1 /******************************************************************************
2 *
3 * Copyright (C) 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the action functions for device manager state
22 * machine.
23 *
24 ******************************************************************************/
25
26 #include "bt_types.h"
27 #include "gki.h"
28 #include "bd.h"
29 #include "bta_sys.h"
30 #include "bta_api.h"
31 #include "bta_dm_int.h"
32 #include "bta_dm_co.h"
33 #include "btm_api.h"
34 #include "btm_int.h"
35 #include "btu.h"
36 #include "sdp_api.h"
37 #include "l2c_api.h"
38 #include "wbt_api.h"
39 #include "utl.h"
40 #include <string.h>
41
42 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
43 static void bta_dm_inq_cmpl_cb (void * p_result);
44 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name);
45 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name);
46 static void bta_dm_find_services ( BD_ADDR bd_addr);
47 static void bta_dm_discover_next_device(void);
48 static void bta_dm_sdp_callback (UINT16 sdp_status);
49 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator);
50 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name);
51 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key);
52 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, LINK_KEY key, UINT8 key_type);
53 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result);
54 static void bta_dm_local_name_cback(BD_ADDR bd_addr);
55 static BOOLEAN bta_dm_check_av(UINT16 event);
56 #if (BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
57 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data);
58 #else
59 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, BD_FEATURES features, BOOLEAN is_new);
60 #endif
61 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
62
63 /* Extended Inquiry Response */
64 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data);
65
66 #if (BTM_EIR_SERVER_INCLUDED == TRUE)
67 static void bta_dm_set_eir (char *local_name);
68 #endif /* BTM_EIR_SERVER_INCLUDED */
69
70 #if (BTM_EIR_CLIENT_INCLUDED == TRUE)
71 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
72 tBTA_SERVICE_MASK *p_services_to_search,
73 tBTA_SERVICE_MASK *p_services_found);
74 #endif /* BTM_EIR_CLIENT_INCLUDED */
75
76 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result);
77 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle);
78 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result);
79 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle);
80 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle);
81 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle);
82 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
83 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch);
84 static char *bta_dm_get_remname(void);
85 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result);
86
87 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr);
88 static void bta_dm_discover_device(BD_ADDR remote_bd_addr);
89
90 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status );
91
92 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr);
93 static void bta_dm_delay_role_switch_cback (TIMER_LIST_ENT *p_tle);
94
95
96 #if ((defined BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
97 #if ((defined SMP_INCLUDED) && (SMP_INCLUDED == TRUE))
98 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data);
99 #endif
100 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key);
101 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
102 static void btm_dm_start_gatt_discovery ( BD_ADDR bd_addr);
103 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr);
104 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data);
105 #endif
106 #endif
107
108 extern void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8* p_uuid128);
109
110 const UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID] =
111 {
112 UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */
113 UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
114 UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */
115 UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */
116 UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */
117 UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
118 UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
119 UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */
120 UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */
121 UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */
122 UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */
123 UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
124 UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */
125 UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */
126 UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */
127 UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */
128 UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */
129 UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */
130 UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */
131 UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */
132 UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */
133 UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */
134 UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */
135 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */
136 UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
137 UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */
138 UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */
139 UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */
140 UUID_SERVCLASS_PBAP_PCE /* BTA_PCE_SERVICE_ID */
141 #if BLE_INCLUDED && BTA_GATT_INCLUDED
142 ,UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */
143 #endif
144 };
145
146 /*
147 * NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should be matching with
148 * the value BTA_MAX_SERVICE_ID in bta_api.h
149 *
150 * i.e., If you add new Service ID for BTA, the correct security ID of the new service
151 * from Security service definitions (btm_api.h) should be added to this lookup table.
152 */
153 const UINT32 bta_service_id_to_btm_srv_id_lkup_tbl [BTA_MAX_SERVICE_ID] =
154 {
155 0, /* Reserved */
156 BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
157 BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */
158 BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */
159 BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */
160 BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */
161 BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
162 BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */
163 BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */
164 BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */
165 BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */
166 BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
167 BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */
168 BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */
169 BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */
170 BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */
171 BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */
172 BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */
173 BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */
174 BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */
175 BTM_SEC_SERVICE_HID_SEC_CTRL, /* BTA_HID_SERVICE_ID */
176 BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */
177 BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */
178 BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
179 BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
180 BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */
181 BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */
182 BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */
183 BTM_SEC_SERVICE_PBAP /* BTA_PCE_SERVICE_ID */
184 #if BLE_INCLUDED && BTA_GATT_INCLUDED
185 ,BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */
186 #endif
187 };
188
189 /* bta security callback */
190 const tBTM_APPL_INFO bta_security =
191 {
192 &bta_dm_authorize_cback,
193 &bta_dm_pin_cback,
194 &bta_dm_new_link_key_cback,
195 &bta_dm_link_key_request_cback,
196 &bta_dm_authentication_complete_cback,
197 NULL,
198 &bta_dm_bond_cancel_complete_cback,
199 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
200 &bta_dm_sp_cback
201 #else
202 NULL
203 #endif
204 #if BLE_INCLUDED == TRUE
205 #if SMP_INCLUDED == TRUE
206 ,&bta_dm_ble_smp_cback
207 #endif
208 ,&bta_dm_ble_id_key_cback
209 #endif
210
211 };
212
213 /* TBD... To be moved to some conf file..? */
214 #define BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT 5
215 const tBTA_DM_LMP_VER_INFO bta_role_switch_blacklist[BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT] =
216 {
217 {0x000F,0x2000,0x04},
218 {0x00,0x00,0x00},
219 {0x00,0x00,0x00},
220 {0x00,0x00,0x00},
221 {0x00,0x00,0x00}
222 };
223
224 #define MAX_DISC_RAW_DATA_BUF (4096)
225 UINT8 g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF];
226
227 /*******************************************************************************
228 **
229 ** Function bta_dm_app_ready_timer_cback
230 **
231 ** Description allow sending EIR to controller
232 **
233 **
234 ** Returns void
235 **
236 *******************************************************************************/
237 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE)
bta_dm_app_ready_timer_cback(TIMER_LIST_ENT * p_tle)238 static void bta_dm_app_ready_timer_cback (TIMER_LIST_ENT *p_tle)
239 {
240 bta_dm_set_eir (NULL);
241 }
242 #else
243 #define bta_dm_app_ready_timer_cback (x)
244 #endif
245
246 /*******************************************************************************
247 **
248 ** Function bta_dm_enable
249 **
250 ** Description Initialises the BT device manager
251 **
252 **
253 ** Returns void
254 **
255 *******************************************************************************/
bta_dm_enable(tBTA_DM_MSG * p_data)256 void bta_dm_enable(tBTA_DM_MSG *p_data)
257 {
258 tBTA_SYS_HW_MSG *sys_enable_event;
259 tBTA_DM_SEC sec_event;
260
261
262 /* if already in use, return an error */
263 if( bta_dm_cb.is_bta_dm_active == TRUE )
264 {
265 APPL_TRACE_WARNING0("bta_dm_enable - device already started by another application");
266 memset(&sec_event.enable, 0, sizeof ( tBTA_DM_ENABLE ));
267 sec_event.enable.status = BTA_FAILURE;
268 if( p_data->enable.p_sec_cback != NULL )
269 p_data->enable.p_sec_cback (BTA_DM_ENABLE_EVT, &sec_event);
270 return;
271 }
272
273
274 /* first, register our callback to SYS HW manager */
275 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
276
277 /* make sure security callback is saved - if no callback, do not erase the previous one,
278 it could be an error recovery mechanism */
279 if( p_data->enable.p_sec_cback != NULL )
280 bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback;
281 /* notify BTA DM is now active */
282 bta_dm_cb.is_bta_dm_active = TRUE;
283
284 /* send a message to BTA SYS */
285 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
286 {
287 sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT;
288 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
289
290 bta_sys_sendmsg(sys_enable_event);
291
292 }
293
294
295
296 }
297
298
299
300 /*******************************************************************************
301 **
302 ** Function bta_dm_sys_hw_cback
303 **
304 ** Description callback register to SYS to get HW status updates
305 **
306 **
307 ** Returns void
308 **
309 *******************************************************************************/
bta_dm_sys_hw_cback(tBTA_SYS_HW_EVT status)310 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status )
311 {
312 DEV_CLASS dev_class;
313 tBTA_DM_SEC_CBACK *temp_cback;
314 #if BLE_INCLUDED == TRUE
315 UINT8 key_mask = 0;
316 BT_OCTET16 er;
317 tBTA_BLE_LOCAL_ID_KEYS id_key;
318 tBT_UUID app_uuid = {LEN_UUID_128,{0}};
319 #endif
320 APPL_TRACE_DEBUG1(" bta_dm_sys_hw_cback with event: %i" , status );
321
322 /* On H/W error evt, report to the registered DM application callback */
323 if (status == BTA_SYS_HW_ERROR_EVT) {
324 if( bta_dm_cb.p_sec_cback != NULL )
325 bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL);
326 return;
327 }
328 if( status == BTA_SYS_HW_OFF_EVT )
329 {
330 if( bta_dm_cb.p_sec_cback != NULL )
331 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
332
333 /* reinitialize the control block */
334 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
335
336 /* unregister from SYS */
337 bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH );
338 /* notify BTA DM is now unactive */
339 bta_dm_cb.is_bta_dm_active = FALSE;
340 }
341 else
342 if( status == BTA_SYS_HW_ON_EVT )
343 {
344 /* FIXME: We should not unregister as the SYS shall invoke this callback on a H/W error.
345 * We need to revisit when this platform has more than one BLuetooth H/W chip */
346 //bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH);
347
348 /* save security callback */
349 temp_cback = bta_dm_cb.p_sec_cback;
350 /* make sure the control block is properly initialized */
351 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
352 /* and retrieve the callback */
353 bta_dm_cb.p_sec_cback=temp_cback;
354 bta_dm_cb.is_bta_dm_active = TRUE;
355
356 /* hw is ready, go on with BTA DM initialization */
357 memset(&bta_dm_search_cb, 0x00, sizeof(bta_dm_search_cb));
358 memset(&bta_dm_conn_srvcs, 0x00, sizeof(bta_dm_conn_srvcs));
359 memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB));
360
361 memcpy(dev_class, bta_dm_cfg.dev_class, sizeof(dev_class));
362 BTM_SetDeviceClass (dev_class);
363
364 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
365 /* load BLE local information: ID keys, ER if available */
366 bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key);
367
368 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER)
369 {
370 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER, (tBTM_BLE_LOCAL_KEYS *)&er);
371 }
372 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID)
373 {
374 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID, (tBTM_BLE_LOCAL_KEYS *)&id_key);
375 }
376 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
377 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128);
378 BTA_GATTC_AppRegister(&app_uuid, bta_dm_gattc_callback);
379 #endif
380 #endif
381
382 BTM_SecRegister((tBTM_APPL_INFO*)&bta_security);
383 BTM_SetDefaultLinkSuperTout(bta_dm_cfg.link_timeout);
384 BTM_WritePageTimeout(bta_dm_cfg.page_timeout);
385 bta_dm_cb.cur_policy = bta_dm_cfg.policy_settings;
386 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
387 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
388 BTM_RegBusyLevelNotif (bta_dm_bl_change_cback, NULL, BTM_BL_UPDATE_MASK|BTM_BL_ROLE_CHG_MASK);
389 #else
390 BTM_AclRegisterForChanges(bta_dm_acl_change_cback);
391 #endif
392 /* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the bd_addr
393 from the control block and invoking the callback which was sending the DM_ENABLE_EVT.
394 But then we have a few HCI commands being invoked above which were still in progress
395 when the ENABLE_EVT was sent. So modified this to fetch the local name which forces
396 the DM_ENABLE_EVT to be sent only after all the init steps are complete */
397 BTM_ReadLocalDeviceNameFromController((tBTM_CMPL_CB *)bta_dm_local_name_cback);
398
399 bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback);
400
401 /* initialize bluetooth low power manager */
402 bta_dm_init_pm();
403
404 bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback);
405
406
407 // BLUEDROID REMOVE ??
