773 uint16_t flag) {
774 auto conn = internal_.btm_bda_to_acl(peer_addr, BT_TRANSPORT_BR_EDR);
775 if (!conn) {
776 LOG_WARN("Unable to find active acl");
777 return;
778 }
779 btm_set_link_policy(conn, conn->link_policy | flag);
780 }
781
btm_toggle_policy_off_for(const RawAddress & peer_addr,uint16_t flag)782 static void btm_toggle_policy_off_for(const RawAddress& peer_addr,
783 uint16_t flag) {
784 auto conn = internal_.btm_bda_to_acl(peer_addr, BT_TRANSPORT_BR_EDR);
785 if (!conn) {
786 LOG_WARN("Unable to find active acl");
787 return;
788 }
789 btm_set_link_policy(conn, conn->link_policy & ~flag);
790 }
791
BTM_is_sniff_allowed_for(const RawAddress & peer_addr)792 bool BTM_is_sniff_allowed_for(const RawAddress& peer_addr) {
793 auto conn = internal_.btm_bda_to_acl(peer_addr, BT_TRANSPORT_BR_EDR);
794 if (!conn) {
795 LOG_WARN("Unable to find active acl");
796 return false;
797 }
798 return conn->link_policy & HCI_ENABLE_SNIFF_MODE;
799 }
800
BTM_unblock_sniff_mode_for(const RawAddress & peer_addr)801 void BTM_unblock_sniff_mode_for(const RawAddress& peer_addr) {
802 btm_toggle_policy_on_for(peer_addr, HCI_ENABLE_SNIFF_MODE);
803 }
804
BTM_block_sniff_mode_for(const RawAddress & peer_addr)805 void BTM_block_sniff_mode_for(const RawAddress& peer_addr) {
806 btm_toggle_policy_off_for(peer_addr, HCI_ENABLE_SNIFF_MODE);
807 }
808
BTM_unblock_role_switch_for(const RawAddress & peer_addr)809 void BTM_unblock_role_switch_for(const RawAddress& peer_addr) {
810 btm_toggle_policy_on_for(peer_addr, HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
811 }
812
BTM_block_role_switch_for(const RawAddress & peer_addr)813 void BTM_block_role_switch_for(const RawAddress& peer_addr) {
814 btm_toggle_policy_off_for(peer_addr, HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
815 }
816
BTM_unblock_role_switch_and_sniff_mode_for(const RawAddress & peer_addr)817 void BTM_unblock_role_switch_and_sniff_mode_for(const RawAddress& peer_addr) {
818 btm_toggle_policy_on_for(
819 peer_addr, HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
820 }
821
BTM_block_role_switch_and_sniff_mode_for(const RawAddress & peer_addr)822 void BTM_block_role_switch_and_sniff_mode_for(const RawAddress& peer_addr) {
823 btm_toggle_policy_off_for(
824 peer_addr, HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
825 }
826
btm_set_default_link_policy(tLINK_POLICY settings)827 void StackAclBtmAcl::btm_set_default_link_policy(tLINK_POLICY settings) {
828 check_link_policy(&settings);
829 btm_cb.acl_cb_.btm_def_link_policy = settings;
830 btsnd_hcic_write_def_policy_set(settings);
831 }
832
BTM_default_unblock_role_switch()833 void BTM_default_unblock_role_switch() {
834 internal_.btm_set_default_link_policy(btm_cb.acl_cb_.DefaultLinkPolicy() |
835 HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
836 }
837
BTM_default_block_role_switch()838 void BTM_default_block_role_switch() {
839 internal_.btm_set_default_link_policy(btm_cb.acl_cb_.DefaultLinkPolicy() &
840 ~HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
841 }
842
843 /*******************************************************************************
844 *
845 * Function btm_read_remote_version_complete
846 *
847 * Description This function is called when the command complete message
848 * is received from the HCI for the remote version info.
849 *
850 * Returns void
851 *
852 ******************************************************************************/
maybe_chain_more_commands_after_read_remote_version_complete(uint8_t status,uint16_t handle)853 static void maybe_chain_more_commands_after_read_remote_version_complete(
854 uint8_t status, uint16_t handle) {
855 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
856 if (p_acl_cb == nullptr) {
857 LOG_WARN("Received remote version complete for unknown device");
858 return;
859 }
860
861 switch (p_acl_cb->transport) {
862 case BT_TRANSPORT_LE:
863 l2cble_notify_le_connection(p_acl_cb->remote_addr);
864 l2cble_use_preferred_conn_params(p_acl_cb->remote_addr);
865 break;
866 case BT_TRANSPORT_BR_EDR:
867 /**
868 * When running legacy stack continue chain of executing various
869 * read commands. Skip when gd_acl is enabled because that
870 * module handles all remote read functionality.
871 */
872 break;
873 default:
874 LOG_ERROR("Unable to determine transport:%s device:%s",
875 bt_transport_text(p_acl_cb->transport).c_str(),
876 ADDRESS_TO_LOGGABLE_CSTR(p_acl_cb->remote_addr));
877 }
878
879 // save remote versions to iot conf file
880 btm_iot_save_remote_versions(p_acl_cb);
881 }
882
btm_process_remote_version_complete(uint8_t status,uint16_t handle,uint8_t lmp_version,uint16_t manufacturer,uint16_t lmp_subversion)883 void btm_process_remote_version_complete(uint8_t status, uint16_t handle,
884 uint8_t lmp_version,
885 uint16_t manufacturer,
886 uint16_t lmp_subversion) {
887 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
888 if (p_acl_cb == nullptr) {
889 LOG_WARN("Received remote version complete for unknown acl");
890 return;
891 }
892
893 if (status == HCI_SUCCESS) {
894 p_acl_cb->remote_version_info.lmp_version = lmp_version;
895 p_acl_cb->remote_version_info.manufacturer = manufacturer;
896 p_acl_cb->remote_version_info.lmp_subversion = lmp_subversion;
897 p_acl_cb->remote_version_info.valid = true;
898 BTM_update_version_info(p_acl_cb->RemoteAddress(),
899 p_acl_cb->remote_version_info);
900
901 bluetooth::common::LogRemoteVersionInfo(handle, status, lmp_version,
902 manufacturer, lmp_subversion);
903 } else {
904 bluetooth::common::LogRemoteVersionInfo(handle, status, 0, 0, 0);
905 }
906 }
907
btm_read_remote_version_complete(tHCI_STATUS status,uint16_t handle,uint8_t lmp_version,uint16_t manufacturer,uint16_t lmp_subversion)908 void btm_read_remote_version_complete(tHCI_STATUS status, uint16_t handle,
909 uint8_t lmp_version,
910 uint16_t manufacturer,
911 uint16_t lmp_subversion) {
912 btm_process_remote_version_complete(status, handle, lmp_version, manufacturer,
913 lmp_subversion);
914 maybe_chain_more_commands_after_read_remote_version_complete(status, handle);
915 }
916
917 /*******************************************************************************
918 *
919 * Function btm_process_remote_ext_features
920 *
921 * Description Local function called to process all extended features pages
922 * read from a remote device.
923 *
924 * Returns void
925 *
926 ******************************************************************************/
btm_process_remote_ext_features(tACL_CONN * p_acl_cb,uint8_t max_page_number)927 void btm_process_remote_ext_features(tACL_CONN* p_acl_cb,
928 uint8_t max_page_number) {
929 CHECK(p_acl_cb != nullptr);
930 if (!p_acl_cb->peer_lmp_feature_valid[max_page_number]) {
931 LOG_WARN(
932 "Checking remote features but remote feature read is "
933 "incomplete");
934 }
935
936 bool ssp_supported =
937 HCI_SSP_HOST_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[1]);
938 bool secure_connections_supported =
939 HCI_SC_HOST_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[1]);
940 bool role_switch_supported =
941 HCI_SWITCH_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0]);
942 bool br_edr_supported =
943 !HCI_BREDR_NOT_SPT_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0]);
944 bool le_supported =
945 HCI_LE_SPT_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0]) &&
946 HCI_LE_HOST_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[1]);
947 btm_sec_set_peer_sec_caps(p_acl_cb->hci_handle, ssp_supported,
948 secure_connections_supported, role_switch_supported,
949 br_edr_supported, le_supported);
950 }
951
952 /*******************************************************************************
953 *
954 * Function btm_read_remote_ext_features
955 *
956 * Description Local function called to send a read remote extended
957 * features
958 *
959 * Returns void
960 *
961 ******************************************************************************/
btm_read_remote_ext_features(uint16_t handle,uint8_t page_number)962 void btm_read_remote_ext_features(uint16_t handle, uint8_t page_number) {
963 if (bluetooth::shim::is_gd_l2cap_enabled()) {
964 // GD L2cap reads this automatically
965 return;
966 }
967 btsnd_hcic_rmt_ext_features(handle, page_number);
968 }
969
btm_read_remote_features_complete(uint16_t handle,uint8_t * features)970 void btm_read_remote_features_complete(uint16_t handle, uint8_t* features) {
971 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
972 if (p_acl_cb == nullptr) {
973 LOG_WARN("Unable to find active acl");
974 return;
975 }
976
977 /* Copy the received features page */
978 STREAM_TO_ARRAY(p_acl_cb->peer_lmp_feature_pages[0], features,
979 HCI_FEATURE_BYTES_PER_PAGE);
980 p_acl_cb->peer_lmp_feature_valid[0] = true;
981
982 /* save remote supported features to iot conf file */
983 std::string key = IOT_CONF_KEY_RT_SUPP_FEATURES "_" + std::to_string(0);
984
985 DEVICE_IOT_CONFIG_ADDR_SET_BIN(p_acl_cb->remote_addr, key,
986 p_acl_cb->peer_lmp_feature_pages[0],
987 BD_FEATURES_LEN);
988
989 if ((HCI_LMP_EXTENDED_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0])) &&
990 (controller_get_interface()
991 ->supports_reading_remote_extended_features())) {
992 /* if the remote controller has extended features and local controller
993 supports HCI_Read_Remote_Extended_Features command then start reading
994 these feature starting with extended features page 1 */
995 LOG_DEBUG("Start reading remote extended features");
996 btm_read_remote_ext_features(handle, 1);
997 return;
998 }
999
1000 /* Remote controller has no extended features. Process remote controller
1001 supported features (features page 0). */
1002 btm_process_remote_ext_features(p_acl_cb, 0);
1003
1004 /* Continue with HCI connection establishment */
1005 internal_.btm_establish_continue(p_acl_cb);
1006 }
1007
1008 /*******************************************************************************
1009 *
1010 * Function btm_read_remote_ext_features_complete
1011 *
1012 * Description This function is called when the remote extended features
1013 * complete event is received from the HCI.
1014 *
1015 * Returns void
1016 *
1017 ******************************************************************************/
btm_read_remote_ext_features_complete_raw(uint8_t * p,uint8_t evt_len)1018 void btm_read_remote_ext_features_complete_raw(uint8_t* p, uint8_t evt_len) {
1019 uint8_t page_num, max_page;
1020 uint16_t handle;
1021
1022 if (evt_len < HCI_EXT_FEATURES_SUCCESS_EVT_LEN) {
1023 LOG_WARN("Remote extended feature length too short. length=%d", evt_len);
1024 return;
1025 }
1026
1027 ++p;
1028 STREAM_TO_UINT16(handle, p);
1029 STREAM_TO_UINT8(page_num, p);
1030 STREAM_TO_UINT8(max_page, p);
1031
1032 if (max_page > HCI_EXT_FEATURES_PAGE_MAX) {
1033 LOG_WARN("Too many max pages read page=%d unknown", max_page);
1034 return;
1035 }
1036
1037 if (page_num > HCI_EXT_FEATURES_PAGE_MAX) {
1038 LOG_WARN("Too many received pages num_page=%d invalid", page_num);
1039 return;
1040 }
1041
1042 if (page_num > max_page) {
1043 LOG_WARN("num_page=%d, max_page=%d invalid", page_num, max_page);
1044 }
1045
1046 btm_read_remote_ext_features_complete(handle, page_num, max_page, p);
1047 }
1048
btm_read_remote_ext_features_complete(uint16_t handle,uint8_t page_num,uint8_t max_page,uint8_t * features)1049 void btm_read_remote_ext_features_complete(uint16_t handle, uint8_t page_num,
1050 uint8_t max_page,
1051 uint8_t* features) {
1052 /* Validate parameters */
1053 auto* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1054 if (p_acl_cb == nullptr) {
1055 LOG_WARN("Unable to find active acl");
1056 return;
1057 }
1058
1059 /* Copy the received features page */
1060 STREAM_TO_ARRAY(p_acl_cb->peer_lmp_feature_pages[page_num], features,
1061 HCI_FEATURE_BYTES_PER_PAGE);
1062 p_acl_cb->peer_lmp_feature_valid[page_num] = true;
1063
1064 /* save remote extended features to iot conf file */
1065 std::string key = IOT_CONF_KEY_RT_EXT_FEATURES "_" + std::to_string(page_num);
1066
1067 DEVICE_IOT_CONFIG_ADDR_SET_BIN(p_acl_cb->remote_addr, key,
1068 p_acl_cb->peer_lmp_feature_pages[page_num],
1069 BD_FEATURES_LEN);
1070
1071 /* If there is the next remote features page and
1072 * we have space to keep this page data - read this page */
1073 if ((page_num < max_page) && (page_num < HCI_EXT_FEATURES_PAGE_MAX)) {
1074 page_num++;
1075 LOG_DEBUG("BTM reads next remote extended features page (%d)", page_num);
1076 btm_read_remote_ext_features(handle, page_num);
1077 return;
1078 }
1079
1080 /* Reading of remote feature pages is complete */
1081 LOG_DEBUG("BTM reached last remote extended features page (%d)", page_num);
1082
1083 /* Process the pages */
1084 btm_process_remote_ext_features(p_acl_cb, max_page);
1085
1086 /* Continue with HCI connection establishment */
1087 internal_.btm_establish_continue(p_acl_cb);
1088 }
1089
1090 /*******************************************************************************
1091 *
1092 * Function btm_read_remote_ext_features_failed
1093 *
1094 * Description This function is called when the remote extended features
1095 * complete event returns a failed status.