408 #if 0
409 #if 1
410 /* Create broadcom primary DI record */
411 if(WBT_ExtCreateRecord())
412 {
413 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&( BTA_EIR_CANNED_UUID_LIST != TRUE )
414 /* while app_ready_timer is running, BTA DM doesn't send EIR to controller */
415 bta_dm_cb.app_ready_timer.p_cback = (TIMER_CBACK*)&bta_dm_app_ready_timer_cback;
416 bta_sys_start_timer(&bta_dm_cb.app_ready_timer, 0, 100);
417
418 bta_sys_add_uuid(UUID_SERVCLASS_PNP_INFORMATION);
419 #endif
420 bta_dm_di_cb.di_handle[bta_dm_di_cb.di_num] = 0; /* primary DI record */
421 bta_dm_di_cb.di_num ++;
422 }
423 #else /* Eventually implement pin code */
424 if (WBT_ExtCreateRecord())
425 WBT_ExtAddPinCode();
426 #endif
427 #endif
428 }
429 else
430 APPL_TRACE_DEBUG0(" --- ignored event");
431
432 }
433
434
435 /*******************************************************************************
436 **
437 ** Function bta_dm_disable
438 **
439 ** Description Disables the BT device manager
440 **
441 **
442 ** Returns void
443 **
444 *******************************************************************************/
bta_dm_disable(tBTA_DM_MSG * p_data)445 void bta_dm_disable (tBTA_DM_MSG *p_data)
446 {
447 /* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after last channel is closed) */
448 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0);
449
450 /* disable all active subsystems */
451 bta_sys_disable(BTA_SYS_HW_BLUETOOTH);
452
453 BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0);
454 BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0);
455
456 bta_dm_disable_pm();
457
458 bta_dm_cb.disabling = TRUE;
459
460 bta_dm_search_cancel(NULL);
461
462 if(BTM_GetNumAclLinks()==0)
463 {
464 #if (defined(BTA_DISABLE_DELAY) && BTA_DISABLE_DELAY > 0)
465 /* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the shutdown by
466 * BTA_DISABLE_DELAY milliseconds
467 */
468 APPL_TRACE_WARNING2("%s BTA_DISABLE_DELAY set to %d ms",
469 __FUNCTION__, BTA_DISABLE_DELAY);
470 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
471 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
472 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, BTA_DISABLE_DELAY);
473 #else
474 bta_dm_disable_conn_down_timer_cback(NULL);
475 #endif
476 }
477 else
478 {
479 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback;
480 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 5000);
481 }
482
483 }
484
485 /*******************************************************************************
486 **
487 ** Function bta_dm_disable_timer_cback
488 **
489 ** Description Called if the disable timer expires
490 ** Used to close ACL connections which are still active
491 **
492 **
493 **
494 ** Returns void
495 **
496 *******************************************************************************/
bta_dm_disable_timer_cback(TIMER_LIST_ENT * p_tle)497 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle)
498 {
499
500 UINT8 i;
501
502 APPL_TRACE_EVENT0(" bta_dm_disable_timer_cback ");
503
504 if(BTM_GetNumAclLinks())
505 {
506 for(i=0; i<bta_dm_cb.device_list.count; i++)
507 {
508 btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
509
510 }
511
512 }
513 else
514 {
515 bta_dm_cb.disabling = FALSE;
516
517 bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION);
518 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
519 }
520 }
521
522
523
524
525 /*******************************************************************************
526 **
527 ** Function bta_dm_set_dev_name
528 **
529 ** Description Sets local device name
530 **
531 **
532 ** Returns void
533 **
534 *******************************************************************************/
bta_dm_set_dev_name(tBTA_DM_MSG * p_data)535 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data)
536 {
537
538 BTM_SetLocalDeviceName((char*)p_data->set_name.name);
539 #if (BTM_EIR_SERVER_INCLUDED == TRUE)
540 bta_dm_set_eir ((char*)p_data->set_name.name);
541 #endif
542 }
543
544 /*******************************************************************************
545 **
546 ** Function bta_dm_set_visibility
547 **
548 ** Description Sets discoverability, connectability and pairability
549 **
550 **
551 ** Returns void
552 **
553 *******************************************************************************/
bta_dm_set_visibility(tBTA_DM_MSG * p_data)554 void bta_dm_set_visibility (tBTA_DM_MSG *p_data)
555 {
556
557
558 /* set modes for Discoverability and connectability if not ignore */
559 if (p_data->set_visibility.disc_mode != BTA_DM_IGNORE)
560 BTM_SetDiscoverability((UINT8)p_data->set_visibility.disc_mode,
561 bta_dm_cb.inquiry_scan_window,
562 bta_dm_cb.inquiry_scan_interval);
563
564 if (p_data->set_visibility.conn_mode != BTA_DM_IGNORE)
565 BTM_SetConnectability((UINT8)p_data->set_visibility.conn_mode,
566 bta_dm_cb.page_scan_window,
567 bta_dm_cb.page_scan_interval);
568
569 /* Send False or True if not ignore */
570 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE )
571 {
572
573 if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE)
574 bta_dm_cb.disable_pair_mode = TRUE;
575 else
576 bta_dm_cb.disable_pair_mode = FALSE;
577
578 }
579
580 /* Send False or True if not ignore */
581 if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
582 {
583
584 if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL)
585 bta_dm_cb.conn_paired_only = FALSE;
586 else
587 bta_dm_cb.conn_paired_only = TRUE;
588
589 }
590
591 /* Change mode if either mode is not ignore */
592 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE || p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
593 BTM_SetPairableMode((BOOLEAN)(!(bta_dm_cb.disable_pair_mode)),bta_dm_cb.conn_paired_only);
594
595 }
596
597
598 /*******************************************************************************
599 **
600 ** Function bta_dm_set_afhchannels
601 **
602 ** Description This function sets the AFH first and
603 ** last disable channel, so channels within
604 ** that range are disabled.
605 **
606 **
607 ** Returns void
608 **
609 *******************************************************************************/
bta_dm_set_afhchannels(tBTA_DM_MSG * p_data)610 void bta_dm_set_afhchannels (tBTA_DM_MSG *p_data)
611 {
612 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last);
613
614 }
615
616
617 /*******************************************************************************
618 **
619 ** Function bta_dm_vendor_spec_command
620 **
621 ** Description Send a vendor specific command to the controller
622 **
623 **
624 ** Returns void
625 **
626 *******************************************************************************/
bta_dm_vendor_spec_command(tBTA_DM_MSG * p_data)627 void bta_dm_vendor_spec_command (tBTA_DM_MSG *p_data)
628 {
629 tBTM_STATUS status;
630
631 status = BTM_VendorSpecificCommand(p_data->vendor_command.opcode,p_data->vendor_command.param_len,p_data->vendor_command.p_param_buf, p_data->vendor_command.p_cback);
632
633 }
634
635
636 /*******************************************************************************
637 **
638 ** Function bta_dm_tx_inqpower
639 **
640 ** Description write inquiry tx power.
641 **
642 **
643 ** Returns void
644 **
645 *******************************************************************************/
bta_dm_tx_inqpower(tBTA_DM_MSG * p_data)646 void bta_dm_tx_inqpower(tBTA_DM_MSG *p_data)
647 {
648 if (BTM_WriteInquiryTxPower (p_data->tx_inq_pwr.tx_power) == BTM_ILLEGAL_VALUE)
649 {
650 APPL_TRACE_ERROR1("Invalid Inquiry Tx Power: %d", p_data->tx_inq_pwr.tx_power);
651 }
652 return;
653 }
654
655 /*******************************************************************************
656 **
657 ** Function bta_dm_remove_device
658 **
659 ** Description Removes device, Disconnects ACL link if required.
660 ****
661 *******************************************************************************/
bta_dm_remove_device(tBTA_DM_MSG * p_data)662 void bta_dm_remove_device (tBTA_DM_MSG *p_data)
663 {
664 tBTA_DM_API_REMOVE_DEVICE *p_dev = &p_data->remove_dev;
665 int i;
666 tBTA_DM_SEC sec_event;
667
668 if (BTM_IsAclConnectionUp(p_dev->bd_addr))
669 {
670 /* Take the link down first, and mark the device for removal when disconnected */
671 btm_remove_acl( p_dev->bd_addr) ;
672
673 for(i=0; i<bta_dm_cb.device_list.count; i++)
674 {
675 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_dev->bd_addr))
676 break;
677 }
678
679 if(i < bta_dm_cb.device_list.count)
680 {
681 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
682 }
683 }
684 else /* Ok to remove the device in application layer */
685 {
686 BTM_SecDeleteDevice(p_dev->bd_addr);
687 if( bta_dm_cb.p_sec_cback )
688 {
689 bdcpy(sec_event.link_down.bd_addr, p_dev->bd_addr);
690 /* No connection, set status to success (acl disc code not valid) */
691 sec_event.link_down.status = HCI_SUCCESS;
692 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event);
693 }
694 }
695 }
696
697 /*******************************************************************************
698 **
699 ** Function bta_dm_add_device
700 **
701 ** Description This function adds a Link Key to an security database entry.
702 ** It is normally called during host startup to restore all required information
703 ** stored in the NVRAM.
704 ****
705 *******************************************************************************/
bta_dm_add_device(tBTA_DM_MSG * p_data)706 void bta_dm_add_device (tBTA_DM_MSG *p_data)
707 {
708 tBTA_DM_API_ADD_DEVICE *p_dev = &p_data->add_dev;
709 UINT8 *p_dc = NULL;
710 UINT8 *p_lc = NULL;
711 UINT32 trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
712 UINT8 index = 0;
713 UINT8 btm_mask_index = 0;
714
715 memset (trusted_services_mask, 0, sizeof(trusted_services_mask));
716
717 /* If not all zeros, the device class has been specified */
718 if (p_dev->dc_known)
719 p_dc = (UINT8 *)p_dev->dc;
720
721 if (p_dev->link_key_known)
722 p_lc = (UINT8 *)p_dev->link_key;
723
724 if (p_dev->is_trusted)
725 {
726 /* covert BTA service mask to BTM mask */
727 while (p_dev->tm && (index < BTA_MAX_SERVICE_ID))
728 {
729 if (p_dev->tm & (UINT32)(1<<index))
730 {
731
732 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS;
733 trusted_services_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] - (UINT32)(btm_mask_index * 32)));
734
735 p_dev->tm &= (UINT32)(~(1<<index));
736
737 }
738 index++;
739 }
740 }
741
742 if (!BTM_SecAddDevice (p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features,
743 trusted_services_mask, p_lc, p_dev->key_type, p_dev->io_cap))
744 {
745 APPL_TRACE_ERROR2 ("BTA_DM: Error adding device %08x%04x",
746 (p_dev->bd_addr[0]<<24)+(p_dev->bd_addr[1]<<16)+(p_dev->bd_addr[2]<<8)+p_dev->bd_addr[3],
747 (p_dev->bd_addr[4]<<8)+p_dev->bd_addr[5]);
748 }
749 }
750
751 /*******************************************************************************
752 **
753 ** Function bta_dm_bond
754 **
755 ** Description Bonds with peer device
756 **
757 **
758 ** Returns void
759 **
760 *******************************************************************************/
bta_dm_bond(tBTA_DM_MSG * p_data)761 void bta_dm_bond (tBTA_DM_MSG *p_data)
762 {
763 tBTM_STATUS status;
764 tBTA_DM_SEC sec_event;
765 char *p_name;
766
767 status = BTM_SecBond ( p_data->bond.bd_addr, 0, NULL, 0 );
768
769 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED))
770 {
771
772 p_name = BTM_SecReadDevName(p_data->bond.bd_addr);
773 if (!p_name)
774 p_name = "";
775
776 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
777 bdcpy(sec_event.auth_cmpl.bd_addr, p_data->bond.bd_addr);
778 memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1));
779 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
780
781 /* taken care of by memset [above]
782 sec_event.auth_cmpl.key_present = FALSE;
783 sec_event.auth_cmpl.success = FALSE;
784 */
785 sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND;
786 if (status == BTM_SUCCESS)
787 sec_event.auth_cmpl.success = TRUE;
788
789 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
790 }
791
792 }
793
794 /*******************************************************************************
795 **
796 ** Function bta_dm_bond_cancel
797 **
798 ** Description Cancels bonding with a peer device
799 **
800 **
801 ** Returns void
802 **
803 *******************************************************************************/
bta_dm_bond_cancel(tBTA_DM_MSG * p_data)804 void bta_dm_bond_cancel (tBTA_DM_MSG *p_data)
805 {
806 tBTM_STATUS status;
807 tBTA_DM_SEC sec_event;
808
809 APPL_TRACE_EVENT0(" bta_dm_bond_cancel ");
810 status = BTM_SecBondCancel ( p_data->bond_cancel.bd_addr );
811
812 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED && status != BTM_SUCCESS))
813 {
814 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
815
816 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
817 }
818
819 }
820
821 /*******************************************************************************
822 **
823 ** Function bta_dm_pin_reply
824 **
825 ** Description Send the pin_reply to a request from BTM
826 **
827 **
828 ** Returns void
829 **
830 *******************************************************************************/
bta_dm_pin_reply(tBTA_DM_MSG * p_data)831 void bta_dm_pin_reply (tBTA_DM_MSG *p_data)
832 {
833 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
834 UINT32 * current_trusted_mask;
835
836 current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr);
837
838 if(current_trusted_mask)
839 {
840 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
841 }
842 else
843 {
844 memset(trusted_mask, 0, sizeof(trusted_mask));
845 }
846
847 if(p_data->pin_reply.accept)
848 {
849
850 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS, p_data->pin_reply.pin_len, p_data->pin_reply.p_pin, trusted_mask );
851 }
852 else
853 {
854 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL, trusted_mask );
855 }
856
857 }
858
859 /*******************************************************************************
860 **
861 ** Function bta_dm_link_policy
862 **
863 ** Description remove/set link policy mask.