1096 *
1097 * Returns void
1098 *
1099 ******************************************************************************/
btm_read_remote_ext_features_failed(uint8_t status,uint16_t handle)1100 void btm_read_remote_ext_features_failed(uint8_t status, uint16_t handle) {
1101 LOG_WARN("status 0x%02x for handle %d", status, handle);
1102
1103 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1104 if (p_acl_cb == nullptr) {
1105 LOG_WARN("Unable to find active acl");
1106 return;
1107 }
1108
1109 /* Process supported features only */
1110 btm_process_remote_ext_features(p_acl_cb, 0);
1111
1112 /* Continue HCI connection establishment */
1113 internal_.btm_establish_continue(p_acl_cb);
1114 }
1115
1116 /*******************************************************************************
1117 *
1118 * Function btm_establish_continue
1119 *
1120 * Description This function is called when the command complete message
1121 * is received from the HCI for the read local link policy
1122 * request.
1123 *
1124 * Returns void
1125 *
1126 ******************************************************************************/
btm_establish_continue(tACL_CONN * p_acl)1127 void StackAclBtmAcl::btm_establish_continue(tACL_CONN* p_acl) {
1128 CHECK(p_acl != nullptr);
1129
1130 if (p_acl->is_transport_br_edr()) {
1131 /* For now there are a some devices that do not like sending */
1132 /* commands events and data at the same time. */
1133 /* Set the packet types to the default allowed by the device */
1134 const uint16_t default_packet_type_mask =
1135 btm_cb.acl_cb_.DefaultPacketTypes();
1136 if (!internal_.change_connection_packet_types(*p_acl,
1137 default_packet_type_mask)) {
1138 LOG_ERROR("Unable to change connection packet type types:%04x address:%s",
1139 default_packet_type_mask,
1140 ADDRESS_TO_LOGGABLE_CSTR(p_acl->RemoteAddress()));
1141 }
1142 btm_set_link_policy(p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
1143 }
1144 NotifyAclLinkUp(*p_acl);
1145 }
1146
btm_establish_continue_from_address(const RawAddress & bda,tBT_TRANSPORT transport)1147 void btm_establish_continue_from_address(const RawAddress& bda,
1148 tBT_TRANSPORT transport) {
1149 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bda, transport);
1150 if (p_acl == nullptr) {
1151 LOG_WARN("Unable to find active acl");
1152 return;
1153 }
1154 internal_.btm_establish_continue(p_acl);
1155 }
1156
1157 /*******************************************************************************
1158 *
1159 * Function BTM_GetLinkSuperTout
1160 *
1161 * Description Read the link supervision timeout value of the connection
1162 *
1163 * Returns status of the operation
1164 *
1165 ******************************************************************************/
BTM_GetLinkSuperTout(const RawAddress & remote_bda,uint16_t * p_timeout)1166 tBTM_STATUS BTM_GetLinkSuperTout(const RawAddress& remote_bda,
1167 uint16_t* p_timeout) {
1168 CHECK(p_timeout != nullptr);
1169 const tACL_CONN* p_acl =
1170 internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1171 if (p_acl == nullptr) {
1172 LOG_WARN("Unable to find active acl");
1173 return BTM_UNKNOWN_ADDR;
1174 }
1175 *p_timeout = p_acl->link_super_tout;
1176 return BTM_SUCCESS;
1177 }
1178
1179 /*******************************************************************************
1180 *
1181 * Function BTM_SetLinkSuperTout
1182 *
1183 * Description Create and send HCI "Write Link Supervision Timeout" command
1184 *
1185 * Returns status of the operation
1186 *
1187 ******************************************************************************/
BTM_SetLinkSuperTout(const RawAddress & remote_bda,uint16_t timeout)1188 tBTM_STATUS BTM_SetLinkSuperTout(const RawAddress& remote_bda,
1189 uint16_t timeout) {
1190 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1191 if (p_acl == nullptr) {
1192 LOG_WARN("Unable to find active acl");
1193 return BTM_UNKNOWN_ADDR;
1194 }
1195
1196 /* Only send if current role is Central; 2.0 spec requires this */
1197 if (p_acl->link_role == HCI_ROLE_CENTRAL) {
1198 if (!bluetooth::shim::
1199 controller_is_write_link_supervision_timeout_supported()) {
1200 LOG_WARN(
1201 "UNSUPPORTED by controller write link supervision timeout:%.2fms "
1202 "bd_addr:%s",
1203 supervision_timeout_to_seconds(timeout), ADDRESS_TO_LOGGABLE_CSTR(remote_bda));
1204 return BTM_MODE_UNSUPPORTED;
1205 }
1206 p_acl->link_super_tout = timeout;
1207 btsnd_hcic_write_link_super_tout(p_acl->hci_handle, timeout);
1208 LOG_DEBUG("Set supervision timeout:%.2fms bd_addr:%s",
1209 supervision_timeout_to_seconds(timeout),
1210 ADDRESS_TO_LOGGABLE_CSTR(remote_bda));
1211 return BTM_CMD_STARTED;
1212 } else {
1213 LOG_WARN(
1214 "Role is peripheral so unable to set supervision timeout:%.2fms "
1215 "bd_addr:%s",
1216 supervision_timeout_to_seconds(timeout), ADDRESS_TO_LOGGABLE_CSTR(remote_bda));
1217 return BTM_SUCCESS;
1218 }
1219 }
1220
BTM_IsAclConnectionUp(const RawAddress & remote_bda,tBT_TRANSPORT transport)1221 bool BTM_IsAclConnectionUp(const RawAddress& remote_bda,
1222 tBT_TRANSPORT transport) {
1223 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1224 return bluetooth::shim::L2CA_IsLinkEstablished(remote_bda, transport);
1225 }
1226
1227 return internal_.btm_bda_to_acl(remote_bda, transport) != nullptr;
1228 }
1229
BTM_IsAclConnectionUpAndHandleValid(const RawAddress & remote_bda,tBT_TRANSPORT transport)1230 bool BTM_IsAclConnectionUpAndHandleValid(const RawAddress& remote_bda,
1231 tBT_TRANSPORT transport) {
1232 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1233 return bluetooth::shim::L2CA_IsLinkEstablished(remote_bda, transport);
1234 }
1235
1236 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, transport);
1237 if (p_acl == nullptr) {
1238 LOG_WARN("Unable to find active acl");
1239 return false;
1240 }
1241 return p_acl->hci_handle != HCI_INVALID_HANDLE;
1242 }
1243
BTM_IsAclConnectionUpFromHandle(uint16_t hci_handle)1244 bool BTM_IsAclConnectionUpFromHandle(uint16_t hci_handle) {
1245 return internal_.acl_get_connection_from_handle(hci_handle) != nullptr;
1246 }
1247
1248 /*******************************************************************************
1249 *
1250 * Function BTM_GetNumAclLinks
1251 *
1252 * Description This function is called to count the number of
1253 * ACL links that are active.
1254 *
1255 * Returns uint16_t Number of active ACL links
1256 *
1257 ******************************************************************************/
BTM_GetNumAclLinks(void)1258 uint16_t BTM_GetNumAclLinks(void) {
1259 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1260 return bluetooth::shim::L2CA_GetNumLinks();
1261 }
1262 return static_cast<uint16_t>(btm_cb.acl_cb_.NumberOfActiveLinks());
1263 }
1264
1265 /*******************************************************************************
1266 *
1267 * Function btm_get_acl_disc_reason_code
1268 *
1269 * Description This function is called to get the disconnection reason code
1270 * returned by the HCI at disconnection complete event.
1271 *
1272 * Returns true if connection is up, else false.
1273 *
1274 ******************************************************************************/
btm_get_acl_disc_reason_code(void)1275 tHCI_REASON btm_get_acl_disc_reason_code(void) {
1276 return btm_cb.acl_cb_.get_disconnect_reason();
1277 }
1278
1279 /*******************************************************************************
1280 *
1281 * Function btm_is_acl_locally_initiated
1282 *
1283 * Description This function is called to get which side initiates the
1284 * connection, at HCI connection complete event.
1285 *
1286 * Returns true if connection is locally initiated, else false.
1287 *
1288 ******************************************************************************/
btm_is_acl_locally_initiated(void)1289 bool btm_is_acl_locally_initiated(void) {
1290 return btm_cb.acl_cb_.is_locally_initiated();
1291 }
1292
1293 /*******************************************************************************
1294 *
1295 * Function BTM_GetHCIConnHandle
1296 *
1297 * Description This function is called to get the handle for an ACL
1298 * connection to a specific remote BD Address.
1299 *
1300 * Returns the handle of the connection, or HCI_INVALID_HANDLE if none.
1301 *
1302 ******************************************************************************/
BTM_GetHCIConnHandle(const RawAddress & remote_bda,tBT_TRANSPORT transport)1303 uint16_t BTM_GetHCIConnHandle(const RawAddress& remote_bda,
1304 tBT_TRANSPORT transport) {
1305 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1306 return bluetooth::shim::BTM_GetHCIConnHandle(remote_bda, transport);
1307 }
1308
1309 tACL_CONN* p;
1310 p = internal_.btm_bda_to_acl(remote_bda, transport);
1311 if (p != (tACL_CONN*)NULL) {
1312 return (p->hci_handle);
1313 }
1314
1315 /* If here, no BD Addr found */
1316 return HCI_INVALID_HANDLE;
1317 }
1318
1319 /*******************************************************************************
1320 *
1321 * Function BTM_IsPhy2mSupported
1322 *
1323 * Description This function is called to check PHY 2M support
1324 * from peer device
1325 * Returns True when PHY 2M supported false otherwise
1326 *
1327 ******************************************************************************/
BTM_IsPhy2mSupported(const RawAddress & remote_bda,tBT_TRANSPORT transport)1328 bool BTM_IsPhy2mSupported(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1329 tACL_CONN* p;
1330 BTM_TRACE_DEBUG("BTM_IsPhy2mSupported");
1331 p = internal_.btm_bda_to_acl(remote_bda, transport);
1332 if (p == (tACL_CONN*)NULL) {
1333 BTM_TRACE_DEBUG("BTM_IsPhy2mSupported: no connection");
1334 return false;
1335 }
1336
1337 if (!p->peer_le_features_valid) {
1338 LOG_WARN(
1339 "Checking remote features but remote feature read is "
1340 "incomplete");
1341 }
1342 return HCI_LE_2M_PHY_SUPPORTED(p->peer_le_features);
1343 }
1344
1345 /*******************************************************************************
1346 *
1347 * Function BTM_RequestPeerSCA
1348 *
1349 * Description This function is called to request sleep clock accuracy
1350 * from peer device
1351 *
1352 ******************************************************************************/
BTM_RequestPeerSCA(const RawAddress & remote_bda,tBT_TRANSPORT transport)1353 void BTM_RequestPeerSCA(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1354 tACL_CONN* p;
1355 p = internal_.btm_bda_to_acl(remote_bda, transport);
1356 if (p == (tACL_CONN*)NULL) {
1357 LOG_WARN("Unable to find active acl");
1358 return;
1359 }
1360
1361 btsnd_hcic_req_peer_sca(p->hci_handle);
1362 }
1363
1364 /*******************************************************************************
1365 *
1366 * Function BTM_GetPeerSCA
1367 *
1368 * Description This function is called to get peer sleep clock accuracy
1369 *
1370 * Returns SCA or 0xFF if SCA was never previously requested, request
1371 * is not supported by peer device or ACL does not exist
1372 *
1373 ******************************************************************************/
BTM_GetPeerSCA(const RawAddress & remote_bda,tBT_TRANSPORT transport)1374 uint8_t BTM_GetPeerSCA(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1375 tACL_CONN* p;
1376 p = internal_.btm_bda_to_acl(remote_bda, transport);
1377 if (p != (tACL_CONN*)NULL) {
1378 return (p->sca);
1379 }
1380 LOG_WARN("Unable to find active acl");
1381
1382 /* If here, no BD Addr found */
1383 return (0xFF);
1384 }
1385
1386 /*******************************************************************************
1387 *
1388 * Function btm_rejectlist_role_change_device
1389 *
1390 * Description This function is used to rejectlist the device if the role
1391 * switch fails for maximum number of times. It also removes
1392 * the device from the black list if the role switch succeeds.