864 ** wake the link, is sniff/park is removed
865 **
866 ** Returns void
867 **
868 *******************************************************************************/
bta_dm_link_policy(tBTA_DM_MSG * p_data)869 void bta_dm_link_policy (tBTA_DM_MSG *p_data)
870 {
871 tBTA_DM_PEER_DEVICE *p_dev;
872
873 p_dev = bta_dm_find_peer_device(p_data->link_policy.bd_addr);
874 if(!p_dev)
875 return;
876
877 APPL_TRACE_DEBUG2(" bta_dm_link_policy set:%d, policy:0x%x",
878 p_data->link_policy.set, p_data->link_policy.policy_mask);
879 if(p_data->link_policy.set)
880 {
881 /* restore the default link policy */
882 p_dev->link_policy |= p_data->link_policy.policy_mask;
883 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
884 }
885 else
886 {
887 /* clear the policy from the default link policy */
888 p_dev->link_policy &= (~p_data->link_policy.policy_mask);
889 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
890
891 if(p_data->link_policy.policy_mask & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
892 {
893 /* if clearing sniff/park, wake the link */
894 bta_dm_pm_active(p_dev->peer_bdaddr);
895 }
896 }
897 }
898
899 /*******************************************************************************
900 **
901 ** Function bta_dm_policy_cback
902 **
903 ** Description process the link policy changes
904 **
905 ** Returns void
906 **
907 *******************************************************************************/
bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status,UINT8 id,UINT8 app_id,BD_ADDR peer_addr)908 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
909 {
910 tBTA_DM_PEER_DEVICE *p_dev = NULL;
911 UINT16 policy = app_id;
912 UINT32 mask = (UINT32)(1 << id);
913
914 if(peer_addr)
915 p_dev = bta_dm_find_peer_device(peer_addr);
916
917 APPL_TRACE_DEBUG2(" bta_dm_policy_cback cmd:%d, policy:0x%x",
918 status, policy);
919 switch(status)
920 {
921 case BTA_SYS_PLCY_SET:
922 if(!p_dev)
923 return;
924 /* restore the default link policy */
925 p_dev->link_policy |= policy;
926 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
927 break;
928
929 case BTA_SYS_PLCY_CLR:
930 if(!p_dev)
931 return;
932 /* clear the policy from the default link policy */
933 p_dev->link_policy &= (~policy);
934 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
935
936 if(policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
937 {
938 /* if clearing sniff/park, wake the link */
939 bta_dm_pm_active(p_dev->peer_bdaddr);
940 }
941 break;
942
943 case BTA_SYS_PLCY_DEF_SET:
944 /* want to restore/set the role switch policy */
945 bta_dm_cb.role_policy_mask &= ~mask;
946 if(0 == bta_dm_cb.role_policy_mask)
947 {
948 /* if nobody wants to insist on the role */
949 bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH;
950 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
951 }
952 break;
953
954 case BTA_SYS_PLCY_DEF_CLR:
955 /* want to remove the role switch policy */
956 bta_dm_cb.role_policy_mask |= mask;
957 bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH;
958 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
959 break;
960 }
961 }
962
963
964 /*******************************************************************************
965 **
966 ** Function bta_dm_auth_reply
967 **
968 ** Description Send the authorization reply to a request from BTM
969 **
970 **
971 ** Returns void
972 **
973 *******************************************************************************/
bta_dm_auth_reply(tBTA_DM_MSG * p_data)974 void bta_dm_auth_reply (tBTA_DM_MSG *p_data)
975 {
976
977 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
978 UINT8 btm_mask_index = 0;
979 UINT32 * current_trusted_mask;
980
981 current_trusted_mask = BTM_ReadTrustedMask(p_data->auth_reply.bd_addr);
982
983 if(current_trusted_mask)
984 {
985 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
986 }
987 else
988 {
989 memset(trusted_mask, 0, sizeof(trusted_mask));
990 }
991
992 if(p_data->auth_reply.response != BTA_DM_NOT_AUTH)
993 {
994 if(p_data->auth_reply.response == BTA_DM_AUTH_PERM)
995 {
996 if(p_data->auth_reply.service < BTA_MAX_SERVICE_ID)
997 {
998 /* convert BTA service id to BTM mask */
999 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] / 32;
1000 trusted_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] - (UINT32)(btm_mask_index * 32)));
1001
1002 }
1003 }
1004 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_SUCCESS,trusted_mask);
1005 }
1006 else
1007 {
1008 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_NOT_AUTHORIZED,trusted_mask);
1009 }
1010
1011 }
1012
1013 /*******************************************************************************
1014 **
1015 ** Function bta_dm_confirm
1016 **
1017 ** Description Send the user confirm request reply in response to a
1018 ** request from BTM
1019 **
1020 ** Returns void
1021 **
1022 *******************************************************************************/
bta_dm_confirm(tBTA_DM_MSG * p_data)1023 void bta_dm_confirm(tBTA_DM_MSG *p_data)
1024 {
1025 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1026
1027 if(p_data->confirm.accept == TRUE)
1028 res = BTM_SUCCESS;
1029 BTM_ConfirmReqReply(res, p_data->confirm.bd_addr);
1030 }
1031
1032 /*******************************************************************************
1033 **
1034 ** Function bta_dm_passkey_cancel
1035 **
1036 ** Description Send the passkey cancel from SP initiator by sending a negative
1037 ** passkey request replyreply.
1038 ** Returns void
1039 **
1040 *******************************************************************************/
1041 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
bta_dm_passkey_cancel(tBTA_DM_MSG * p_data)1042 void bta_dm_passkey_cancel(tBTA_DM_MSG *p_data)
1043 {
1044 BTM_PasskeyReqReply(BTM_NOT_AUTHORIZED, p_data->passkey_cancel.bd_addr, 0);
1045 }
1046 #endif
1047
1048 /*******************************************************************************
1049 **
1050 ** Function bta_dm_loc_oob
1051 **
1052 ** Description Retrieve the OOB data from the local LM
1053 **
1054 ** Returns void
1055 **
1056 *******************************************************************************/
1057 #if (BTM_OOB_INCLUDED == TRUE)
bta_dm_loc_oob(tBTA_DM_MSG * p_data)1058 void bta_dm_loc_oob(tBTA_DM_MSG *p_data)
1059 {
1060 BTM_ReadLocalOobData();
1061 }
1062
1063 /*******************************************************************************
1064 **
1065 ** Function bta_dm_ci_io_req_act
1066 **
1067 ** Description respond to the IO capabilities request from BTM
1068 **
1069 ** Returns void
1070 **
1071 *******************************************************************************/
bta_dm_ci_io_req_act(tBTA_DM_MSG * p_data)1072 void bta_dm_ci_io_req_act(tBTA_DM_MSG *p_data)
1073 {
1074 tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO;
1075 if(p_data->ci_io_req.auth_req)
1076 auth_req = BTM_AUTH_AP_YES;
1077 BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap,
1078 p_data->ci_io_req.oob_data, auth_req);
1079 }
1080
1081 /*******************************************************************************
1082 **
1083 ** Function bta_dm_ci_rmt_oob_act
1084 **
1085 ** Description respond to the OOB data request for the remote device from BTM
1086 **
1087 **
1088 ** Returns void
1089 **
1090 *******************************************************************************/
bta_dm_ci_rmt_oob_act(tBTA_DM_MSG * p_data)1091 void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG *p_data)
1092 {
1093 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1094
1095 if(p_data->ci_rmt_oob.accept == TRUE)
1096 res = BTM_SUCCESS;
1097 BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr,
1098 p_data->ci_rmt_oob.c, p_data->ci_rmt_oob.r );
1099 }
1100 #endif /* BTM_OOB_INCLUDED */
1101
1102 /*******************************************************************************
1103 **
1104 ** Function bta_dm_search_start
1105 **
1106 ** Description Starts an inquiry
1107 **
1108 **
1109 ** Returns void
1110 **
1111 *******************************************************************************/
bta_dm_search_start(tBTA_DM_MSG * p_data)1112 void bta_dm_search_start (tBTA_DM_MSG *p_data)
1113 {
1114 tBTM_INQUIRY_CMPL result;
1115
1116 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1117 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->search.num_uuid);
1118 #endif
1119
1120 APPL_TRACE_DEBUG1("bta_dm_search_start avoid_scatter=%d", bta_dm_cfg.avoid_scatter);
1121 if (bta_dm_cfg.avoid_scatter &&
1122 (p_data->search.rs_res == BTA_DM_RS_NONE) && bta_dm_check_av(BTA_DM_API_SEARCH_EVT))
1123 {
1124 memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH));
1125 return;
1126 }
1127
1128 BTM_ClearInqDb(NULL);
1129 /* save search params */
1130 bta_dm_search_cb.p_search_cback = p_data->search.p_cback;
1131 bta_dm_search_cb.services = p_data->search.services;
1132
1133 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1134 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1135
1136 if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 &&
1137 p_data->search.p_uuid != NULL)
1138 {
1139 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1140 {
1141 APPL_TRACE_ERROR0("bta_dm_search_start no resources");
1142
1143 result.status = BTA_FAILURE;
1144 result.num_resp = 0;
1145 bta_dm_inq_cmpl_cb ((void *)&result);
1146 return;
1147 }
1148 // bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len);
1149 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len);
1150 }
1151
1152 if (p_data->search.inq_params.mode & BTM_LIMITED_INQUIRY)
1153 p_data->search.inq_params.mode |= BTM_BLE_LIMITED_INQUIRY;
1154 else
1155 p_data->search.inq_params.mode |= BTM_BLE_GENERAL_INQUIRY;
1156 #endif
1157 result.status = BTM_StartInquiry( (tBTM_INQ_PARMS*)&p_data->search.inq_params,
1158 bta_dm_inq_results_cb,
1159 (tBTM_CMPL_CB*) bta_dm_inq_cmpl_cb);
1160
1161 APPL_TRACE_EVENT1("bta_dm_search_start status=%d", result.status);
1162 if (result.status != BTM_CMD_STARTED)
1163 {
1164 result.num_resp = 0;
1165 bta_dm_inq_cmpl_cb ((void *)&result);
1166 }
1167
1168 }
1169
1170 /*******************************************************************************
1171 **
1172 ** Function bta_dm_search_cancel
1173 **
1174 ** Description Cancels an ongoing search for devices
1175 **
1176 **
1177 ** Returns void
1178 **
1179 *******************************************************************************/
bta_dm_search_cancel(tBTA_DM_MSG * p_data)1180 void bta_dm_search_cancel (tBTA_DM_MSG *p_data)
1181 {
1182
1183 tBTA_DM_MSG * p_msg;
1184
1185 if(BTM_IsInquiryActive())
1186 {
1187 BTM_CancelInquiry();
1188 bta_dm_search_cancel_notify(NULL);
1189
1190 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1191 {
1192 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1193 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1194 bta_sys_sendmsg(p_msg);
1195
1196 }
1197 }
1198 /* If no Service Search going on then issue cancel remote name in case it is active */
1199 else if (!bta_dm_search_cb.name_discover_done)
1200 {
1201 BTM_CancelRemoteDeviceName();
1202 }
1203 #if ((BLE_INCLUDED == TRUE) && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
1204 if (bta_dm_search_cb.gatt_disc_active)
1205 {
1206 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
1207 }
1208 #endif
1209 }
1210
1211 /*******************************************************************************
1212 **
1213 ** Function bta_dm_discover
1214 **
1215 ** Description Discovers services on a remote device
1216 **
1217 **
1218 ** Returns void
1219 **
1220 *******************************************************************************/
bta_dm_discover(tBTA_DM_MSG * p_data)1221 void bta_dm_discover (tBTA_DM_MSG *p_data)
1222 {
1223 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1224 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->discover.num_uuid);
1225 #endif
1226 APPL_TRACE_EVENT2("bta_dm_discover services_to_search=0x%04X, sdp_search=%d",
1227 p_data->discover.services, p_data->discover.sdp_search);
1228
1229 /* save the search condition */
1230 bta_dm_search_cb.services = p_data->discover.services;
1231
1232 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1233 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1234 if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 &&
1235 p_data->discover.p_uuid != NULL)
1236 {
1237 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1238 {
1239 p_data->discover.p_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1240 return;
1241 }
1242 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len);
1243 }
1244 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
1245 #endif
1246
1247 bta_dm_search_cb.p_search_cback = p_data->discover.p_cback;
1248 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1249 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
1250 bta_dm_search_cb.service_index = 0;
1251 bta_dm_search_cb.services_found = 0;
1252 bta_dm_search_cb.peer_name[0] = 0;
1253 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1254 bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr);
1255
1256 bta_dm_search_cb.name_discover_done = FALSE;
1257 memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID));
1258 bta_dm_discover_device(p_data->discover.bd_addr);
1259 }
1260
1261 /*******************************************************************************
1262 **
1263 ** Function bta_dm_di_disc_cmpl
1264 **
1265 ** Description Sends event to application when DI discovery complete
1266 **
1267 ** Returns void
1268 **
1269 *******************************************************************************/
bta_dm_di_disc_cmpl(tBTA_DM_MSG * p_data)1270 void bta_dm_di_disc_cmpl(tBTA_DM_MSG *p_data)
1271 {
1272 tBTA_DM_DI_DISC_CMPL di_disc;
1273
1274 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1275 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1276
1277 if((p_data->hdr.offset == SDP_SUCCESS)
1278 || (p_data->hdr.offset == SDP_DB_FULL))
1279 {
1280 di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db);
1281 }
1282 else
1283 di_disc.result = BTA_FAILURE;
1284
1285 bta_dm_di_cb.p_di_db = NULL;
1286 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, (tBTA_DM_SEARCH *) &di_disc);
1287 }
1288
1289 /*******************************************************************************
1290 **
1291 ** Function bta_dm_di_disc_callback
1292 **
1293 ** Description This function queries a remote device for DI information.
1294 **
1295 **
1296 ** Returns void
1297 **
1298 *******************************************************************************/
bta_dm_di_disc_callback(UINT16 result)1299 static void bta_dm_di_disc_callback(UINT16 result)
1300 {
1301 tBTA_DM_MSG * p_msg;
1302
1303 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1304 {
1305 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1306 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1307 p_msg->hdr.offset = result;
1308 bta_sys_sendmsg(p_msg);
1309 }
1310 }
1311
1312 /*******************************************************************************
1313 **
1314 ** Function bta_dm_di_disc
1315 **
1316 ** Description This function queries a remote device for DI information.
1317 **
1318 **
1319 ** Returns void
1320 **
1321 *******************************************************************************/
bta_dm_di_disc(tBTA_DM_MSG * p_data)1322 void bta_dm_di_disc (tBTA_DM_MSG *p_data)
1323 {
1324 UINT16 result = BTA_FAILURE;
1325 tBTA_DM_MSG *p_msg;
1326
1327 bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback;
1328 bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.bd_addr);
1329 bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db;
1330
1331 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
1332 {
1333 if ( SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db,
1334 p_data->di_disc.len, bta_dm_di_disc_callback) == SDP_SUCCESS)
1335 {
1336 result = BTA_SUCCESS;
1337 }
1338 }
1339 else
1340 {
1341 APPL_TRACE_ERROR0("No buffer to start DI discovery");
1342 }
1343
1344 if ( result == BTA_FAILURE &&
1345 (p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1346 {
1347 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1348 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1349 p_data->hdr.offset = result;
1350 bta_sys_sendmsg(p_msg);
1351 }
1352 }
1353
1354 /*******************************************************************************
1355 **
1356 ** Function bta_dm_read_remote_device_name
1357 **
1358 ** Description Initiate to get remote device name
1359 **
1360 ** Returns TRUE if started to get remote name
1361 **
1362 *******************************************************************************/
bta_dm_read_remote_device_name(BD_ADDR bd_addr)1363 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr)
1364 {
1365 tBTM_STATUS btm_status;
1366
1367 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name");
1368
1369 bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr);
1370 bta_dm_search_cb.peer_name[0] = 0;
1371
1372 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
1373 (tBTM_CMPL_CB *) bta_dm_remname_cback);
1374
1375 if ( btm_status == BTM_CMD_STARTED )
1376 {
1377 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is started");
1378
1379 return (TRUE);
1380 }
1381 else if ( btm_status == BTM_BUSY )
1382 {
1383 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is busy");
1384
1385 /* Remote name discovery is on going now so BTM cannot notify through "bta_dm_remname_cback" */
1386 /* adding callback to get notified that current reading remore name done */
1387 BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1388
1389 return (TRUE);
1390 }
1391 else
1392 {
1393 APPL_TRACE_WARNING1("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
1394
1395 return (FALSE);
1396 }
1397 }
1398
1399 /*******************************************************************************
1400 **
1401 ** Function bta_dm_inq_cmpl
1402 **
1403 ** Description Process the inquiry complete event from BTM
1404 **
1405 ** Returns void
1406 **
1407 *******************************************************************************/
bta_dm_inq_cmpl(tBTA_DM_MSG * p_data)1408 void bta_dm_inq_cmpl (tBTA_DM_MSG *p_data)
1409 {
1410 tBTA_DM_MSG * p_msg;
1411 tBTA_DM_SEARCH data;
1412
1413 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl");
1414
1415 data.inq_cmpl.num_resps = p_data->inq_cmpl.num;
1416 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data);
1417
1418 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst()) != NULL)
1419 {
1420 /* start name and service discovery from the first device on inquiry result */
1421 bta_dm_search_cb.name_discover_done = FALSE;
1422 bta_dm_search_cb.peer_name[0] = 0;
1423 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
1424 }
1425 else
1426 {
1427 /* no devices, search complete */
1428 bta_dm_search_cb.services = 0;
1429
1430 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1431 {
1432 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1433 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1434 bta_sys_sendmsg(p_msg);
1435 }
1436 }
1437 }
1438
1439 /*******************************************************************************
1440 **
1441 ** Function bta_dm_rmt_name
1442 **
1443 ** Description Process the remote name result from BTM
1444 **
1445 ** Returns void
1446 **
1447 *******************************************************************************/
bta_dm_rmt_name(tBTA_DM_MSG * p_data)1448 void bta_dm_rmt_name (tBTA_DM_MSG *p_data)
1449 {
1450 APPL_TRACE_DEBUG0("bta_dm_rmt_name");
1451
1452 if( p_data->rem_name.result.disc_res.bd_name[0] && bta_dm_search_cb.p_btm_inq_info)
1453 {
1454 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = TRUE;
1455 }
1456
1457 bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr);
1458 }
1459
1460 /*******************************************************************************
1461 **
1462 ** Function bta_dm_disc_rmt_name
1463 **
1464 ** Description Process the remote name result from BTM when application
1465 ** wants to find the name for a bdaddr
1466 **
1467 ** Returns void
1468 **
1469 *******************************************************************************/
bta_dm_disc_rmt_name(tBTA_DM_MSG * p_data)1470 void bta_dm_disc_rmt_name (tBTA_DM_MSG *p_data)
1471 {
1472 tBTM_INQ_INFO *p_btm_inq_info;
1473
1474 APPL_TRACE_DEBUG0("bta_dm_disc_rmt_name");
1475
1476 p_btm_inq_info = BTM_InqDbRead (p_data->rem_name.result.disc_res.bd_addr);
1477 if( p_btm_inq_info )
1478 {
1479 if( p_data->rem_name.result.disc_res.bd_name[0] )
1480 {
1481 p_btm_inq_info->appl_knows_rem_name = TRUE;
1482 }
1483 }
1484
1485 bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr);
1486 }
1487
1488 /*******************************************************************************
1489 **
1490 ** Function bta_dm_sdp_result
1491 **
1492 ** Description Process the discovery result from sdp
1493 **
1494 ** Returns void
1495 **
1496 *******************************************************************************/
bta_dm_sdp_result(tBTA_DM_MSG * p_data)1497 void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
1498 {
1499
1500 tSDP_DISC_REC *p_sdp_rec = NULL;
1501 tBTA_DM_MSG *p_msg;
1502 BOOLEAN service_found = FALSE;
1503 BOOLEAN scn_found = FALSE;
1504 UINT16 service = 0xFFFF;
1505 tSDP_PROTOCOL_ELEM pe;
1506
1507 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1508 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid;
1509 tBTA_DM_SEARCH result;
1510 tBT_UUID service_uuid;
1511 #endif
1512
1513 UINT32 num_uuids = 0;
1514 UINT8 uuid_list[32][MAX_UUID_SIZE]; // assuming a max of 32 services
1515
1516 if((p_data->sdp_event.sdp_result == SDP_SUCCESS)
1517 || (p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH)
1518 || (p_data->sdp_event.sdp_result == SDP_DB_FULL))
1519 {
1520 APPL_TRACE_DEBUG1("sdp_result::0x%x", p_data->sdp_event.sdp_result);
1521 do
1522 {
1523
1524 service_found = FALSE;
1525 p_sdp_rec = NULL;
1526 if( bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID+1) )
1527 {
1528 p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db, &bta_dm_search_cb.uuid, p_sdp_rec);
1529
1530 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe))
1531 {
1532 bta_dm_search_cb.peer_scn = (UINT8) pe.params[0];
1533 scn_found = TRUE;
1534 }
1535 }
1536 else
1537 {
1538 service = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1539 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec);
1540 }
1541 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1542 /* finished with BR/EDR services, now we check the result for GATT based service UUID */
1543 if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID)
1544 {
1545 if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL)
1546 {
1547 p_uuid += (bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search);
1548 /* only support 16 bits UUID for now */
1549 service = p_uuid->uu.uuid16;
1550
1551 }
1552 /* all GATT based services */
1553 do
1554 {
1555 /* find a service record, report it */
1556 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db,
1557 0, p_sdp_rec);
1558 if (p_sdp_rec)
1559 {
1560 if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid))
1561 {
1562 /* send result back to app now, one by one */
1563 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1564 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
1565 result.disc_ble_res.service.len = service_uuid.len;
1566 result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16;
1567
1568 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
1569 }
1570 }
1571
1572 if (bta_dm_search_cb.uuid_to_search > 0)
1573 break;
1574
1575 } while (p_sdp_rec);
1576 }
1577 else
1578 #endif
1579 {
1580 /* SDP_DB_FULL means some records with the
1581 required attributes were received */
1582 if(((p_data->sdp_event.sdp_result == SDP_DB_FULL) &&
1583 bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) ||
1584 (p_sdp_rec != NULL))
1585 {
1586 /* If Plug and Play service record, check to see if Broadcom stack */
1587 if (service == UUID_SERVCLASS_PNP_INFORMATION)
1588 {
1589 if (p_sdp_rec)
1590 {
1591 if (SDP_FindAttributeInRec (p_sdp_rec, ATTR_ID_EXT_BRCM_VERSION))
1592 {
1593 service_found = TRUE;
1594 }
1595 }
1596 }
1597 else
1598 {
1599 service_found = TRUE;
1600 }
1601
1602 if (service_found)
1603 {
1604 UINT16 tmp_svc = 0xFFFF;
1605 bta_dm_search_cb.services_found |=
1606 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index-1));
1607 tmp_svc = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1608 /* Add to the list of UUIDs */
1609 sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]);
1610 num_uuids++;
1611 }
1612 }
1613 }
1614
1615 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK &&
1616 bta_dm_search_cb.services_to_search == 0)
1617 {
1618 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1619 if ( bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
1620 bta_dm_search_cb.uuid_to_search > 0)
1621 bta_dm_search_cb.uuid_to_search --;
1622
1623 if (bta_dm_search_cb.uuid_to_search == 0 ||
1624 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
1625 #endif
1626 bta_dm_search_cb.service_index++;
1627 }
1628 else /* regular one service per search or PNP search */
1629 break;
1630
1631 }
1632 while(bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID);
1633
1634 // GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1635 // bta_dm_search_cb.p_sdp_db = NULL;
1636 APPL_TRACE_DEBUG1("bta_dm_sdp_result services_found = %04x", bta_dm_search_cb.services_found);
1637
1638 /* Collect the 128-bit services here and put them into the list */
1639 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK)
1640 {
1641 p_sdp_rec = NULL;
1642 do
1643 {
1644 tBT_UUID temp_uuid;
1645 /* find a service record, report it */
1646 p_sdp_rec = SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec);
1647 if (p_sdp_rec)
1648 {
1649 if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid))
1650 {
1651 memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE);
1652 num_uuids++;
1653 }
1654 }
1655 } while (p_sdp_rec);
1656 }
1657 /* if there are more services to search for */
1658 if(bta_dm_search_cb.services_to_search)
1659 {
1660 /* Free up the p_sdp_db before checking the next one */
1661 bta_dm_free_sdp_db(NULL);
1662 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
1663 }
1664 else
1665 {
1666 /* callbacks */
1667 /* start next bd_addr if necessary */
1668
1669 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1670
1671
1672 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1673 {
1674 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1675 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
1676 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
1677 p_msg->disc_result.result.disc_res.raw_data_size = 0;
1678 p_msg->disc_result.result.disc_res.num_uuids = num_uuids;