1393 *
1394 * Input Parms bd_addr - remote BD addr
1395 * hci_status - role switch status
1396 *
1397 * Returns void
1398 *
1399 *******************************************************************************/
btm_rejectlist_role_change_device(const RawAddress & bd_addr,uint8_t hci_status)1400 void btm_rejectlist_role_change_device(const RawAddress& bd_addr,
1401 uint8_t hci_status) {
1402 tACL_CONN* p = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
1403
1404 if (!p) {
1405 LOG_WARN("Unable to find active acl");
1406 return;
1407 }
1408 if (hci_status == HCI_SUCCESS) {
1409 p->switch_role_failed_attempts = 0;
1410 return;
1411 }
1412
1413 /* check for carkits */
1414 const uint32_t cod_audio_device =
1415 (BTM_COD_SERVICE_AUDIO | BTM_COD_MAJOR_AUDIO) << 8;
1416 const uint8_t* dev_class = btm_get_dev_class(bd_addr);
1417 if (dev_class == nullptr) return;
1418 const uint32_t cod =
1419 ((dev_class[0] << 16) | (dev_class[1] << 8) | dev_class[2]) & 0xffffff;
1420 if ((hci_status != HCI_SUCCESS) &&
1421 (p->is_switch_role_switching_or_in_progress()) &&
1422 ((cod & cod_audio_device) == cod_audio_device) &&
1423 (!interop_match_addr(INTEROP_DYNAMIC_ROLE_SWITCH, &bd_addr))) {
1424 p->switch_role_failed_attempts++;
1425 if (p->switch_role_failed_attempts == BTM_MAX_SW_ROLE_FAILED_ATTEMPTS) {
1426 LOG_WARN(
1427 "Device %s rejectlisted for role switching - "
1428 "multiple role switch failed attempts: %u",
1429 ADDRESS_TO_LOGGABLE_CSTR(bd_addr), p->switch_role_failed_attempts);
1430 interop_database_add(INTEROP_DYNAMIC_ROLE_SWITCH, &bd_addr, 3);
1431 }
1432 }
1433 }
1434
1435 /*******************************************************************************
1436 *
1437 * Function acl_cache_role
1438 *
1439 * Description This function caches the role of the device associated
1440 * with the given address. This happens if we get a role change
1441 * before connection complete. The cached role is propagated
1442 * when ACL Link is created.
1443 *
1444 * Returns void
1445 *
1446 ******************************************************************************/
1447
acl_cache_role(const RawAddress & bd_addr,tHCI_ROLE new_role,bool overwrite_cache)1448 void acl_cache_role(const RawAddress& bd_addr, tHCI_ROLE new_role,
1449 bool overwrite_cache) {
1450 if (overwrite_cache || delayed_role_change_ == nullptr) {
1451 RoleChangeView role_change;
1452 role_change.new_role = new_role;
1453 role_change.bd_addr = bd_addr;
1454 delayed_role_change_ =
1455 std::make_unique<RoleChangeView>(std::move(role_change));
1456 }
1457 }
1458
1459 /*******************************************************************************
1460 *
1461 * Function btm_acl_role_changed
1462 *
1463 * Description This function is called whan a link's central/peripheral
1464 *role change event or command status event (with error) is received. It updates
1465 *the link control block, and calls the registered callback with status and role
1466 *(if registered).
1467 *
1468 * Returns void
1469 *
1470 ******************************************************************************/
btm_acl_role_changed(tHCI_STATUS hci_status,const RawAddress & bd_addr,tHCI_ROLE new_role)1471 void StackAclBtmAcl::btm_acl_role_changed(tHCI_STATUS hci_status,
1472 const RawAddress& bd_addr,
1473 tHCI_ROLE new_role) {
1474 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
1475 if (p_acl == nullptr) {
1476 // If we get a role change before connection complete, we cache the new
1477 // role here and then propagate it when ACL Link is created.
1478 acl_cache_role(bd_addr, new_role, /*overwrite_cache=*/true);
1479 LOG_WARN("Unable to find active acl");
1480 return;
1481 }
1482
1483 tBTM_ROLE_SWITCH_CMPL* p_switch_role = &btm_cb.acl_cb_.switch_role_ref_data;
1484 LOG_DEBUG("Role change event received peer:%s hci_status:%s new_role:%s",
1485 ADDRESS_TO_LOGGABLE_CSTR(bd_addr), hci_error_code_text(hci_status).c_str(),
1486 RoleText(new_role).c_str());
1487
1488 p_switch_role->hci_status = hci_status;
1489 if (hci_status == HCI_SUCCESS) {
1490 p_switch_role->role = new_role;
1491 p_switch_role->remote_bd_addr = bd_addr;
1492
1493 /* Update cached value */
1494 p_acl->link_role = new_role;
1495
1496 /* Reload LSTO: link supervision timeout is reset in the LM after a role
1497 * switch */
1498 if (new_role == HCI_ROLE_CENTRAL) {
1499 uint16_t link_supervision_timeout =
1500 osi_property_get_int32(PROPERTY_LINK_SUPERVISION_TIMEOUT, 8000);
1501 BTM_SetLinkSuperTout(bd_addr, link_supervision_timeout);
1502 }
1503 } else {
1504 new_role = p_acl->link_role;
1505 }
1506
1507 /* Check if any SCO req is pending for role change */
1508 btm_sco_chk_pend_rolechange(p_acl->hci_handle);
1509
1510 /* if switching state is switching we need to turn encryption on */
1511 /* if idle, we did not change encryption */
1512 if (p_acl->is_switch_role_switching()) {
1513 p_acl->set_encryption_on();
1514 p_acl->set_switch_role_encryption_on();
1515 return;
1516 }
1517
1518 /* Set the switch_role_state to IDLE since the reply received from HCI */
1519 /* regardless of its result either success or failed. */
1520 if (p_acl->is_switch_role_in_progress()) {
1521 p_acl->set_encryption_idle();
1522 p_acl->reset_switch_role();
1523 }
1524
1525 BTA_dm_report_role_change(bd_addr, new_role, hci_status);
1526 btm_sec_role_changed(hci_status, bd_addr, new_role);
1527
1528 /* If a disconnect is pending, issue it now that role switch has completed */
1529 if (p_acl->rs_disc_pending == BTM_SEC_DISC_PENDING) {
1530 hci_btsnd_hcic_disconnect(*p_acl, HCI_ERR_PEER_USER,
1531 "stack::acl::btm_acl::role after role switch");
1532 }
1533 p_acl->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
1534 }
1535
btm_acl_role_changed(tHCI_STATUS hci_status,const RawAddress & bd_addr,tHCI_ROLE new_role)1536 void btm_acl_role_changed(tHCI_STATUS hci_status, const RawAddress& bd_addr,
1537 tHCI_ROLE new_role) {
1538 btm_rejectlist_role_change_device(bd_addr, hci_status);
1539
1540 if (hci_status == HCI_SUCCESS) {
1541 l2c_link_role_changed(&bd_addr, new_role, hci_status);
1542 } else {
1543 l2c_link_role_changed(nullptr, HCI_ROLE_UNKNOWN,
1544 HCI_ERR_COMMAND_DISALLOWED);
1545 }
1546 internal_.btm_acl_role_changed(hci_status, bd_addr, new_role);
1547 }
1548
1549 /*******************************************************************************
1550 *
1551 * Function change_connection_packet_types
1552 *
1553 * Description This function sets the packet types used for a specific
1554 * ACL connection. It is called internally by btm_acl_created
1555 * or by an application/profile by BTM_SetPacketTypes.
1556 *
1557 * Returns status of the operation
1558 *
1559 ******************************************************************************/
change_connection_packet_types(tACL_CONN & link,const uint16_t new_packet_type_mask)1560 bool StackAclBtmAcl::change_connection_packet_types(
1561 tACL_CONN& link, const uint16_t new_packet_type_mask) {
1562 // Start with the default configured packet types
1563 const uint16_t default_packet_type_mask = btm_cb.acl_cb_.DefaultPacketTypes();
1564
1565 uint16_t packet_type_mask =
1566 default_packet_type_mask &
1567 (new_packet_type_mask & BTM_ACL_SUPPORTED_PKTS_MASK);
1568
1569 /* OR in any exception packet types if at least 2.0 version of spec */
1570 packet_type_mask |=
1571 ((new_packet_type_mask & BTM_ACL_EXCEPTION_PKTS_MASK) |
1572 (BTM_ACL_EXCEPTION_PKTS_MASK & default_packet_type_mask));
1573
1574 /* Exclude packet types not supported by the peer */
1575 if (link.peer_lmp_feature_valid[0]) {
1576 PeerPacketTypes peer_packet_types(link.peer_lmp_feature_pages[0]);
1577 packet_type_mask &= peer_packet_types.acl.supported;
1578 packet_type_mask |= peer_packet_types.acl.unsupported;
1579 } else {
1580 LOG_INFO(
1581 "Unable to include remote supported packet types as read feature "
1582 "incomplete");
1583 LOG_INFO("TIP: Maybe wait until read feature complete beforehand");
1584 }
1585
1586 if (packet_type_mask == 0) {
1587 LOG_WARN("Unable to send controller illegal change packet mask:0x%04x",
1588 packet_type_mask);
1589 return false;
1590 }
1591
1592 link.pkt_types_mask = packet_type_mask;
1593 bluetooth::legacy::hci::GetInterface().ChangeConnectionPacketType(
1594 link.Handle(), link.pkt_types_mask);
1595 LOG_DEBUG("Started change connection packet type:0x%04x address:%s",
1596 link.pkt_types_mask, ADDRESS_TO_LOGGABLE_CSTR(link.RemoteAddress()));
1597 return true;
1598 }
1599
btm_set_packet_types_from_address(const RawAddress & bd_addr,uint16_t pkt_types)1600 void btm_set_packet_types_from_address(const RawAddress& bd_addr,
1601 uint16_t pkt_types) {
1602 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
1603 if (p_acl == nullptr) {
1604 LOG_WARN("Unable to find active acl");
1605 return;
1606 }
1607
1608 if (!internal_.change_connection_packet_types(*p_acl, pkt_types)) {
1609 LOG_ERROR("Unable to change connection packet type types:%04x address:%s",
1610 pkt_types, ADDRESS_TO_LOGGABLE_CSTR(bd_addr));
1611 }
1612 }
1613
1614 /*******************************************************************************
1615 *
1616 * Function BTM_GetMaxPacketSize
1617 *
1618 * Returns Returns maximum packet size that can be used for current
1619 * connection, 0 if connection is not established
1620 *
1621 ******************************************************************************/
BTM_GetMaxPacketSize(const RawAddress & addr)1622 uint16_t BTM_GetMaxPacketSize(const RawAddress& addr) {
1623 tACL_CONN* p = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1624 uint16_t pkt_types = 0;
1625 uint16_t pkt_size = 0;
1626 if (p != NULL) {
1627 pkt_types = p->pkt_types_mask;
1628 } else {
1629 /* Special case for when info for the local device is requested */
1630 if (addr == *controller_get_interface()->get_address()) {
1631 pkt_types = btm_cb.acl_cb_.DefaultPacketTypes();
1632 }
1633 }
1634
1635 if (pkt_types) {
1636 if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_3_DH5))
1637 pkt_size = HCI_EDR3_DH5_PACKET_SIZE;
1638 else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_2_DH5))
1639 pkt_size = HCI_EDR2_DH5_PACKET_SIZE;
1640 else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_3_DH3))
1641 pkt_size = HCI_EDR3_DH3_PACKET_SIZE;
1642 else if (pkt_types & HCI_PKT_TYPES_MASK_DH5)
1643 pkt_size = HCI_DH5_PACKET_SIZE;
1644 else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_2_DH3))
1645 pkt_size = HCI_EDR2_DH3_PACKET_SIZE;
1646 else if (pkt_types & HCI_PKT_TYPES_MASK_DM5)