1679 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
1680 if (num_uuids > 0) {
1681 p_msg->disc_result.result.disc_res.p_uuid_list = (UINT8*)GKI_getbuf(num_uuids*MAX_UUID_SIZE);
1682 if (p_msg->disc_result.result.disc_res.p_uuid_list) {
1683 memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list,
1684 num_uuids*MAX_UUID_SIZE);
1685 } else {
1686 p_msg->disc_result.result.disc_res.num_uuids = 0;
1687 APPL_TRACE_ERROR1("%s: Unable to allocate memory for uuid_list", __FUNCTION__);
1688 }
1689 }
1690 //copy the raw_data to the discovery result structure
1691 //
1692 APPL_TRACE_DEBUG2("bta_dm_sdp_result (raw_data used = 0x%x raw_data_ptr = 0x%x)\r\n",bta_dm_search_cb.p_sdp_db->raw_used, bta_dm_search_cb.p_sdp_db->raw_data);
1693
1694 if ( bta_dm_search_cb.p_sdp_db != NULL && bta_dm_search_cb.p_sdp_db->raw_used != 0 &&
1695 bta_dm_search_cb.p_sdp_db->raw_data != NULL) {
1696
1697 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.p_sdp_db->raw_used);
1698 if ( NULL != p_msg->disc_result.result.disc_res.p_raw_data ) {
1699 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
1700 bta_dm_search_cb.p_sdp_db->raw_data,
1701 bta_dm_search_cb.p_sdp_db->raw_used );
1702
1703 p_msg->disc_result.result.disc_res.raw_data_size =
1704 bta_dm_search_cb.p_sdp_db->raw_used;
1705
1706 } else {
1707 APPL_TRACE_DEBUG1("bta_dm_sdp_result GKI Alloc failed to allocate %d bytes !!\r\n",bta_dm_search_cb.p_sdp_db->raw_used);
1708 }
1709
1710 bta_dm_search_cb.p_sdp_db->raw_data = NULL; //no need to free this - it is a global assigned.
1711 bta_dm_search_cb.p_sdp_db->raw_used = 0;
1712 bta_dm_search_cb.p_sdp_db->raw_size = 0;
1713 }
1714 else {
1715 APPL_TRACE_DEBUG0("bta_dm_sdp_result raw data size is 0 or raw_data is null!!\r\n");
1716 }
1717 /* Done with p_sdp_db. Free it */
1718 bta_dm_free_sdp_db(NULL);
1719 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1720
1721 //Piggy back the SCN over result field
1722 if( scn_found )
1723 {
1724 p_msg->disc_result.result.disc_res.result = (3 + bta_dm_search_cb.peer_scn);
1725 p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK;
1726
1727 APPL_TRACE_EVENT1(" Piggy back the SCN over result field SCN=%d", bta_dm_search_cb.peer_scn);
1728
1729 }
1730 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1731 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1732 bta_dm_get_remname(), (BD_NAME_LEN-1));
1733
1734 /* make sure the string is null terminated */
1735 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1736
1737 bta_sys_sendmsg(p_msg);
1738 }
1739
1740 }
1741
1742 }
1743 else
1744 {
1745 /* conn failed. No need for timer */
1746 if(p_data->sdp_event.sdp_result == SDP_CONN_FAILED || p_data->sdp_event.sdp_result == SDP_CONN_REJECTED
1747 || p_data->sdp_event.sdp_result == SDP_SECURITY_ERR)
1748 bta_dm_search_cb.wait_disc = FALSE;
1749
1750 /* not able to connect go to next device */
1751 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1752 bta_dm_search_cb.p_sdp_db = NULL;
1753
1754 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1755
1756 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1757 {
1758 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1759 p_msg->disc_result.result.disc_res.result = BTA_FAILURE;
1760 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1761 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1762 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1763 bta_dm_get_remname(), (BD_NAME_LEN-1));
1764
1765 /* make sure the string is null terminated */
1766 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1767
1768 bta_sys_sendmsg(p_msg);
1769 }
1770 }
1771 }
1772
1773 /*******************************************************************************
1774 **
1775 ** Function bta_dm_search_cmpl
1776 **
1777 ** Description Sends event to application
1778 **
1779 ** Returns void
1780 **
1781 *******************************************************************************/
bta_dm_search_cmpl(tBTA_DM_MSG * p_data)1782 void bta_dm_search_cmpl (tBTA_DM_MSG *p_data)
1783 {
1784 APPL_TRACE_DEBUG0("bta_dm_search_cmpl");
1785
1786 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1787 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1788 #endif
1789
1790 if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT)
1791 bta_dm_di_disc_cmpl(p_data);
1792 else
1793 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1794 }
1795
1796 /*******************************************************************************
1797 **
1798 ** Function bta_dm_disc_result
1799 **
1800 ** Description Service discovery result when discovering services on a device
1801 **
1802 ** Returns void
1803 **
1804 *******************************************************************************/
bta_dm_disc_result(tBTA_DM_MSG * p_data)1805 void bta_dm_disc_result (tBTA_DM_MSG *p_data)
1806 {
1807 tBTA_DM_MSG * p_msg;
1808
1809 APPL_TRACE_DEBUG0("bta_dm_disc_result");
1810
1811 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1812 /* if any BR/EDR service discovery has been done, report the event */
1813 if ((bta_dm_search_cb.services & ((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK ) & ~BTA_BLE_SERVICE_MASK)))
1814 #endif
1815 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1816
1817 /* send a message to change state */
1818 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1819 {
1820 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1821 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1822 bta_sys_sendmsg(p_msg);
1823 }
1824 }
1825
1826 /*******************************************************************************
1827 **
1828 ** Function bta_dm_search_result
1829 **
1830 ** Description Service discovery result while searching for devices
1831 **
1832 ** Returns void
1833 **
1834 *******************************************************************************/
bta_dm_search_result(tBTA_DM_MSG * p_data)1835 void bta_dm_search_result (tBTA_DM_MSG *p_data)
1836 {
1837 APPL_TRACE_DEBUG2("bta_dm_search_result searching:0x%04x, result:0x%04x",
1838 bta_dm_search_cb.services,
1839 p_data->disc_result.result.disc_res.services);
1840
1841 /* call back if application wants name discovery or found services that application is searching */
1842 if (( !bta_dm_search_cb.services )
1843 ||(( bta_dm_search_cb.services ) && ( p_data->disc_result.result.disc_res.services )))
1844 {
1845 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1846 }
1847
1848 /* if searching did not initiate to create link */
1849 if(!bta_dm_search_cb.wait_disc )
1850 {
1851 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
1852 /* if service searching is done with EIR, don't search next device */
1853 if( bta_dm_search_cb.p_btm_inq_info )
1854 #endif
1855 bta_dm_discover_next_device();
1856 }
1857 else
1858 {
1859 /* wait until link is disconnected or timeout */
1860 bta_dm_search_cb.sdp_results = TRUE;
1861 bta_dm_search_cb.search_timer.p_cback = (TIMER_CBACK*)&bta_dm_search_timer_cback;
1862 bta_sys_start_timer(&bta_dm_search_cb.search_timer, 0, 1000*(L2CAP_LINK_INACTIVITY_TOUT+1) );
1863 }
1864
1865 }
1866
1867 /*******************************************************************************
1868 **
1869 ** Function bta_dm_search_timer_cback
1870 **
1871 ** Description Called when ACL disconnect time is over
1872 **
1873 **
1874 ** Returns void
1875 **
1876 *******************************************************************************/
bta_dm_search_timer_cback(TIMER_LIST_ENT * p_tle)1877 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle)
1878 {
1879
1880 APPL_TRACE_EVENT0(" bta_dm_search_timer_cback ");
1881 bta_dm_search_cb.wait_disc = FALSE;
1882
1883 /* proceed with next device */
1884 bta_dm_discover_next_device();
1885
1886 }
1887
1888
1889 /*******************************************************************************
1890 **
1891 ** Function bta_dm_free_sdp_db
1892 **
1893 ** Description Frees SDP data base
1894 **
1895 ** Returns void
1896 **
1897 *******************************************************************************/
bta_dm_free_sdp_db(tBTA_DM_MSG * p_data)1898 void bta_dm_free_sdp_db (tBTA_DM_MSG *p_data)
1899 {
1900 if(bta_dm_search_cb.p_sdp_db)
1901 {
1902 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1903 bta_dm_search_cb.p_sdp_db = NULL;
1904 }
1905
1906 }
1907
1908 /*******************************************************************************
1909 **
1910 ** Function bta_dm_queue_search
1911 **
1912 ** Description Queues search command while search is being cancelled
1913 **
1914 ** Returns void
1915 **
1916 *******************************************************************************/
bta_dm_queue_search(tBTA_DM_MSG * p_data)1917 void bta_dm_queue_search (tBTA_DM_MSG *p_data)
1918 {
1919
1920 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_SEARCH));
1921 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH));
1922
1923 }
1924
1925 /*******************************************************************************
1926 **
1927 ** Function bta_dm_queue_disc
1928 **
1929 ** Description Queues discovery command while search is being cancelled
1930 **
1931 ** Returns void
1932 **
1933 *******************************************************************************/
bta_dm_queue_disc(tBTA_DM_MSG * p_data)1934 void bta_dm_queue_disc (tBTA_DM_MSG *p_data)
1935 {
1936
1937 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_DISCOVER));
1938 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER));
1939
1940 }
1941
1942 /*******************************************************************************
1943 **
1944 ** Function bta_dm_search_clear_queue
1945 **
1946 ** Description Clears the queue if API search cancel is called
1947 **
1948 ** Returns void
1949 **
1950 *******************************************************************************/
bta_dm_search_clear_queue(tBTA_DM_MSG * p_data)1951 void bta_dm_search_clear_queue (tBTA_DM_MSG *p_data)
1952 {
1953
1954 if(bta_dm_search_cb.p_search_queue)
1955 {
1956 GKI_freebuf(bta_dm_search_cb.p_search_queue);
1957 bta_dm_search_cb.p_search_queue = NULL;
1958 }
1959
1960
1961 }
1962
1963 /*******************************************************************************
1964 **
1965 ** Function bta_dm_search_cancel_cmpl
1966 **
1967 ** Description Search cancel is complete
1968 **
1969 ** Returns void
1970 **
1971 *******************************************************************************/
bta_dm_search_cancel_cmpl(tBTA_DM_MSG * p_data)1972 void bta_dm_search_cancel_cmpl (tBTA_DM_MSG *p_data)
1973 {
1974
1975 if(bta_dm_search_cb.p_search_queue)
1976 {
1977 bta_sys_sendmsg(bta_dm_search_cb.p_search_queue);
1978 bta_dm_search_cb.p_search_queue = NULL;
1979 }
1980
1981 }
1982
1983 /*******************************************************************************
1984 **
1985 ** Function bta_dm_search_cancel_transac_cmpl
1986 **
1987 ** Description Current Service Discovery or remote name procedure is
1988 ** completed after search cancellation
1989 **
1990 ** Returns void
1991 **
1992 *******************************************************************************/
bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG * p_data)1993 void bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG *p_data)
1994 {
1995
1996 if(bta_dm_search_cb.p_sdp_db)
1997 {
1998 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1999 bta_dm_search_cb.p_sdp_db = NULL;
2000 }
2001
2002 bta_dm_search_cancel_notify(NULL);
2003 }
2004
2005
2006 /*******************************************************************************
2007 **
2008 ** Function bta_dm_search_cancel_notify
2009 **
2010 ** Description Notify application that search has been cancelled
2011 **
2012 ** Returns void
2013 **
2014 *******************************************************************************/
bta_dm_search_cancel_notify(tBTA_DM_MSG * p_data)2015 void bta_dm_search_cancel_notify (tBTA_DM_MSG *p_data)
2016 {
2017 if (bta_dm_search_cb.p_search_cback)
2018 {
2019 bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL);
2020 }
2021 if (!bta_dm_search_cb.name_discover_done)
2022 {
2023 BTM_CancelRemoteDeviceName();
2024 }
2025 #if ((BLE_INCLUDED == TRUE) && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
2026 if (bta_dm_search_cb.gatt_disc_active)
2027 {
2028 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2029 }
2030 #endif
2031
2032 }
2033
2034 /*******************************************************************************