1647 pkt_size = HCI_DM5_PACKET_SIZE;
1648 else if (pkt_types & HCI_PKT_TYPES_MASK_DH3)
1649 pkt_size = HCI_DH3_PACKET_SIZE;
1650 else if (pkt_types & HCI_PKT_TYPES_MASK_DM3)
1651 pkt_size = HCI_DM3_PACKET_SIZE;
1652 else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_3_DH1))
1653 pkt_size = HCI_EDR3_DH1_PACKET_SIZE;
1654 else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_2_DH1))
1655 pkt_size = HCI_EDR2_DH1_PACKET_SIZE;
1656 else if (pkt_types & HCI_PKT_TYPES_MASK_DH1)
1657 pkt_size = HCI_DH1_PACKET_SIZE;
1658 else if (pkt_types & HCI_PKT_TYPES_MASK_DM1)
1659 pkt_size = HCI_DM1_PACKET_SIZE;
1660 }
1661
1662 return (pkt_size);
1663 }
1664
1665 /*******************************************************************************
1666 *
1667 * Function BTM_ReadRemoteVersion
1668 *
1669 * Returns If connected report peer device info
1670 *
1671 ******************************************************************************/
BTM_ReadRemoteVersion(const RawAddress & addr,uint8_t * lmp_version,uint16_t * manufacturer,uint16_t * lmp_sub_version)1672 bool BTM_ReadRemoteVersion(const RawAddress& addr, uint8_t* lmp_version,
1673 uint16_t* manufacturer, uint16_t* lmp_sub_version) {
1674 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1675 return bluetooth::shim::L2CA_ReadRemoteVersion(
1676 addr, lmp_version, manufacturer, lmp_sub_version);
1677 }
1678
1679 const tACL_CONN* p_acl = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1680 if (p_acl == nullptr) {
1681 p_acl = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_LE);
1682 if (p_acl == nullptr) {
1683 LOG_WARN("Unable to find active acl");
1684 return false;
1685 }
1686 }
1687
1688 if (!p_acl->remote_version_info.valid) {
1689 LOG_WARN("Remote version information is invalid");
1690 return false;
1691 }
1692
1693 if (lmp_version) *lmp_version = p_acl->remote_version_info.lmp_version;
1694
1695 if (manufacturer) *manufacturer = p_acl->remote_version_info.manufacturer;
1696
1697 if (lmp_sub_version)
1698 *lmp_sub_version = p_acl->remote_version_info.lmp_subversion;
1699
1700 return true;
1701 }
1702
1703 /*******************************************************************************
1704 *
1705 * Function BTM_ReadRemoteFeatures
1706 *
1707 * Returns pointer to the remote supported features mask (8 bytes)
1708 *
1709 ******************************************************************************/
BTM_ReadRemoteFeatures(const RawAddress & addr)1710 uint8_t* BTM_ReadRemoteFeatures(const RawAddress& addr) {
1711 if (bluetooth::shim::is_gd_l2cap_enabled()) {
1712 return bluetooth::shim::L2CA_ReadRemoteFeatures(addr);
1713 }
1714 tACL_CONN* p = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1715 if (p == NULL) {
1716 LOG_WARN("Unable to find active acl");
1717 return (NULL);
1718 }
1719
1720 return (p->peer_lmp_feature_pages[0]);
1721 }
1722
1723 /*******************************************************************************
1724 *
1725 * Function BTM_ReadRSSI
1726 *
1727 * Description This function is called to read the link policy settings.
1728 * The address of link policy results are returned in the
1729 * callback.
1730 * (tBTM_RSSI_RESULT)
1731 *
1732 * Returns BTM_CMD_STARTED if successfully initiated or error code
1733 *
1734 ******************************************************************************/
BTM_ReadRSSI(const RawAddress & remote_bda,tBTM_CMPL_CB * p_cb)1735 tBTM_STATUS BTM_ReadRSSI(const RawAddress& remote_bda, tBTM_CMPL_CB* p_cb) {
1736 tACL_CONN* p = NULL;
1737 tBT_DEVICE_TYPE dev_type;
1738 tBLE_ADDR_TYPE addr_type;
1739
1740 /* If someone already waiting on the version, do not allow another */
1741 if (btm_cb.devcb.p_rssi_cmpl_cb) return (BTM_BUSY);
1742
1743 BTM_ReadDevInfo(remote_bda, &dev_type, &addr_type);
1744
1745 if (dev_type & BT_DEVICE_TYPE_BLE) {
1746 p = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_LE);
1747 }
1748
1749 if (p == NULL && dev_type & BT_DEVICE_TYPE_BREDR) {
1750 p = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1751 }
1752
1753 if (p) {
1754 btm_cb.devcb.p_rssi_cmpl_cb = p_cb;
1755 alarm_set_on_mloop(btm_cb.devcb.read_rssi_timer, BTM_DEV_REPLY_TIMEOUT_MS,
1756 btm_read_rssi_timeout, NULL);
1757
1758 btsnd_hcic_read_rssi(p->hci_handle);
1759 return (BTM_CMD_STARTED);
1760 }
1761 LOG_WARN("Unable to find active acl");
1762
1763 /* If here, no BD Addr found */
1764 return (BTM_UNKNOWN_ADDR);
1765 }
1766
1767 /*******************************************************************************
1768 *
1769 * Function BTM_ReadFailedContactCounter
1770 *
1771 * Description This function is called to read the failed contact counter.
1772 * The result is returned in the callback.
1773 * (tBTM_FAILED_CONTACT_COUNTER_RESULT)
1774 *
1775 * Returns BTM_CMD_STARTED if successfully initiated or error code
1776 *
1777 ******************************************************************************/
BTM_ReadFailedContactCounter(const RawAddress & remote_bda,tBTM_CMPL_CB * p_cb)1778 tBTM_STATUS BTM_ReadFailedContactCounter(const RawAddress& remote_bda,
1779 tBTM_CMPL_CB* p_cb) {
1780 tACL_CONN* p;
1781 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1782 tBT_DEVICE_TYPE dev_type;
1783 tBLE_ADDR_TYPE addr_type;
1784
1785 /* If someone already waiting on the result, do not allow another */
1786 if (btm_cb.devcb.p_failed_contact_counter_cmpl_cb) return (BTM_BUSY);
1787
1788 BTM_ReadDevInfo(remote_bda, &dev_type, &addr_type);
1789 if (dev_type == BT_DEVICE_TYPE_BLE) transport = BT_TRANSPORT_LE;
1790
1791 p = internal_.btm_bda_to_acl(remote_bda, transport);
1792 if (p != (tACL_CONN*)NULL) {
1793 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = p_cb;
1794 alarm_set_on_mloop(btm_cb.devcb.read_failed_contact_counter_timer,
1795 BTM_DEV_REPLY_TIMEOUT_MS,
1796 btm_read_failed_contact_counter_timeout, NULL);
1797
1798 btsnd_hcic_read_failed_contact_counter(p->hci_handle);
1799 return (BTM_CMD_STARTED);
1800 }
1801 LOG_WARN("Unable to find active acl");
1802
1803 /* If here, no BD Addr found */
1804 return (BTM_UNKNOWN_ADDR);
1805 }
1806
1807 /*******************************************************************************
1808 *
1809 * Function BTM_ReadTxPower
1810 *
1811 * Description This function is called to read the current
1812 * TX power of the connection. The tx power level results
1813 * are returned in the callback.
1814 * (tBTM_RSSI_RESULT)
1815 *
1816 * Returns BTM_CMD_STARTED if successfully initiated or error code
1817 *
1818 ******************************************************************************/
BTM_ReadTxPower(const RawAddress & remote_bda,tBT_TRANSPORT transport,tBTM_CMPL_CB * p_cb)1819 tBTM_STATUS BTM_ReadTxPower(const RawAddress& remote_bda,
1820 tBT_TRANSPORT transport, tBTM_CMPL_CB* p_cb) {
1821 tACL_CONN* p;
1822 #define BTM_READ_RSSI_TYPE_CUR 0x00
1823 #define BTM_READ_RSSI_TYPE_MAX 0X01
1824
1825 VLOG(2) << __func__ << ": RemBdAddr: " << remote_bda;
1826
1827 /* If someone already waiting on the version, do not allow another */
1828 if (btm_cb.devcb.p_tx_power_cmpl_cb) return (BTM_BUSY);
1829
1830 p = internal_.btm_bda_to_acl(remote_bda, transport);
1831 if (p != (tACL_CONN*)NULL) {
1832 btm_cb.devcb.p_tx_power_cmpl_cb = p_cb;
1833 alarm_set_on_mloop(btm_cb.devcb.read_tx_power_timer,
1834 BTM_DEV_REPLY_TIMEOUT_MS, btm_read_tx_power_timeout,
1835 NULL);
1836
1837 if (p->transport == BT_TRANSPORT_LE) {
1838 btm_cb.devcb.read_tx_pwr_addr = remote_bda;
1839 btsnd_hcic_ble_read_adv_chnl_tx_power();
1840 } else {
1841 btsnd_hcic_read_tx_power(p->hci_handle, BTM_READ_RSSI_TYPE_CUR);
1842 }
1843
1844 return (BTM_CMD_STARTED);
1845 }
1846
1847 LOG_WARN("Unable to find active acl");
1848
1849 /* If here, no BD Addr found */
1850 return (BTM_UNKNOWN_ADDR);
1851 }
1852
1853 /*******************************************************************************
1854 *
1855 * Function btm_read_tx_power_timeout
1856 *
1857 * Description Callback when reading the tx power times out.
1858 *
1859 * Returns void
1860 *
1861 ******************************************************************************/
btm_read_tx_power_timeout(UNUSED_ATTR void * data)1862 void btm_read_tx_power_timeout(UNUSED_ATTR void* data) {
1863 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_tx_power_cmpl_cb;
1864 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
1865 if (p_cb) (*p_cb)((void*)NULL);
1866 }
1867
1868 /*******************************************************************************
1869 *
1870 * Function btm_read_tx_power_complete
1871 *
1872 * Description This function is called when the command complete message
1873 * is received from the HCI for the read tx power request.
1874 *
1875 * Returns void
1876 *
1877 ******************************************************************************/
btm_read_tx_power_complete(uint8_t * p,uint16_t evt_len,bool is_ble)1878 void btm_read_tx_power_complete(uint8_t* p, uint16_t evt_len, bool is_ble) {
1879 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_tx_power_cmpl_cb;
1880 tBTM_TX_POWER_RESULT result;
1881
1882 alarm_cancel(btm_cb.devcb.read_tx_power_timer);
1883 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
1884
1885 /* If there was a registered callback, call it */
1886 if (p_cb) {
1887 if (evt_len < 1) {
1888 goto err_out;
1889 }
1890
1891 STREAM_TO_UINT8(result.hci_status, p);
1892
1893 if (result.hci_status == HCI_SUCCESS) {
1894 result.status = BTM_SUCCESS;
1895
1896 if (!is_ble) {
1897 uint16_t handle;
1898
1899 if (evt_len < 4) {
1900 goto err_out;
1901 }
1902
1903 STREAM_TO_UINT16(handle, p);
1904 STREAM_TO_UINT8(result.tx_power, p);
1905
1906 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1907 if (p_acl_cb != nullptr) {
1908 result.rem_bda = p_acl_cb->remote_addr;
1909 }
1910 } else {
1911 if (evt_len < 2) {
1912 goto err_out;
1913 }
1914
1915 STREAM_TO_UINT8(result.tx_power, p);
1916 result.rem_bda = btm_cb.devcb.read_tx_pwr_addr;
1917 }
1918 LOG_DEBUG("Transmit power complete: tx_power:%d hci status:%s",
1919 result.tx_power,
1920 hci_error_code_text(static_cast<tHCI_STATUS>(result.hci_status))
1921 .c_str());
1922 } else {
1923 result.status = BTM_ERR_PROCESSING;
1924 }
1925
1926 (*p_cb)(&result);
1927 }
1928
1929 return;
1930
1931 err_out:
1932 LOG_ERROR("Bogus event packet, too short");
1933 }
1934
1935 /*******************************************************************************
1936 *
1937 * Function btm_read_rssi_timeout
1938 *
1939 * Description Callback when reading the RSSI times out.