2035 **
2036 ** Function bta_dm_find_services
2037 **
2038 ** Description Starts discovery on a device
2039 **
2040 ** Returns void
2041 **
2042 *******************************************************************************/
bta_dm_find_services(BD_ADDR bd_addr)2043 static void bta_dm_find_services ( BD_ADDR bd_addr)
2044 {
2045
2046 tSDP_UUID uuid;
2047 UINT16 attr_list[] = {ATTR_ID_SERVICE_CLASS_ID_LIST, ATTR_ID_EXT_BRCM_VERSION};
2048 UINT16 num_attrs = 1;
2049 tBTA_DM_MSG *p_msg;
2050
2051 memset (&uuid, 0, sizeof(tSDP_UUID));
2052
2053 while(bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID)
2054 {
2055 if( bta_dm_search_cb.services_to_search
2056 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)))
2057 {
2058 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
2059 {
2060 APPL_TRACE_DEBUG1("bta_dm_search_cb.services = %04x***********", bta_dm_search_cb.services);
2061 /* try to search all services by search based on L2CAP UUID */
2062 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK )
2063 {
2064 APPL_TRACE_ERROR1("services_to_search = %08x",bta_dm_search_cb.services_to_search);
2065 if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK)
2066 {
2067 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0];
2068 bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK;
2069 }
2070 else
2071 {
2072 uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP;
2073 bta_dm_search_cb.services_to_search = 0;
2074 }
2075 }
2076 else
2077 {
2078 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2079 /* for LE only profile */
2080 if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID)
2081 {
2082 if (bta_dm_search_cb.uuid_to_search > 0 && bta_dm_search_cb.p_srvc_uuid)
2083 {
2084 memcpy(&uuid,
2085 (const void *)(bta_dm_search_cb.p_srvc_uuid + \
2086 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search),
2087 sizeof(tBT_UUID));
2088
2089 bta_dm_search_cb.uuid_to_search -- ;
2090 }
2091 else
2092 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2093
2094 /* last one? clear the BLE service bit if all discovery has been done */
2095 if (bta_dm_search_cb.uuid_to_search == 0)
2096 bta_dm_search_cb.services_to_search &=
2097 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2098
2099 }
2100 else
2101 #endif
2102 {
2103 /* remove the service from services to be searched */
2104 bta_dm_search_cb.services_to_search &=
2105 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2106 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2107 }
2108 }
2109
2110 if (uuid.len == 0)
2111 uuid.len = LEN_UUID_16;
2112
2113 #if 0
2114 if (uuid.uu.uuid16 == UUID_SERVCLASS_PNP_INFORMATION)
2115 {
2116 num_attrs = 2;
2117 }
2118 #endif
2119
2120 if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID)
2121 {
2122 memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID));
2123 }
2124
2125
2126 APPL_TRACE_ERROR1("****************search UUID = %04x***********", uuid.uu.uuid16);
2127 //SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, num_attrs, attr_list);
2128 SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, 0, NULL);
2129
2130
2131 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2132 bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf;
2133
2134 bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF;
2135
2136 if (!SDP_ServiceSearchAttributeRequest (bd_addr, bta_dm_search_cb.p_sdp_db, &bta_dm_sdp_callback))
2137 {
2138 /* if discovery not successful with this device
2139 proceed to next one */
2140 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2141 bta_dm_search_cb.p_sdp_db = NULL;
2142 bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID;
2143
2144 }
2145 else
2146 {
2147 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2148 if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
2149 bta_dm_search_cb.uuid_to_search == 0) ||
2150 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
2151 #endif
2152 bta_dm_search_cb.service_index++;
2153 return;
2154 }
2155 }
2156 else
2157 {
2158 APPL_TRACE_ERROR0("#### Failed to allocate SDP DB buffer! ####");
2159 }
2160 }
2161
2162 bta_dm_search_cb.service_index++;
2163 }
2164
2165 /* no more services to be discovered */
2166 if(bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID)
2167 {
2168 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2169 {
2170 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2171 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2172 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2173 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2174 bta_dm_get_remname(), (BD_NAME_LEN-1));
2175
2176 /* make sure the string is terminated */
2177 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2178
2179 bta_sys_sendmsg(p_msg);
2180 }
2181 }
2182 }
2183
2184 /*******************************************************************************
2185 **
2186 ** Function bta_dm_discover_next_device
2187 **
2188 ** Description Starts discovery on the next device in Inquiry data base
2189 **
2190 ** Returns void
2191 **
2192 *******************************************************************************/
bta_dm_discover_next_device(void)2193 static void bta_dm_discover_next_device(void)
2194 {
2195
2196 tBTA_DM_MSG * p_msg;
2197
2198 APPL_TRACE_DEBUG0("bta_dm_discover_next_device");
2199
2200 /* searching next device on inquiry result */
2201 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info)) != NULL)
2202 {
2203 bta_dm_search_cb.name_discover_done = FALSE;
2204 bta_dm_search_cb.peer_name[0] = 0;
2205 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
2206 }
2207 else
2208 {
2209 /* no devices, search complete */
2210 bta_dm_search_cb.services = 0;
2211
2212 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2213 {
2214 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
2215 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
2216 bta_sys_sendmsg(p_msg);
2217 }
2218 }
2219 }
2220
2221 /*******************************************************************************
2222 **
2223 ** Function bta_dm_discover_device
2224 **
2225 ** Description Starts name and service discovery on the device
2226 **
2227 ** Returns void
2228 **
2229 *******************************************************************************/
bta_dm_discover_device(BD_ADDR remote_bd_addr)2230 static void bta_dm_discover_device(BD_ADDR remote_bd_addr)
2231 {
2232 tBTA_DM_MSG * p_msg;
2233
2234 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2235 tBT_DEVICE_TYPE dev_type;
2236 tBLE_ADDR_TYPE addr_type;
2237 #endif
2238
2239 APPL_TRACE_DEBUG6("bta_dm_discover_device, BDA:0x%02X%02X%02X%02X%02X%02X",
2240 remote_bd_addr[0],remote_bd_addr[1],
2241 remote_bd_addr[2],remote_bd_addr[3],
2242 remote_bd_addr[4],remote_bd_addr[5]);
2243
2244 bdcpy(bta_dm_search_cb.peer_bdaddr, remote_bd_addr);
2245
2246 APPL_TRACE_DEBUG2("bta_dm_discover_device name_discover_done = %d p_btm_inq_info 0x%x ",
2247 bta_dm_search_cb.name_discover_done,
2248 bta_dm_search_cb.p_btm_inq_info
2249 );
2250 if ( bta_dm_search_cb.p_btm_inq_info ) {
2251
2252 APPL_TRACE_DEBUG1("bta_dm_discover_device appl_knows_rem_name %d",
2253 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name
2254 );
2255 }
2256
2257 /* if name discovery is not done and application needs remote name */
2258 if ((!bta_dm_search_cb.name_discover_done)
2259 && (( bta_dm_search_cb.p_btm_inq_info == NULL )
2260 ||(bta_dm_search_cb.p_btm_inq_info && (!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name))))
2261 {
2262 if( bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr) == TRUE )
2263 {
2264 return;
2265 }
2266 else
2267 {
2268 /* starting name discovery failed */
2269 bta_dm_search_cb.name_discover_done = TRUE;
2270 }
2271 }
2272
2273 /* if application wants to discover service */
2274 if ( bta_dm_search_cb.services )
2275 {
2276 /* initialize variables */
2277 bta_dm_search_cb.service_index = 0;
2278 bta_dm_search_cb.services_found = 0;
2279 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
2280 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2281 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
2282 #endif
2283 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
2284 if ((bta_dm_search_cb.p_btm_inq_info != NULL) &&
2285 bta_dm_search_cb.services != BTA_USER_SERVICE_MASK
2286 &&(bta_dm_search_cb.sdp_search == FALSE))
2287 {
2288 /* check if EIR provides the information of supported services */
2289 bta_dm_eir_search_services( &bta_dm_search_cb.p_btm_inq_info->results,
2290 &bta_dm_search_cb.services_to_search,
2291 &bta_dm_search_cb.services_found );
2292 }
2293
2294 /* if seaching with EIR is not completed */
2295 if(bta_dm_search_cb.services_to_search)
2296 #endif
2297 {
2298 /* check whether connection already exists to the device
2299 if connection exists, we don't have to wait for ACL
2300 link to go down to start search on next device */
2301 if(BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr))
2302 bta_dm_search_cb.wait_disc = FALSE;
2303 else
2304 bta_dm_search_cb.wait_disc = TRUE;
2305
2306 #if (BLE_INCLUDED == TRUE && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
2307 if ( bta_dm_search_cb.p_btm_inq_info )
2308 {
2309 APPL_TRACE_DEBUG3("bta_dm_discover_device p_btm_inq_info 0x%x results.device_type 0x%x services_to_search 0x%x",
2310 bta_dm_search_cb.p_btm_inq_info,
2311 bta_dm_search_cb.p_btm_inq_info->results.device_type,
2312 bta_dm_search_cb.services_to_search
2313 );
2314 }
2315 BTM_ReadDevInfo(remote_bd_addr, &dev_type, &addr_type);
2316
2317 if (dev_type == BT_DEVICE_TYPE_BLE)
2318 /*
2319 if ( bta_dm_search_cb.p_btm_inq_info != NULL &&
2320 bta_dm_search_cb.p_btm_inq_info->results.device_type == BT_DEVICE_TYPE_BLE &&
2321 (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK))*/
2322 {
2323 if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK)
2324 {
2325 //set the raw data buffer here
2326 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2327 bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf;
2328
2329 bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF;
2330 bta_dm_search_cb.ble_raw_used = 0;
2331
2332 /* start GATT for service discovery */
2333 btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2334 return;
2335 }
2336 }
2337 else
2338 #endif
2339 {
2340 bta_dm_search_cb.sdp_results = FALSE;
2341 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
2342
2343 return;
2344 }
2345 }
2346 }
2347
2348 /* name discovery and service discovery are done for this device */
2349 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2350 {
2351 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2352 /* initialize the data structure - includes p_raw_data and raw_data_size */
2353 memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES));
2354 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
2355 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2356 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2357 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2358 (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1));
2359
2360 /* make sure the string is terminated */
2361 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2362
2363 bta_sys_sendmsg(p_msg);
2364 }
2365 }
2366
2367 /*******************************************************************************
2368 **
2369 ** Function bta_dm_sdp_callback
2370 **
2371 ** Description Callback from sdp with discovery status
2372 **
2373 ** Returns void
2374 **
2375 *******************************************************************************/
bta_dm_sdp_callback(UINT16 sdp_status)2376 static void bta_dm_sdp_callback (UINT16 sdp_status)
2377 {
2378
2379 tBTA_DM_SDP_RESULT * p_msg;
2380
2381 if ((p_msg = (tBTA_DM_SDP_RESULT *) GKI_getbuf(sizeof(tBTA_DM_SDP_RESULT))) != NULL)
2382 {
2383 p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT;
2384 p_msg->sdp_result = sdp_status;
2385 bta_sys_sendmsg(p_msg);
2386
2387 }
2388 }
2389
2390 /*******************************************************************************
2391 **
2392 ** Function bta_dm_inq_results_cb
2393 **
2394 ** Description Inquiry results callback from BTM
2395 **
2396 ** Returns void
2397 **
2398 *******************************************************************************/
bta_dm_inq_results_cb(tBTM_INQ_RESULTS * p_inq,UINT8 * p_eir)2399 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
2400 {
2401