1940 *
1941 * Returns void
1942 *
1943 ******************************************************************************/
btm_read_rssi_timeout(UNUSED_ATTR void * data)1944 void btm_read_rssi_timeout(UNUSED_ATTR void* data) {
1945 tBTM_RSSI_RESULT result;
1946 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
1947 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
1948 result.status = BTM_DEVICE_TIMEOUT;
1949 if (p_cb) (*p_cb)(&result);
1950 }
1951
1952 /*******************************************************************************
1953 *
1954 * Function btm_read_rssi_complete
1955 *
1956 * Description This function is called when the command complete message
1957 * is received from the HCI for the read rssi request.
1958 *
1959 * Returns void
1960 *
1961 ******************************************************************************/
btm_read_rssi_complete(uint8_t * p,uint16_t evt_len)1962 void btm_read_rssi_complete(uint8_t* p, uint16_t evt_len) {
1963 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
1964 tBTM_RSSI_RESULT result;
1965
1966 alarm_cancel(btm_cb.devcb.read_rssi_timer);
1967 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
1968
1969 /* If there was a registered callback, call it */
1970 if (p_cb) {
1971 if (evt_len < 1) {
1972 goto err_out;
1973 }
1974
1975 STREAM_TO_UINT8(result.hci_status, p);
1976 result.status = BTM_ERR_PROCESSING;
1977
1978 if (result.hci_status == HCI_SUCCESS) {
1979 uint16_t handle;
1980
1981 if (evt_len < 4) {
1982 goto err_out;
1983 }
1984 STREAM_TO_UINT16(handle, p);
1985
1986 STREAM_TO_UINT8(result.rssi, p);
1987 LOG_DEBUG("Read rrsi complete rssi:%hhd hci status:%s", result.rssi,
1988 hci_error_code_text(static_cast<tHCI_STATUS>(result.hci_status))
1989 .c_str());
1990
1991 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1992 if (p_acl_cb != nullptr) {
1993 result.rem_bda = p_acl_cb->remote_addr;
1994 result.status = BTM_SUCCESS;
1995 }
1996 }
1997 (*p_cb)(&result);
1998 }
1999
2000 return;
2001
2002 err_out:
2003 LOG_ERROR("Bogus event packet, too short");
2004 }
2005
2006 /*******************************************************************************
2007 *
2008 * Function btm_read_failed_contact_counter_timeout
2009 *
2010 * Description Callback when reading the failed contact counter times out.
2011 *
2012 * Returns void
2013 *
2014 ******************************************************************************/
btm_read_failed_contact_counter_timeout(UNUSED_ATTR void * data)2015 void btm_read_failed_contact_counter_timeout(UNUSED_ATTR void* data) {
2016 tBTM_FAILED_CONTACT_COUNTER_RESULT result;
2017 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_failed_contact_counter_cmpl_cb;
2018 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = NULL;
2019 result.status = BTM_DEVICE_TIMEOUT;
2020 if (p_cb) (*p_cb)(&result);
2021 }
2022
2023 /*******************************************************************************
2024 *
2025 * Function btm_read_failed_contact_counter_complete
2026 *
2027 * Description This function is called when the command complete message
2028 * is received from the HCI for the read failed contact
2029 * counter request.
2030 *
2031 * Returns void
2032 *
2033 ******************************************************************************/
btm_read_failed_contact_counter_complete(uint8_t * p)2034 void btm_read_failed_contact_counter_complete(uint8_t* p) {
2035 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_failed_contact_counter_cmpl_cb;
2036 tBTM_FAILED_CONTACT_COUNTER_RESULT result;
2037
2038 alarm_cancel(btm_cb.devcb.read_failed_contact_counter_timer);
2039 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = NULL;
2040
2041 /* If there was a registered callback, call it */
2042 if (p_cb) {
2043 uint16_t handle;
2044 STREAM_TO_UINT8(result.hci_status, p);
2045
2046 if (result.hci_status == HCI_SUCCESS) {
2047 result.status = BTM_SUCCESS;
2048
2049 STREAM_TO_UINT16(handle, p);
2050
2051 STREAM_TO_UINT16(result.failed_contact_counter, p);
2052 LOG_DEBUG(
2053 "Failed contact counter complete: counter %u, hci status:%s",
2054 result.failed_contact_counter,
2055 hci_status_code_text(to_hci_status_code(result.hci_status)).c_str());
2056
2057 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
2058 if (p_acl_cb != nullptr) {
2059 result.rem_bda = p_acl_cb->remote_addr;
2060 }
2061 } else {
2062 result.status = BTM_ERR_PROCESSING;
2063 }
2064
2065 (*p_cb)(&result);
2066 }
2067 }
2068
2069 /*******************************************************************************
2070 *
2071 * Function btm_read_automatic_flush_timeout_complete
2072 *
2073 * Description This function is called when the command complete message
2074 * is received from the HCI for the read automatic flush
2075 * timeout request.
2076 *
2077 * Returns void
2078 *
2079 ******************************************************************************/
btm_read_automatic_flush_timeout_complete(uint8_t * p)2080 void btm_read_automatic_flush_timeout_complete(uint8_t* p) {
2081 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb;
2082 tBTM_AUTOMATIC_FLUSH_TIMEOUT_RESULT result;
2083
2084 alarm_cancel(btm_cb.devcb.read_automatic_flush_timeout_timer);
2085 btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb = nullptr;
2086
2087 /* If there was a registered callback, call it */
2088 if (p_cb) {
2089 uint16_t handle;
2090 STREAM_TO_UINT8(result.hci_status, p);
2091 result.status = BTM_ERR_PROCESSING;
2092
2093 if (result.hci_status == HCI_SUCCESS) {
2094 result.status = BTM_SUCCESS;
2095
2096 STREAM_TO_UINT16(handle, p);
2097 STREAM_TO_UINT16(result.automatic_flush_timeout, p);
2098 LOG_DEBUG(
2099 "Read automatic flush timeout complete timeout:%hu hci_status:%s",
2100 result.automatic_flush_timeout,
2101 hci_error_code_text(static_cast<tHCI_STATUS>(result.hci_status))
2102 .c_str());
2103
2104 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
2105 if (p_acl_cb != nullptr) {
2106 result.rem_bda = p_acl_cb->remote_addr;
2107 }
2108 }
2109 (*p_cb)(&result);
2110 }
2111 }
2112
2113 /*******************************************************************************
2114 *
2115 * Function btm_read_link_quality_timeout
2116 *
2117 * Description Callback when reading the link quality times out.
2118 *
2119 * Returns void
2120 *
2121 ******************************************************************************/
btm_read_link_quality_timeout(UNUSED_ATTR void * data)2122 void btm_read_link_quality_timeout(UNUSED_ATTR void* data) {
2123 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_link_qual_cmpl_cb;
2124 btm_cb.devcb.p_link_qual_cmpl_cb = NULL;
2125 if (p_cb) (*p_cb)((void*)NULL);
2126 }
2127
2128 /*******************************************************************************
2129 *
2130 * Function btm_read_link_quality_complete
2131 *
2132 * Description This function is called when the command complete message
2133 * is received from the HCI for the read link quality.
2134 *
2135 * Returns void
2136 *
2137 ******************************************************************************/
btm_read_link_quality_complete(uint8_t * p,uint16_t evt_len)2138 void btm_read_link_quality_complete(uint8_t* p, uint16_t evt_len) {
2139 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_link_qual_cmpl_cb;
2140 tBTM_LINK_QUALITY_RESULT result;
2141
2142 alarm_cancel(btm_cb.devcb.read_link_quality_timer);
2143 btm_cb.devcb.p_link_qual_cmpl_cb = NULL;
2144
2145 /* If there was a registered callback, call it */
2146 if (p_cb) {
2147 if (evt_len < 1) {
2148 goto err_out;
2149 }
2150
2151 STREAM_TO_UINT8(result.hci_status, p);
2152
2153 if (result.hci_status == HCI_SUCCESS) {
2154 uint16_t handle;
2155 result.status = BTM_SUCCESS;
2156
2157 if (evt_len < 4) {
2158 goto err_out;
2159 }
2160
2161 STREAM_TO_UINT16(handle, p);
2162
2163 STREAM_TO_UINT8(result.link_quality, p);
2164 LOG_DEBUG("BTM Link Quality Complete: Link Quality %d, hci status:%s",
2165 result.link_quality,
2166 hci_error_code_text(static_cast<tHCI_STATUS>(result.hci_status))
2167 .c_str());
2168
2169 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
2170 if (p_acl_cb != nullptr) {
2171 result.rem_bda = p_acl_cb->remote_addr;
2172 }
2173 } else {
2174 result.status = BTM_ERR_PROCESSING;
2175 }
2176
2177 (*p_cb)(&result);
2178 }
2179
2180 return;
2181
2182 err_out:
2183 LOG_ERROR("Bogus Link Quality event packet, size: %d", evt_len);
2184 }
2185
2186 /*******************************************************************************
2187 *
2188 * Function btm_remove_acl
2189 *
2190 * Description This function is called to disconnect an ACL connection
2191 *
2192 * Returns BTM_SUCCESS if successfully initiated, otherwise
2193 * BTM_UNKNOWN_ADDR.
2194 *
2195 ******************************************************************************/
btm_remove_acl(const RawAddress & bd_addr,tBT_TRANSPORT transport)2196 tBTM_STATUS btm_remove_acl(const RawAddress& bd_addr, tBT_TRANSPORT transport) {
2197 if (bluetooth::shim::is_gd_l2cap_enabled()) {
2198 if (transport == BT_TRANSPORT_LE) {
2199 LOG(ERROR) << __func__ << ": Unsupported";
2200 }
2201 bluetooth::shim::L2CA_DisconnectLink(bd_addr);
2202 return BTM_SUCCESS;
2203 }
2204
2205 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, transport);
2206 if (p_acl == nullptr) {
2207 LOG_WARN("Unable to find active acl");
2208 return BTM_UNKNOWN_ADDR;
2209 }
2210
2211 if (p_acl->Handle() == HCI_INVALID_HANDLE) {
2212 LOG_WARN("Cannot remove unknown acl bd_addr:%s transport:%s",
2213 ADDRESS_TO_LOGGABLE_CSTR(bd_addr), bt_transport_text(transport).c_str());
2214 return BTM_UNKNOWN_ADDR;
2215 }
2216
2217 if (p_acl->rs_disc_pending == BTM_SEC_RS_PENDING) {
2218 LOG_DEBUG(
2219 "Delay disconnect until role switch is complete bd_addr:%s "
2220 "transport:%s",
2221 ADDRESS_TO_LOGGABLE_CSTR(bd_addr), bt_transport_text(transport).c_str());
2222 p_acl->rs_disc_pending = BTM_SEC_DISC_PENDING;
2223 return BTM_SUCCESS;
2224 }
2225
2226 hci_btsnd_hcic_disconnect(*p_acl, HCI_ERR_PEER_USER,
2227 "stack::acl::btm_acl::btm_remove_acl");
2228 return BTM_SUCCESS;
2229 }
2230
2231 /*******************************************************************************
2232 *
2233 * Function BTM_SetTraceLevel
2234 *
2235 * Description This function sets the trace level for BTM. If called with
2236 * a value of 0xFF, it simply returns the current trace level.
2237 *
2238 * Returns The new or current trace level
2239 *
2240 ******************************************************************************/
BTM_SetTraceLevel(uint8_t new_level)2241 uint8_t BTM_SetTraceLevel(uint8_t new_level) {
2242 if (new_level != 0xFF) btm_cb.trace_level = new_level;
2243
2244 return (btm_cb.trace_level);
2245 }
2246
btm_cont_rswitch_from_handle(uint16_t hci_handle)2247 void btm_cont_rswitch_from_handle(uint16_t hci_handle) {
2248 tACL_CONN* p = internal_.acl_get_connection_from_handle(hci_handle);
2249 if (p == nullptr) {
2250 LOG_WARN("Role switch received but with no active ACL");
2251 return;
2252 }
2253
2254 /* Check to see if encryption needs to be turned off if pending
2255 change of link key or role switch */
2256 if (p->is_switch_role_mode_change()) {
2257 /* Must turn off Encryption first if necessary */
2258 /* Some devices do not support switch or change of link key while encryption
2259 * is on */
2260 if (p->is_encrypted && !IsEprAvailable(*p)) {
2261 p->set_encryption_off();
2262 if (p->is_switch_role_mode_change()) {
2263 p->set_switch_role_encryption_off();
2264 }
2265 } else /* Encryption not used or EPR supported, continue with switch
2266 and/or change of link key */
2267 {
2268 if (p->is_switch_role_mode_change()) {
2269 internal_.hci_start_role_switch_to_central(*p);
2270 }
2271 }
2272 }
2273 }
2274
2275 /*******************************************************************************
2276 *
2277 * Function btm_acl_resubmit_page
2278 *
2279 * Description send pending page request
2280 *
2281 ******************************************************************************/
btm_acl_resubmit_page(void)2282 void btm_acl_resubmit_page(void) {
2283 BT_HDR* p_buf;
2284 uint8_t* pp;
2285 /* If there were other page request schedule can start the next one */
2286 p_buf = (BT_HDR*)fixed_queue_try_dequeue(btm_cb.page_queue);
2287 if (p_buf != NULL) {
2288 /* skip 3 (2 bytes opcode and 1 byte len) to get to the bd_addr
2289 * for both create_conn and rmt_name */
2290 pp = (uint8_t*)(p_buf + 1) + p_buf->offset + 3;
2291
2292 RawAddress bda;
2293 STREAM_TO_BDADDR(bda, pp);
2294
2295 btm_cb.connecting_bda = bda;
2296 memcpy(btm_cb.connecting_dc, btm_get_dev_class(bda), DEV_CLASS_LEN);
2297
2298 btu_hcif_send_cmd(LOCAL_BR_EDR_CONTROLLER_ID, p_buf);
2299 } else {
2300 btm_cb.paging = false;
2301 }
2302 }
2303
2304 /*******************************************************************************
2305 *
2306 * Function btm_acl_reset_paging
2307 *
2308 * Description set paging to false and free the page queue - called at
2309 * hci_reset
2310 *
2311 ******************************************************************************/
btm_acl_reset_paging(void)2312 void btm_acl_reset_paging(void) {
2313 BT_HDR* p;
2314 /* If we sent reset we are definitely not paging any more */
2315 while ((p = (BT_HDR*)fixed_queue_try_dequeue(btm_cb.page_queue)) != NULL)
2316 osi_free(p);
2317
2318 btm_cb.paging = false;
2319 }
2320
2321 /*******************************************************************************
2322 *
2323 * Function btm_acl_paging
2324 *
2325 * Description send a paging command or queue it in btm_cb
2326 *
2327 ******************************************************************************/
btm_acl_paging(BT_HDR * p,const RawAddress & bda)2328 void btm_acl_paging(BT_HDR* p, const RawAddress& bda) {
2329 if (!BTM_IsAclConnectionUp(bda, BT_TRANSPORT_BR_EDR)) {
2330 VLOG(1) << "connecting_bda: " << btm_cb.connecting_bda;
2331 if (btm_cb.paging && bda == btm_cb.connecting_bda) {
2332 fixed_queue_enqueue(btm_cb.page_queue, p);
2333 } else {
2334 btm_cb.connecting_bda = bda;
2335 memcpy(btm_cb.connecting_dc, btm_get_dev_class(bda), DEV_CLASS_LEN);
2336
2337 btu_hcif_send_cmd(LOCAL_BR_EDR_CONTROLLER_ID, p);
2338 }
2339
2340 btm_cb.paging = true;
2341 } else /* ACL is already up */
2342 {
2343 btu_hcif_send_cmd(LOCAL_BR_EDR_CONTROLLER_ID, p);
2344 }
2345 }
2346
2347 /*******************************************************************************
2348 *
2349 * Function btm_acl_notif_conn_collision
2350 *
2351 * Description Send connection collision event to upper layer if registered
2352 *
2353 *
2354 ******************************************************************************/
btm_acl_notif_conn_collision(const RawAddress & bda)2355 void btm_acl_notif_conn_collision(const RawAddress& bda) {
2356 do_in_main_thread(FROM_HERE, base::Bind(bta_sys_notify_collision, bda));
2357 }
2358
BTM_BLE_IS_RESOLVE_BDA(const RawAddress & x)2359 bool BTM_BLE_IS_RESOLVE_BDA(const RawAddress& x) {
2360 return ((x.address)[0] & BLE_RESOLVE_ADDR_MASK) == BLE_RESOLVE_ADDR_MSB;
2361 }
2362
acl_refresh_remote_address(const RawAddress & identity_address,tBLE_ADDR_TYPE identity_address_type,const RawAddress & bda,tBTM_SEC_BLE::tADDRESS_TYPE rra_type,const RawAddress & rpa)2363 bool acl_refresh_remote_address(const RawAddress& identity_address,
2364 tBLE_ADDR_TYPE identity_address_type,
2365 const RawAddress& bda,
2366 tBTM_SEC_BLE::tADDRESS_TYPE rra_type,
2367 const RawAddress& rpa) {
2368 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bda, BT_TRANSPORT_LE);
2369 if (p_acl == nullptr) {
2370 LOG_WARN("Unable to find active acl");
2371 return false;
2372 }
2373
2374 if (rra_type == tBTM_SEC_BLE::BTM_BLE_ADDR_PSEUDO) {
2375 /* use identity address, resolvable_private_addr is empty */
2376 if (rpa.IsEmpty()) {
2377 p_acl->active_remote_addr_type = identity_address_type;
2378 p_acl->active_remote_addr = identity_address;
2379 } else {
2380 p_acl->active_remote_addr_type = BLE_ADDR_RANDOM;
2381 p_acl->active_remote_addr = rpa;
2382 }
2383 } else {
2384 p_acl->active_remote_addr_type = static_cast<tBLE_ADDR_TYPE>(rra_type);
2385 p_acl->active_remote_addr = rpa;
2386 }
2387
2388 LOG_DEBUG("active_remote_addr_type: %d ", p_acl->active_remote_addr_type);
2389 return true;
2390 }
2391
acl_peer_supports_ble_connection_parameters_request(const RawAddress & remote_bda)2392 bool acl_peer_supports_ble_connection_parameters_request(
2393 const RawAddress& remote_bda) {
2394 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_LE);
2395 if (p_acl == nullptr) {
2396 LOG_WARN("Unable to find active acl");
2397 return false;
2398 }
2399 if (!p_acl->peer_le_features_valid) {
2400 LOG_WARN(
2401 "Checking remote features but remote feature read is "
2402 "incomplete");
2403 }
2404 return HCI_LE_CONN_PARAM_REQ_SUPPORTED(p_acl->peer_le_features);
2405 }
2406
acl_peer_supports_sniff_subrating(const RawAddress & remote_bda)2407 bool acl_peer_supports_sniff_subrating(const RawAddress& remote_bda) {
2408 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
2409 if (p_acl == nullptr) {
2410 LOG_WARN("Unable to find active acl");
2411 return false;
2412 }
2413 if (!p_acl->peer_lmp_feature_valid[0]) {
2414 LOG_WARN(
2415 "Checking remote features but remote feature read is "
2416 "incomplete");
2417 }
2418 return HCI_SNIFF_SUB_RATE_SUPPORTED(p_acl->peer_lmp_feature_pages[0]);
2419 }
2420
acl_peer_supports_ble_connection_subrating(const RawAddress & remote_bda)2421 bool acl_peer_supports_ble_connection_subrating(const RawAddress& remote_bda) {
2422 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
2423 if (p_acl == nullptr) {
2424 LOG_WARN("Unable to find active acl");
2425 return false;
2426 }
2427 if (!p_acl->peer_le_features_valid) {
2428 LOG_WARN(
2429 "Checking remote features but remote feature read is "
2430 "incomplete");
2431 }
2432 return HCI_LE_CONN_SUBRATING_SUPPORT(p_acl->peer_le_features);
2433 }
2434
acl_peer_supports_ble_connection_subrating_host(const RawAddress & remote_bda)2435 bool acl_peer_supports_ble_connection_subrating_host(
2436 const RawAddress& remote_bda) {
2437 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
2438 if (p_acl == nullptr) {
2439 LOG_WARN("Unable to find active acl");
2440 return false;
2441 }
2442 if (!p_acl->peer_le_features_valid) {
2443 LOG_WARN(
2444 "Checking remote features but remote feature read is "
2445 "incomplete");
2446 }
2447 return HCI_LE_CONN_SUBRATING_HOST_SUPPORT(p_acl->peer_le_features);
2448 }
2449
2450 /*******************************************************************************
2451 *
2452 * Function BTM_ReadConnectionAddr
2453 *
2454 * Description This function is called to get the local device address
2455 * information.
2456 *
2457 * Returns void
2458 *
2459 ******************************************************************************/
BTM_ReadConnectionAddr(const RawAddress & remote_bda,RawAddress & local_conn_addr,tBLE_ADDR_TYPE * p_addr_type)2460 void BTM_ReadConnectionAddr(const RawAddress& remote_bda,
2461 RawAddress& local_conn_addr,
2462 tBLE_ADDR_TYPE* p_addr_type) {
2463 if (bluetooth::shim::is_gd_shim_enabled()) {
2464 return bluetooth::shim::BTM_ReadConnectionAddr(remote_bda, local_conn_addr,
2465 p_addr_type);
2466 }
2467
2468 if (bluetooth::shim::is_gd_l2cap_enabled()) {
2469 bluetooth::shim::L2CA_ReadConnectionAddr(remote_bda, local_conn_addr,
2470 p_addr_type);
2471 return;
2472 } else {
2473 bluetooth::shim::ACL_ReadConnectionAddress(remote_bda, local_conn_addr,
2474 p_addr_type);
2475 return;
2476 }
2477 }
2478
2479 /*******************************************************************************
2480 *
2481 * Function BTM_IsBleConnection
2482 *
2483 * Description This function is called to check if the connection handle
2484 * for an LE link
2485 *
2486 * Returns true if connection is LE link, otherwise false.