2402 tBTA_DM_SEARCH result;
2403 tBTM_INQ_INFO *p_inq_info;
2404 UINT16 service_class;
2405
2406 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
2407 memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN);
2408 BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class);
2409 result.inq_res.is_limited = (service_class & BTM_COD_SERVICE_LMTD_DISCOVER)?TRUE:FALSE;
2410 result.inq_res.rssi = p_inq->rssi;
2411
2412 #if (BLE_INCLUDED == TRUE)
2413 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
2414 result.inq_res.inq_result_type = p_inq->inq_result_type;
2415 result.inq_res.device_type = p_inq->device_type;
2416
2417 #endif
2418
2419 /* application will parse EIR to find out remote device name */
2420 result.inq_res.p_eir = p_eir;
2421
2422 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
2423 {
2424 /* initialize remt_name_not_required to FALSE so that we get the name by default */
2425 result.inq_res.remt_name_not_required = FALSE;
2426
2427 }
2428
2429 if(bta_dm_search_cb.p_search_cback)
2430 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result);
2431
2432 if(p_inq_info)
2433 {
2434 /* application indicates if it knows the remote name, inside the callback
2435 copy that to the inquiry data base*/
2436 if(result.inq_res.remt_name_not_required)
2437 p_inq_info->appl_knows_rem_name = TRUE;
2438
2439 }
2440
2441
2442 }
2443
2444
2445 /*******************************************************************************
2446 **
2447 ** Function bta_dm_inq_cmpl_cb
2448 **
2449 ** Description Inquiry complete callback from BTM
2450 **
2451 ** Returns void
2452 **
2453 *******************************************************************************/
bta_dm_inq_cmpl_cb(void * p_result)2454 static void bta_dm_inq_cmpl_cb (void * p_result)
2455 {
2456
2457 tBTA_DM_MSG * p_msg;
2458
2459 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl_cb");
2460 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2461 {
2462 p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
2463 p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
2464 bta_sys_sendmsg(p_msg);
2465
2466 }
2467
2468
2469 }
2470
2471 /*******************************************************************************
2472 **
2473 ** Function bta_dm_service_search_remname_cback
2474 **
2475 ** Description Remote name call back from BTM during service discovery
2476 **
2477 ** Returns void
2478 **
2479 *******************************************************************************/
bta_dm_service_search_remname_cback(BD_ADDR bd_addr,DEV_CLASS dc,BD_NAME bd_name)2480 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name)
2481 {
2482 tBTM_REMOTE_DEV_NAME rem_name;
2483 tBTM_STATUS btm_status;
2484
2485 APPL_TRACE_DEBUG1("bta_dm_service_search_remname_cback name=<%s>", bd_name);
2486
2487 /* if this is what we are looking for */
2488 if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr))
2489 {
2490 rem_name.length = strlen((char*)bd_name);
2491 if (rem_name.length > (BD_NAME_LEN-1))
2492 {
2493 rem_name.length = (BD_NAME_LEN-1);
2494 rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0;
2495 }
2496 BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2497 rem_name.status = BTM_SUCCESS;
2498
2499 bta_dm_remname_cback(&rem_name);
2500 }
2501 else
2502 {
2503 /* get name of device */
2504 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
2505 (tBTM_CMPL_CB *) bta_dm_remname_cback);
2506 if ( btm_status == BTM_BUSY )
2507 {
2508 /* wait for next chance(notification of remote name discovery done) */
2509 APPL_TRACE_DEBUG0("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName is busy");
2510 }
2511 else if ( btm_status != BTM_CMD_STARTED )
2512 {
2513 /* if failed to start getting remote name then continue */
2514 APPL_TRACE_WARNING1("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
2515
2516 rem_name.length = 0;
2517 rem_name.remote_bd_name[0] = 0;
2518 rem_name.status = btm_status;
2519 bta_dm_remname_cback(&rem_name);
2520 }
2521 }
2522 }
2523
2524
2525 /*******************************************************************************
2526 **
2527 ** Function bta_dm_remname_cback
2528 **
2529 ** Description Remote name complete call back from BTM
2530 **
2531 ** Returns void
2532 **
2533 *******************************************************************************/
bta_dm_remname_cback(tBTM_REMOTE_DEV_NAME * p_remote_name)2534 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name)
2535 {
2536 tBTA_DM_REM_NAME * p_msg;
2537
2538 APPL_TRACE_DEBUG1("bta_dm_remname_cback name=<%s>", p_remote_name->remote_bd_name);
2539
2540 /* remote name discovery is done but it could be failed */
2541 bta_dm_search_cb.name_discover_done = TRUE;
2542 BCM_STRNCPY_S((char*)bta_dm_search_cb.peer_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN-1));
2543 bta_dm_search_cb.peer_name[BD_NAME_LEN-1]=0;
2544
2545 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
2546
2547 if ((p_msg = (tBTA_DM_REM_NAME *) GKI_getbuf(sizeof(tBTA_DM_REM_NAME))) != NULL)
2548 {
2549 bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2550 BCM_STRNCPY_S((char*)p_msg->result.disc_res.bd_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN-1));
2551
2552 /* make sure the string is null terminated */
2553 p_msg->result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2554
2555 p_msg->hdr.event = BTA_DM_REMT_NAME_EVT;
2556 bta_sys_sendmsg(p_msg);
2557
2558 }
2559 }
2560
2561 /*******************************************************************************
2562 **
2563 ** Function bta_dm_authorize_cback
2564 **
2565 ** Description cback requesting authorization
2566 **
2567 ** Returns void
2568 **
2569 *******************************************************************************/
bta_dm_authorize_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,UINT8 * service_name,UINT8 service_id,BOOLEAN is_originator)2570 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
2571 UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator)
2572 {
2573 tBTA_DM_SEC sec_event;
2574 UINT8 index = 1;
2575
2576 bdcpy(sec_event.authorize.bd_addr, bd_addr);
2577 memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
2578
2579 BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2580
2581 /* make sure the string is null terminated */
2582 sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0;
2583
2584 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2585 sec_event.authorize.service = service_id;
2586 #endif
2587
2588 while(index < BTA_MAX_SERVICE_ID)
2589 {
2590 /* get the BTA service id corresponding to BTM id */
2591 if(bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id)
2592 {
2593 sec_event.authorize.service = index;
2594 break;
2595 }
2596 index++;
2597 }
2598
2599
2600 /* if supported service callback otherwise not authorized */
2601 if(bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID
2602 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2603 /* pass through JV service ID */
2604 || (service_id >= BTA_FIRST_JV_SERVICE_ID && service_id <= BTA_LAST_JV_SERVICE_ID)
2605 #endif
2606 ))
2607 {
2608 bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event);
2609 return BTM_CMD_STARTED;
2610 }
2611 else
2612 {
2613 return BTM_NOT_AUTHORIZED;
2614 }
2615 }
2616
2617
2618
2619
2620
2621 /*******************************************************************************
2622 **
2623 ** Function bta_dm_pinname_cback
2624 **
2625 ** Description Callback requesting pin_key
2626 **
2627 ** Returns void
2628 **
2629 *******************************************************************************/
bta_dm_pinname_cback(void * p_data)2630 static void bta_dm_pinname_cback (void *p_data)
2631 {
2632 tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data;
2633 tBTA_DM_SEC sec_event;
2634 UINT32 bytes_to_copy;
2635 tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt;
2636
2637 if (BTA_DM_SP_CFM_REQ_EVT == event)
2638 {
2639 /* Retrieved saved device class and bd_addr */
2640 bdcpy(sec_event.cfm_req.bd_addr, bta_dm_cb.pin_bd_addr);
2641 BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class);
2642
2643 if (p_result && p_result->status == BTM_SUCCESS)
2644 {
2645 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2646 ? p_result->length : (BD_NAME_LEN-1);
2647 memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2648 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2649 }
2650 else /* No name found */
2651 sec_event.cfm_req.bd_name[0] = 0;
2652
2653 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2654
2655 /* 1 additional event data fields for this event */
2656 sec_event.cfm_req.just_works = bta_dm_cb.just_works;
2657 }
2658 else
2659 {
2660 /* Retrieved saved device class and bd_addr */
2661 bdcpy(sec_event.pin_req.bd_addr, bta_dm_cb.pin_bd_addr);
2662 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class);
2663
2664 if (p_result && p_result->status == BTM_SUCCESS)
2665 {
2666 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2667 ? p_result->length : (BD_NAME_LEN-1);
2668 memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2669 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2670 }
2671 else /* No name found */
2672 sec_event.pin_req.bd_name[0] = 0;
2673
2674 event = bta_dm_cb.pin_evt;
2675 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2676 }
2677
2678 if( bta_dm_cb.p_sec_cback )
2679 bta_dm_cb.p_sec_cback(event, &sec_event);
2680 }
2681
2682
2683
2684 /*******************************************************************************
2685 **
2686 ** Function bta_dm_pin_cback
2687 **
2688 ** Description Callback requesting pin_key
2689 **
2690 ** Returns void
2691 **
2692 *******************************************************************************/
bta_dm_pin_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name)2693 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name)
2694 {
2695 tBTA_DM_SEC sec_event;
2696
2697 if (!bta_dm_cb.p_sec_cback)
2698 return BTM_NOT_AUTHORIZED;
2699
2700 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
2701 if (bd_name[0] == 0)
2702 {
2703 bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT;
2704 bdcpy(bta_dm_cb.pin_bd_addr, bd_addr);
2705 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class);
2706 if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
2707 return BTM_CMD_STARTED;
2708
2709 APPL_TRACE_WARNING0(" bta_dm_pin_cback() -> Failed to start Remote Name Request ");
2710 }
2711
2712 bdcpy(sec_event.pin_req.bd_addr, bd_addr);
2713 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
2714 BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2715 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2716
2717 bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
2718 return BTM_CMD_STARTED;
2719 }
2720
2721
2722
2723 /*******************************************************************************
2724 **
2725 ** Function bta_dm_link_key_request_cback
2726 **
2727 ** Description Callback requesting linkkey
2728 **
2729 ** Returns void
2730 **
2731 *******************************************************************************/
bta_dm_link_key_request_cback(BD_ADDR bd_addr,LINK_KEY key)2732 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key)
2733 {
2734 /* Application passes all link key to
2735 BTM during initialization using add_device
2736 API. If BTM doesn't have the link key in it's
2737 data base, that's because application doesn't
2738 it */
2739
2740 return BTM_NOT_AUTHORIZED;
2741 }
2742
2743
2744
2745
2746
2747 /*******************************************************************************
2748 **
2749 ** Function bta_dm_new_link_key_cback
2750 **
2751 ** Description Callback from BTM to notify new link key
2752 **
2753 ** Returns void
2754 **
2755 *******************************************************************************/
bta_dm_new_link_key_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,LINK_KEY key,UINT8 key_type)2756 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,
2757 BD_NAME bd_name, LINK_KEY key, UINT8 key_type)
2758 {
2759 tBTA_DM_SEC sec_event;
2760 tBTA_DM_AUTH_CMPL *p_auth_cmpl;
2761 UINT8 event;
2762
2763 memset (&sec_event, 0, sizeof(tBTA_DM_SEC));
2764
2765 /* Not AMP Key type */
2766 if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB)
2767 {
2768 event = BTA_DM_AUTH_CMPL_EVT;
2769 p_auth_cmpl = &sec_event.auth_cmpl;
2770
2771 bdcpy(p_auth_cmpl->bd_addr, bd_addr);
2772