2487 *
2488 ******************************************************************************/
BTM_IsBleConnection(uint16_t hci_handle)2489 bool BTM_IsBleConnection(uint16_t hci_handle) {
2490 if (bluetooth::shim::is_gd_shim_enabled()) {
2491 ASSERT_LOG(false, "This should not be invoked from code path");
2492 }
2493
2494 if (bluetooth::shim::is_gd_l2cap_enabled()) {
2495 return bluetooth::shim::L2CA_IsLeLink(hci_handle);
2496 }
2497
2498 const tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2499 if (p_acl == nullptr) return false;
2500 return p_acl->is_transport_ble();
2501 }
2502
acl_address_from_handle(uint16_t handle)2503 const RawAddress acl_address_from_handle(uint16_t handle) {
2504 tACL_CONN* p_acl = acl_get_connection_from_handle(handle);
2505 if (p_acl == nullptr) {
2506 return RawAddress::kEmpty;
2507 }
2508 return p_acl->remote_addr;
2509 }
2510
sco_peer_supports_esco_2m_phy(const RawAddress & remote_bda)2511 bool sco_peer_supports_esco_2m_phy(const RawAddress& remote_bda) {
2512 uint8_t* features = BTM_ReadRemoteFeatures(remote_bda);
2513 if (features == nullptr) {
2514 LOG_WARN(
2515 "Checking remote features but remote feature read is "
2516 "incomplete");
2517 return false;
2518 }
2519 return HCI_EDR_ESCO_2MPS_SUPPORTED(features);
2520 }
2521
sco_peer_supports_esco_3m_phy(const RawAddress & remote_bda)2522 bool sco_peer_supports_esco_3m_phy(const RawAddress& remote_bda) {
2523 uint8_t* features = BTM_ReadRemoteFeatures(remote_bda);
2524 if (features == nullptr) {
2525 LOG_WARN(
2526 "Checking remote features but remote feature read is "
2527 "incomplete");
2528 return false;
2529 }
2530 return HCI_EDR_ESCO_3MPS_SUPPORTED(features);
2531 }
2532
sco_peer_supports_esco_ev3(const RawAddress & remote_bda)2533 bool sco_peer_supports_esco_ev3(const RawAddress& remote_bda) {
2534 uint8_t* features = BTM_ReadRemoteFeatures(remote_bda);
2535 if (features == nullptr) {
2536 LOG_WARN(
2537 "Checking remote features but remote feature read is "
2538 "incomplete");
2539 return false;
2540 }
2541 return HCI_ESCO_EV3_SUPPORTED(features);
2542 }
2543
acl_is_switch_role_idle(const RawAddress & bd_addr,tBT_TRANSPORT transport)2544 bool acl_is_switch_role_idle(const RawAddress& bd_addr,
2545 tBT_TRANSPORT transport) {
2546 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, transport);
2547 if (p_acl == nullptr) {
2548 LOG_WARN("Unable to find active acl");
2549 return false;
2550 }
2551 return p_acl->is_switch_role_idle();
2552 }
2553
2554 /*******************************************************************************
2555 *
2556 * Function BTM_ReadRemoteConnectionAddr
2557 *
2558 * Description This function is read the remote device address currently used
2559 *
2560 * Parameters pseudo_addr: pseudo random address available
2561 * conn_addr:connection address used
2562 * p_addr_type : BD Address type, Public or Random of the address
2563 * used
2564 *
2565 * Returns bool, true if connection to remote device exists, else false
2566 *
2567 ******************************************************************************/
BTM_ReadRemoteConnectionAddr(const RawAddress & pseudo_addr,RawAddress & conn_addr,tBLE_ADDR_TYPE * p_addr_type)2568 bool BTM_ReadRemoteConnectionAddr(const RawAddress& pseudo_addr,
2569 RawAddress& conn_addr,
2570 tBLE_ADDR_TYPE* p_addr_type) {
2571 if (bluetooth::shim::is_gd_shim_enabled()) {
2572 return bluetooth::shim::BTM_ReadRemoteConnectionAddr(pseudo_addr, conn_addr,
2573 p_addr_type);
2574 }
2575
2576 if (bluetooth::shim::is_gd_l2cap_enabled()) {
2577 return bluetooth::shim::L2CA_ReadRemoteConnectionAddr(
2578 pseudo_addr, conn_addr, p_addr_type);
2579 }
2580
2581 bool st = true;
2582 tACL_CONN* p_acl = internal_.btm_bda_to_acl(pseudo_addr, BT_TRANSPORT_LE);
2583
2584 if (p_acl == NULL) {
2585 LOG_WARN("Unable to find active acl");
2586 return false;
2587 }
2588
2589 conn_addr = p_acl->active_remote_addr;
2590 *p_addr_type = p_acl->active_remote_addr_type;
2591 return st;
2592 }
2593
acl_link_role_from_handle(uint16_t handle)2594 uint8_t acl_link_role_from_handle(uint16_t handle) {
2595 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2596 if (p_acl == nullptr) {
2597 return HCI_ROLE_UNKNOWN;
2598 }
2599 return p_acl->link_role;
2600 }
2601
acl_peer_supports_ble_packet_extension(uint16_t hci_handle)2602 bool acl_peer_supports_ble_packet_extension(uint16_t hci_handle) {
2603 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2604 if (p_acl == nullptr) {
2605 return false;
2606 }
2607 if (!p_acl->peer_le_features_valid) {
2608 LOG_WARN(
2609 "Checking remote features but remote feature read is "
2610 "incomplete");
2611 }
2612 return HCI_LE_DATA_LEN_EXT_SUPPORTED(p_acl->peer_le_features);
2613 }
2614
acl_peer_supports_ble_2m_phy(uint16_t hci_handle)2615 bool acl_peer_supports_ble_2m_phy(uint16_t hci_handle) {
2616 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2617 if (p_acl == nullptr) {
2618 return false;
2619 }
2620 if (!p_acl->peer_le_features_valid) {
2621 LOG_WARN(
2622 "Checking remote features but remote feature read is "
2623 "incomplete");
2624 }
2625 return HCI_LE_2M_PHY_SUPPORTED(p_acl->peer_le_features);
2626 }
2627
acl_peer_supports_ble_coded_phy(uint16_t hci_handle)2628 bool acl_peer_supports_ble_coded_phy(uint16_t hci_handle) {
2629 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2630 if (p_acl == nullptr) {
2631 return false;
2632 }
2633 if (!p_acl->peer_le_features_valid) {
2634 LOG_WARN(
2635 "Checking remote features but remote feature read is "
2636 "incomplete");
2637 return false;
2638 }
2639 return HCI_LE_CODED_PHY_SUPPORTED(p_acl->peer_le_features);
2640 }
2641
acl_set_disconnect_reason(tHCI_STATUS acl_disc_reason)2642 void acl_set_disconnect_reason(tHCI_STATUS acl_disc_reason) {
2643 btm_cb.acl_cb_.set_disconnect_reason(acl_disc_reason);
2644 }
2645
acl_set_locally_initiated(bool locally_initiated)2646 void acl_set_locally_initiated(bool locally_initiated) {
2647 btm_cb.acl_cb_.set_locally_initiated(locally_initiated);
2648 }
2649
acl_is_role_switch_allowed()2650 bool acl_is_role_switch_allowed() {
2651 return btm_cb.acl_cb_.DefaultLinkPolicy() &
2652 HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH;
2653 }
2654
acl_get_supported_packet_types()2655 uint16_t acl_get_supported_packet_types() {
2656 return btm_cb.acl_cb_.DefaultPacketTypes();
2657 }
2658
acl_set_peer_le_features_from_handle(uint16_t hci_handle,const uint8_t * p)2659 bool acl_set_peer_le_features_from_handle(uint16_t hci_handle,
2660 const uint8_t* p) {
2661 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2662 if (p_acl == nullptr) {
2663 return false;
2664 }
2665 STREAM_TO_ARRAY(p_acl->peer_le_features, p, BD_FEATURES_LEN);
2666 p_acl->peer_le_features_valid = true;
2667 LOG_DEBUG("Completed le feature read request");
2668
2669 /* save LE remote supported features to iot conf file */
2670 std::string key = IOT_CONF_KEY_RT_SUPP_FEATURES "_" + std::to_string(0);
2671
2672 DEVICE_IOT_CONFIG_ADDR_SET_BIN(p_acl->remote_addr, key,
2673 p_acl->peer_le_features, BD_FEATURES_LEN);
2674 return true;
2675 }
2676
on_acl_br_edr_connected(const RawAddress & bda,uint16_t handle,uint8_t enc_mode,bool locally_initiated)2677 void on_acl_br_edr_connected(const RawAddress& bda, uint16_t handle,
2678 uint8_t enc_mode, bool locally_initiated) {
2679 if (delayed_role_change_ != nullptr && delayed_role_change_->bd_addr == bda) {
2680 btm_sec_connected(bda, handle, HCI_SUCCESS, enc_mode,
2681 delayed_role_change_->new_role);
2682 } else {
2683 btm_sec_connected(bda, handle, HCI_SUCCESS, enc_mode);
2684 }
2685 delayed_role_change_ = nullptr;
2686 btm_acl_set_paging(false);
2687 l2c_link_hci_conn_comp(HCI_SUCCESS, handle, bda);
2688 uint16_t link_supervision_timeout =
2689 osi_property_get_int32(PROPERTY_LINK_SUPERVISION_TIMEOUT, 8000);
2690 BTM_SetLinkSuperTout(bda, link_supervision_timeout);
2691
2692 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2693 if (p_acl == nullptr) {
2694 LOG_WARN("Unable to find active acl");
2695 return;
2696 }
2697
2698 acl_set_locally_initiated(locally_initiated);
2699
2700 /*
2701 * The legacy code path informs the upper layer via the BTA
2702 * layer after all relevant read_remote_ commands are complete.
2703 * The GD code path has ownership of the read_remote_ commands
2704 * and thus may inform the upper layers about the connection.
2705 */
2706 NotifyAclLinkUp(*p_acl);
2707 }
2708
on_acl_br_edr_failed(const RawAddress & bda,tHCI_STATUS status,bool locally_initiated)2709 void on_acl_br_edr_failed(const RawAddress& bda, tHCI_STATUS status,
2710 bool locally_initiated) {
2711 ASSERT_LOG(status != HCI_SUCCESS,
2712 "Successful connection entering failing code path");
2713 if (delayed_role_change_ != nullptr && delayed_role_change_->bd_addr == bda) {
2714 btm_sec_connected(bda, HCI_INVALID_HANDLE, status, false,
2715 delayed_role_change_->new_role);
2716 } else {
2717 btm_sec_connected(bda, HCI_INVALID_HANDLE, status, false);
2718 }
2719 delayed_role_change_ = nullptr;
2720 btm_acl_set_paging(false);
2721 l2c_link_hci_conn_comp(status, HCI_INVALID_HANDLE, bda);
2722
2723 acl_set_locally_initiated(locally_initiated);
2724 btm_acl_create_failed(bda, BT_TRANSPORT_BR_EDR, status);
2725 }
2726
btm_acl_connected(const RawAddress & bda,uint16_t handle,tHCI_STATUS status,uint8_t enc_mode)2727 void btm_acl_connected(const RawAddress& bda, uint16_t handle,
2728 tHCI_STATUS status, uint8_t enc_mode) {
2729 switch (status) {
2730 case HCI_SUCCESS:
2731 return on_acl_br_edr_connected(bda, handle, enc_mode,
2732 true /* locally_initiated */);
2733 default:
2734 return on_acl_br_edr_failed(bda, status, /* locally_initiated */ true);
2735 }
2736 }
2737
btm_acl_iso_disconnected(uint16_t handle,tHCI_REASON reason)2738 void btm_acl_iso_disconnected(uint16_t handle, tHCI_REASON reason) {
2739 LOG_INFO("ISO disconnection from GD, handle: 0x%02x, reason: 0x%02x", handle,
2740 reason);
2741 bluetooth::hci::IsoManager::GetInstance()->HandleDisconnect(handle, reason);
2742 }
2743
btm_acl_disconnected(tHCI_STATUS status,uint16_t handle,tHCI_REASON reason)2744 void btm_acl_disconnected(tHCI_STATUS status, uint16_t handle,
2745 tHCI_REASON reason) {
2746 if (status != HCI_SUCCESS) {
2747 LOG_WARN("Received disconnect with error:%s",
2748 hci_error_code_text(status).c_str());
2749 }
2750
2751 /* There can be a case when we rejected PIN code authentication */
2752 /* otherwise save a new reason */
2753 if (btm_get_acl_disc_reason_code() != HCI_ERR_HOST_REJECT_SECURITY) {
2754 acl_set_disconnect_reason(static_cast<tHCI_STATUS>(reason));
2755 }
2756
2757 /* If L2CAP or SCO doesn't know about it, send it to ISO */
2758 if (!l2c_link_hci_disc_comp(handle, reason) &&
2759 !btm_sco_removed(handle, reason)) {
2760 bluetooth::hci::IsoManager::GetInstance()->HandleDisconnect(handle, reason);
2761 }
2762
2763 /* Notify security manager */
2764 btm_sec_disconnected(handle, reason,
2765 "stack::acl::btm_acl::btm_acl_disconnected");
2766 }
2767
acl_create_classic_connection(const RawAddress & bd_addr,bool there_are_high_priority_channels,bool is_bonding)2768 void acl_create_classic_connection(const RawAddress& bd_addr,
2769 bool there_are_high_priority_channels,
2770 bool is_bonding) {
2771 return bluetooth::shim::ACL_CreateClassicConnection(bd_addr);
2772 }
2773
btm_connection_request(const RawAddress & bda,const bluetooth::types::ClassOfDevice & cod)2774 void btm_connection_request(const RawAddress& bda,
2775 const bluetooth::types::ClassOfDevice& cod) {
2776 // Copy Cod information
2777 DEV_CLASS dc;
2778 dc[0] = cod.cod[2], dc[1] = cod.cod[1], dc[2] = cod.cod[0];
2779
2780 btm_sec_conn_req(bda, dc);
2781 }
2782
btm_acl_connection_request(const RawAddress & bda,uint8_t * dc)2783 void btm_acl_connection_request(const RawAddress& bda, uint8_t* dc) {
2784 btm_sec_conn_req(bda, dc);
2785 l2c_link_hci_conn_req(bda);
2786 }
2787
acl_accept_connection_request(const RawAddress & bd_addr,uint8_t role)2788 void acl_accept_connection_request(const RawAddress& bd_addr, uint8_t role) {
2789 btsnd_hcic_accept_conn(bd_addr, role);
2790 }
2791
acl_reject_connection_request(const RawAddress & bd_addr,uint8_t reason)2792 void acl_reject_connection_request(const RawAddress& bd_addr, uint8_t reason) {
2793 btsnd_hcic_reject_conn(bd_addr, reason);
2794 }
2795
acl_disconnect_from_handle(uint16_t handle,tHCI_STATUS reason,std::string comment)2796 void acl_disconnect_from_handle(uint16_t handle, tHCI_STATUS reason,
2797 std::string comment) {
2798 acl_disconnect_after_role_switch(handle, reason, comment);
2799 }
2800
acl_disconnect_after_role_switch(uint16_t conn_handle,tHCI_STATUS reason,std::string comment)2801 void acl_disconnect_after_role_switch(uint16_t conn_handle, tHCI_STATUS reason,
2802 std::string comment) {
2803 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(conn_handle);
2804 if (p_acl == nullptr) {
2805 LOG_ERROR("Sending disconnect for unknown acl:%hu PLEASE FIX", conn_handle);
2806 GetLegacyHciInterface().Disconnect(conn_handle, reason);
2807 return;
2808 }
2809
2810 /* If a role switch is in progress, delay the HCI Disconnect to avoid
2811 * controller problem */
2812 if (p_acl->rs_disc_pending == BTM_SEC_RS_PENDING) {
2813 LOG_DEBUG(
2814 "Role switch in progress - Set DISC Pending flag in "
2815 "btm_sec_send_hci_disconnect "
2816 "to delay disconnect");
2817 p_acl->rs_disc_pending = BTM_SEC_DISC_PENDING;
2818 } else {
2819 LOG_DEBUG("Sending acl disconnect reason:%s [%hu]",
2820 hci_error_code_text(reason).c_str(), reason);
2821 hci_btsnd_hcic_disconnect(*p_acl, reason, comment);
2822 }
2823 }
2824
acl_send_data_packet_br_edr(const RawAddress & bd_addr,BT_HDR * p_buf)2825 void acl_send_data_packet_br_edr(const RawAddress& bd_addr, BT_HDR* p_buf) {
2826 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
2827 if (p_acl == nullptr) {
2828 LOG_WARN("Acl br_edr data write for unknown device:%s",
2829 ADDRESS_TO_LOGGABLE_CSTR(bd_addr));
2830 osi_free(p_buf);
2831 return;
2832 }
2833 return bluetooth::shim::ACL_WriteData(p_acl->hci_handle, p_buf);
2834 }
2835
acl_send_data_packet_ble(const RawAddress & bd_addr,BT_HDR * p_buf)2836 void acl_send_data_packet_ble(const RawAddress& bd_addr, BT_HDR* p_buf) {
2837 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_LE);
2838 if (p_acl == nullptr) {
2839 LOG_WARN("Acl le data write for unknown device:%s",
2840 ADDRESS_TO_LOGGABLE_CSTR(bd_addr));
2841 osi_free(p_buf);
2842 return;
2843 }
2844 return bluetooth::shim::ACL_WriteData(p_acl->hci_handle, p_buf);
2845 }
2846
acl_write_automatic_flush_timeout(const RawAddress & bd_addr,uint16_t flush_timeout_in_ticks)2847 void acl_write_automatic_flush_timeout(const RawAddress& bd_addr,
2848 uint16_t flush_timeout_in_ticks) {
2849 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
2850 if (p_acl == nullptr) {
2851 LOG_WARN("Unable to find active acl");
2852 return;
2853 }
2854 if (p_acl->flush_timeout_in_ticks == flush_timeout_in_ticks) {
2855 LOG_INFO(
2856 "Ignoring since cached value is same as requested flush_timeout:%hd",
2857 flush_timeout_in_ticks);
2858 return;
2859 }
2860 flush_timeout_in_ticks &= HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT;
2861 p_acl->flush_timeout_in_ticks = flush_timeout_in_ticks;
2862 btsnd_hcic_write_auto_flush_tout(p_acl->hci_handle, flush_timeout_in_ticks);
2863 }
2864
acl_create_le_connection_with_id(uint8_t id,const RawAddress & bd_addr,tBLE_ADDR_TYPE addr_type)2865 bool acl_create_le_connection_with_id(uint8_t id, const RawAddress& bd_addr,
2866 tBLE_ADDR_TYPE addr_type) {
2867 tBLE_BD_ADDR address_with_type{
2868 .bda = bd_addr,
2869 .type = addr_type,
2870 };
2871
2872 gatt_find_in_device_record(bd_addr, &address_with_type);
2873
2874 LOG_DEBUG("Creating le direct connection to:%s type:%s (initial type: %s)",
2875 ADDRESS_TO_LOGGABLE_CSTR(address_with_type),
2876 AddressTypeText(address_with_type.type).c_str(),
2877 AddressTypeText(addr_type).c_str());
2878
2879 if (address_with_type.type == BLE_ADDR_ANONYMOUS) {
2880 LOG_WARN(
2881 "Creating le direct connection to:%s, address type 'anonymous' is "
2882 "invalid",
2883 ADDRESS_TO_LOGGABLE_CSTR(address_with_type));
2884 return false;
2885 }
2886
2887 // argument list
2888 auto argument_list = std::vector<std::pair<bluetooth::os::ArgumentType, int>>();
2889
2890 bluetooth::shim::LogMetricBluetoothLEConnectionMetricEvent(
2891 bd_addr, android::bluetooth::le::LeConnectionOriginType::ORIGIN_NATIVE,
2892 android::bluetooth::le::LeConnectionType::CONNECTION_TYPE_LE_ACL,
2893 android::bluetooth::le::LeConnectionState::STATE_LE_ACL_START,
2894 argument_list);
2895
2896 if (bluetooth::common::init_flags::
2897 use_unified_connection_manager_is_enabled()) {
2898 bluetooth::connection::GetConnectionManager().start_direct_connection(
2899 id, bluetooth::core::ToRustAddress(address_with_type));
2900 } else {
2901 bluetooth::shim::ACL_AcceptLeConnectionFrom(address_with_type,
2902 /* is_direct */ true);
2903 }
2904 return true;
2905 }
2906
acl_create_le_connection_with_id(uint8_t id,const RawAddress & bd_addr)2907 bool acl_create_le_connection_with_id(uint8_t id, const RawAddress& bd_addr) {
2908 return acl_create_le_connection_with_id(id, bd_addr, BLE_ADDR_PUBLIC);
2909 }
2910
acl_create_le_connection(const RawAddress & bd_addr)2911 bool acl_create_le_connection(const RawAddress& bd_addr) {
2912 return acl_create_le_connection_with_id(CONN_MGR_ID_L2CAP, bd_addr);
2913 }
2914
acl_rcv_acl_data(BT_HDR * p_msg)2915 void acl_rcv_acl_data(BT_HDR* p_msg) {
2916 acl_header_t acl_header{
2917 .handle = HCI_INVALID_HANDLE,
2918 .hci_len = 0,
2919 };
2920 const uint8_t* p = (uint8_t*)(p_msg + 1) + p_msg->offset;
2921
2922 STREAM_TO_UINT16(acl_header.handle, p);
2923 acl_header.handle = HCID_GET_HANDLE(acl_header.handle);
2924
2925 STREAM_TO_UINT16(acl_header.hci_len, p);
2926 if (acl_header.hci_len < L2CAP_PKT_OVERHEAD ||
2927 acl_header.hci_len != p_msg->len - sizeof(acl_header)) {
2928 LOG_WARN("Received mismatched hci header length:%u data_len:%zu",
2929 acl_header.hci_len, p_msg->len - sizeof(acl_header));
2930 osi_free(p_msg);
2931 return;
2932 }
2933 l2c_rcv_acl_data(p_msg);
2934 }
2935
acl_link_segments_xmitted(BT_HDR * p_msg)2936 void acl_link_segments_xmitted(BT_HDR* p_msg) {
2937 l2c_link_segments_xmitted(p_msg);
2938 }
2939
acl_packets_completed(uint16_t handle,uint16_t credits)2940 void acl_packets_completed(uint16_t handle, uint16_t credits) {
2941 l2c_packets_completed(handle, credits);
2942 bluetooth::hci::IsoManager::GetInstance()->HandleGdNumComplDataPkts(handle,
2943 credits);
2944 }
2945
acl_process_supported_features(uint16_t handle,uint64_t features)2946 void acl_process_supported_features(uint16_t handle, uint64_t features) {
2947 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2948 if (p_acl == nullptr) {
2949 LOG_WARN("Unable to find active acl");
2950 return;
2951 }
2952 const uint8_t current_page_number = 0;
2953
2954 memcpy(p_acl->peer_lmp_feature_pages[current_page_number],
2955 (uint8_t*)&features, sizeof(uint64_t));
2956 p_acl->peer_lmp_feature_valid[current_page_number] = true;
2957
2958 LOG_DEBUG(
2959 "Copied supported feature pages handle:%hu current_page_number:%hhu "
2960 "features:%s",
2961 handle, current_page_number,
2962 bd_features_text(p_acl->peer_lmp_feature_pages[current_page_number])
2963 .c_str());
2964
2965 if ((HCI_LMP_EXTENDED_SUPPORTED(p_acl->peer_lmp_feature_pages[0])) &&
2966 (controller_get_interface()
2967 ->supports_reading_remote_extended_features())) {
2968 LOG_DEBUG("Waiting for remote extended feature response to arrive");
2969 } else {
2970 LOG_DEBUG("No more remote features outstanding so notify upper layer");
2971 NotifyAclFeaturesReadComplete(*p_acl, current_page_number);
2972 }
2973 }
2974
acl_process_extended_features(uint16_t handle,uint8_t current_page_number,uint8_t max_page_number,uint64_t features)2975 void acl_process_extended_features(uint16_t handle, uint8_t current_page_number,
2976 uint8_t max_page_number, uint64_t features) {
2977 if (current_page_number > HCI_EXT_FEATURES_PAGE_MAX) {
2978 LOG_WARN("Unable to process current_page_number:%hhu", current_page_number);
2979 return;
2980 }
2981 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2982 if (p_acl == nullptr) {
2983 LOG_WARN("Unable to find active acl");
2984 return;
2985 }
2986 memcpy(p_acl->peer_lmp_feature_pages[current_page_number],
2987 (uint8_t*)&features, sizeof(uint64_t));
2988 p_acl->peer_lmp_feature_valid[current_page_number] = true;
2989
2990 LOG_DEBUG(
2991 "Copied extended feature pages handle:%hu current_page_number:%hhu "
2992 "max_page_number:%hhu features:%s",
2993 handle, current_page_number, max_page_number,
2994 bd_features_text(p_acl->peer_lmp_feature_pages[current_page_number])
2995 .c_str());
2996
2997 if (max_page_number == 0 || max_page_number == current_page_number) {
2998 NotifyAclFeaturesReadComplete(*p_acl, max_page_number);
2999 }
3000 }
3001
ACL_RegisterClient(struct acl_client_callback_s * callbacks)3002 void ACL_RegisterClient(struct acl_client_callback_s* callbacks) {
3003 LOG_DEBUG("UNIMPLEMENTED");
3004 }
3005
ACL_UnregisterClient(struct acl_client_callback_s * callbacks)3006 void ACL_UnregisterClient(struct acl_client_callback_s* callbacks) {
3007 LOG_DEBUG("UNIMPLEMENTED");
3008 }
3009
ACL_SupportTransparentSynchronousData(const RawAddress & bd_addr)3010 bool ACL_SupportTransparentSynchronousData(const RawAddress& bd_addr) {
3011 const tACL_CONN* p_acl =
3012 internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
3013 if (p_acl == nullptr) {
3014 LOG_WARN("Unable to find active acl");
3015 return false;
3016 }
3017
3018 return HCI_LMP_TRANSPNT_SUPPORTED(p_acl->peer_lmp_feature_pages[0]);
3019 }
3020
3021 /**
3022 * Confusingly, immutable device features are stored in the
3023 * ephemeral connection data structure while connection security
3024 * is stored in the device record.
3025 *
3026 * This HACK allows legacy security protocols to work as intended under
3027 * those conditions.
3028 */
HACK_acl_check_sm4(tBTM_SEC_DEV_REC & record)3029 void HACK_acl_check_sm4(tBTM_SEC_DEV_REC& record) {
3030 // Return if we already know this info
3031 if ((record.sm4 & BTM_SM4_TRUE) != BTM_SM4_UNKNOWN) return;
3032
3033 tACL_CONN* p_acl =
3034 internal_.btm_bda_to_acl(record.RemoteAddress(), BT_TRANSPORT_BR_EDR);
3035 if (p_acl == nullptr) {
3036 LOG_WARN("Unable to find active acl for authentication device:%s",
3037 ADDRESS_TO_LOGGABLE_CSTR(record.RemoteAddress()));
3038 return;
3039 }
3040
3041 // If we have not received the SSP feature record
3042 // we have to wait
3043 if (!p_acl->peer_lmp_feature_valid[1]) {
3044 LOG_WARN(
3045 "Authentication started without extended feature page 1 request "
3046 "response");
3047 return;
3048 }
3049 record.sm4 = (HCI_SSP_HOST_SUPPORTED(p_acl->peer_lmp_feature_pages[1]))
3050 ? BTM_SM4_TRUE
3051 : BTM_SM4_KNOWN;
3052 }
3053
btm_acl_for_bda(const RawAddress & bd_addr,tBT_TRANSPORT transport)3054 tACL_CONN* btm_acl_for_bda(const RawAddress& bd_addr, tBT_TRANSPORT transport) {
3055 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, transport);
3056 if (p_acl == nullptr) {
3057 LOG_WARN("Unable to find active acl");
3058 return nullptr;
3059 }
3060 return p_acl;
3061 }
3062