2773 memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1));
2774 p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0;
2775
2776 p_auth_cmpl->key_present = TRUE;
2777 p_auth_cmpl->key_type = key_type;
2778 p_auth_cmpl->success = TRUE;
2779
2780 memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN);
2781 sec_event.auth_cmpl.fail_reason = HCI_SUCCESS;
2782
2783 if(bta_dm_cb.p_sec_cback)
2784 {
2785 bta_dm_cb.p_sec_cback(event, &sec_event);
2786 }
2787 }
2788 else
2789 {
2790 APPL_TRACE_WARNING0(" bta_dm_new_link_key_cback() Received AMP Key?? ");
2791 }
2792
2793 return BTM_CMD_STARTED;
2794 }
2795
2796
2797 /*******************************************************************************
2798 **
2799 ** Function bta_dm_authentication_complete_cback
2800 **
2801 ** Description Authentication complete callback from BTM
2802 **
2803 ** Returns void
2804 **
2805 *******************************************************************************/
bta_dm_authentication_complete_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,int result)2806 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result)
2807 {
2808
2809 tBTA_DM_SEC sec_event;
2810
2811 if(result != BTM_SUCCESS)
2812 {
2813 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
2814 bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr);
2815
2816 memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1));
2817 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
2818
2819 /* taken care of by memset [above]
2820 sec_event.auth_cmpl.key_present = FALSE;
2821 sec_event.auth_cmpl.success = FALSE;
2822 */
2823 sec_event.auth_cmpl.fail_reason = (UINT8)result;
2824 if(bta_dm_cb.p_sec_cback)
2825 {
2826 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
2827 }
2828 }
2829
2830 return BTM_SUCCESS;
2831 }
2832
2833 /*******************************************************************************
2834 **
2835 ** Function bta_dm_sp_cback
2836 **
2837 ** Description simple pairing callback from BTM
2838 **
2839 ** Returns void
2840 **
2841 *******************************************************************************/
bta_dm_sp_cback(tBTM_SP_EVT event,tBTM_SP_EVT_DATA * p_data)2842 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
2843 {
2844 tBTM_STATUS status = BTM_CMD_STARTED;
2845 tBTA_DM_SEC sec_event;
2846 tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT;
2847
2848 APPL_TRACE_EVENT1("bta_dm_sp_cback: %d", event);
2849 if (!bta_dm_cb.p_sec_cback)
2850 return BTM_NOT_AUTHORIZED;
2851
2852 /* TODO_SP */
2853 switch(event)
2854 {
2855 case BTM_SP_IO_REQ_EVT:
2856 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2857 /* translate auth_req */
2858 bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap,
2859 &p_data->io_req.oob_data, &p_data->io_req.auth_req, p_data->io_req.is_orig);
2860 #endif
2861 #if BTM_OOB_INCLUDED == FALSE
2862 status = BTM_SUCCESS;
2863 #endif
2864
2865 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
2866 break;
2867 case BTM_SP_IO_RSP_EVT:
2868 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2869 bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap,
2870 p_data->io_rsp.oob_data, p_data->io_rsp.auth_req );
2871 #endif
2872 break;
2873
2874 case BTM_SP_CFM_REQ_EVT:
2875 pin_evt = BTA_DM_SP_CFM_REQ_EVT;
2876 bta_dm_cb.just_works = sec_event.cfm_req.just_works = p_data->cfm_req.just_works;
2877 sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req;
2878 sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req;
2879 sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps;
2880 sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps;
2881 /* continue to next case */
2882 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2883 /* Passkey entry mode, mobile device with output capability is very
2884 unlikely to receive key request, so skip this event */
2885 /*case BTM_SP_KEY_REQ_EVT: */
2886 case BTM_SP_KEY_NOTIF_EVT:
2887 #endif
2888 bta_dm_cb.num_val = sec_event.key_notif.passkey = p_data->key_notif.passkey;
2889 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
2890 if (p_data->key_notif.bd_name[0] == 0)
2891 {
2892 bta_dm_cb.pin_evt = pin_evt;
2893 bdcpy(bta_dm_cb.pin_bd_addr, p_data->key_notif.bd_addr);
2894 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->key_notif.dev_class);
2895 if ((BTM_ReadRemoteDeviceName(p_data->key_notif.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
2896 return BTM_CMD_STARTED;
2897
2898 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
2899 }
2900 bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr);
2901 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class);
2902 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), (char*)p_data->key_notif.bd_name, (BD_NAME_LEN-1));
2903 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0;
2904
2905 bta_dm_cb.p_sec_cback(pin_evt, &sec_event);
2906
2907 break;
2908
2909 #if BTM_OOB_INCLUDED == TRUE
2910 case BTM_SP_LOC_OOB_EVT:
2911 bta_dm_co_loc_oob((BOOLEAN)(p_data->loc_oob.status == BTM_SUCCESS),
2912 p_data->loc_oob.c, p_data->loc_oob.r);
2913 break;
2914
2915 case BTM_SP_RMT_OOB_EVT:
2916 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
2917 if (p_data->rmt_oob.bd_name[0] == 0)
2918 {
2919 bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT;
2920 bdcpy(bta_dm_cb.pin_bd_addr, p_data->rmt_oob.bd_addr);
2921 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->rmt_oob.dev_class);
2922 if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
2923 return BTM_CMD_STARTED;
2924
2925 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
2926 }
2927 bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr);
2928 BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class);
2929 BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1));
2930 sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0;
2931
2932 bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
2933
2934 bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr);
2935 break;
2936 #endif
2937 case BTM_SP_COMPLT_EVT:
2938 /* do not report this event - handled by link_key_callback or auth_complete_callback */
2939 break;
2940
2941 case BTM_SP_KEYPRESS_EVT:
2942 memcpy(&sec_event.key_press, &p_data->key_press, sizeof(tBTM_SP_KEYPRESS));
2943 bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event);
2944 break;
2945
2946 case BTM_SP_UPGRADE_EVT:
2947 bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade );
2948 break;
2949
2950 default:
2951 status = BTM_NOT_AUTHORIZED;
2952 break;
2953 }
2954 APPL_TRACE_EVENT1("dm status: %d", status);
2955 return status;
2956 }
2957
2958 /*******************************************************************************
2959 **
2960 ** Function bta_dm_local_name_cback
2961 **
2962 ** Description Callback from btm after local name is read
2963 **
2964 **
2965 ** Returns void
2966 **
2967 *******************************************************************************/
bta_dm_local_name_cback(UINT8 * p_name)2968 static void bta_dm_local_name_cback(UINT8 *p_name)
2969 {
2970 tBTA_DM_SEC sec_event;
2971
2972 BTM_GetLocalDeviceAddr(sec_event.enable.bd_addr);
2973 sec_event.enable.status = BTA_SUCCESS;
2974
2975 if(bta_dm_cb.p_sec_cback)
2976 bta_dm_cb.p_sec_cback(BTA_DM_ENABLE_EVT, &sec_event);
2977 }
2978
2979 /*******************************************************************************
2980 **
2981 ** Function bta_dm_signal_strength
2982 **
2983 ** Description Callback from btm after local bdaddr is read
2984 **
2985 **
2986 ** Returns void
2987 **
2988 *******************************************************************************/
bta_dm_signal_strength(tBTA_DM_MSG * p_data)2989 void bta_dm_signal_strength(tBTA_DM_MSG *p_data)
2990 {
2991
2992 if(p_data->sig_strength.start)
2993 {
2994 bta_dm_cb.signal_strength_mask = p_data->sig_strength.mask;
2995 bta_dm_cb.signal_strength_period = p_data->sig_strength.period;
2996 bta_dm_signal_strength_timer_cback(NULL);
2997 }
2998 else
2999 {
3000 bta_sys_stop_timer(&bta_dm_cb.signal_strength_timer);
3001 }
3002
3003 }
3004 /*******************************************************************************
3005 **
3006 ** Function bta_dm_signal_strength_timer_cback
3007 **
3008 ** Description Periodic timer callback to read signal strength
3009 **
3010 **
3011 ** Returns void
3012 **
3013 *******************************************************************************/
bta_dm_signal_strength_timer_cback(TIMER_LIST_ENT * p_tle)3014 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle)
3015 {
3016
3017 UINT8 i;
3018
3019 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_RSSI_MASK)
3020 {
3021 for(i=0; i<bta_dm_cb.device_list.count; i++)
3022 {
3023 BTM_ReadRSSI (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_rssi_cback);
3024
3025 }
3026 }
3027 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_LINK_QUALITY_MASK)
3028 {
3029
3030 for(i=0; i<bta_dm_cb.device_list.count; i++)
3031 {
3032 BTM_ReadLinkQuality (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_link_quality_cback);
3033 }
3034
3035 }
3036
3037 if(bta_dm_cb.signal_strength_period)
3038 {
3039 bta_dm_cb.signal_strength_timer.p_cback = (TIMER_CBACK*)&bta_dm_signal_strength_timer_cback;
3040 bta_sys_start_timer(&bta_dm_cb.signal_strength_timer, 0, (UINT32)1000*bta_dm_cb.signal_strength_period);
3041 }
3042 }
3043
3044
3045 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3046 /*******************************************************************************
3047 **
3048 ** Function bta_dm_bl_change_cback
3049 **
3050 ** Description Callback from btm when acl connection goes up or down
3051 **
3052 **
3053 ** Returns void
3054 **
3055 *******************************************************************************/
bta_dm_bl_change_cback(tBTM_BL_EVENT_DATA * p_data)3056 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data)
3057 {
3058
3059 tBTA_DM_ACL_CHANGE * p_msg;
3060
3061 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3062 {
3063 p_msg->event = p_data->event;
3064 p_msg->is_new = FALSE;
3065
3066 switch(p_msg->event)
3067 {
3068 case BTM_BL_CONN_EVT:
3069 p_msg->is_new = TRUE;
3070 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3071 break;
3072 case BTM_BL_DISCN_EVT:
3073 bdcpy(p_msg->bd_addr, p_data->discn.p_bda);
3074 break;
3075 case BTM_BL_UPDATE_EVT:
3076 p_msg->busy_level = p_data->update.busy_level;
3077 break;
3078 case BTM_BL_ROLE_CHG_EVT:
3079 p_msg->new_role = p_data->role_chg.new_role;
3080 p_msg->hci_status = p_data->role_chg.hci_status;
3081 bdcpy(p_msg->bd_addr, p_data->role_chg.p_bda);
3082 break;
3083 case BTM_BL_COLLISION_EVT:
3084 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3085 break;;
3086 }
3087
3088 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3089 bta_sys_sendmsg(p_msg);
3090
3091 }
3092
3093 }
3094 #else
3095
3096 /*******************************************************************************
3097 **
3098 ** Function bta_dm_acl_change_cback
3099 **
3100 ** Description Callback from btm when acl connection goes up or down
3101 **
3102 **
3103 ** Returns void
3104 **
3105 *******************************************************************************/
bta_dm_acl_change_cback(BD_ADDR p_bda,DEV_CLASS p_dc,BD_NAME p_bdn,BD_FEATURES features,BOOLEAN is_new)3106 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn,
3107 BD_FEATURES features, BOOLEAN is_new)
3108 {
3109
3110 tBTA_DM_ACL_CHANGE * p_msg;
3111
3112 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3113 {
3114 bdcpy (p_msg->bd_addr, p_bda);
3115 p_msg->is_new = is_new;
3116
3117 /* This is collision case */
3118 if (features != NULL)
3119 {
3120 if ((features[0] == 0xFF) && !is_new)
3121 p_msg->event = BTM_BL_COLLISION_EVT;
3122 }
3123
3124 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3125 bta_sys_sendmsg(p_msg);
3126
3127 }
3128
3129 }
3130 #endif
3131 /*******************************************************************************
3132 **
3133 ** Function bta_dm_rs_cback
3134 **
3135 ** Description Receives the role switch complete event
3136 **
3137 ** Returns
3138 **
3139 *******************************************************************************/
bta_dm_rs_cback(tBTM_ROLE_SWITCH_CMPL * p1)3140 static void bta_dm_rs_cback (tBTM_ROLE_SWITCH_CMPL *p1)
3141 {
3142 APPL_TRACE_WARNING1("bta_dm_rs_cback:%d", bta_dm_cb.rs_event);
3143 if(bta_dm_cb.rs_event == BTA_DM_API_SEARCH_EVT)
3144 {
3145 bta_dm_cb.search_msg.rs_res = BTA_DM_RS_OK; /* do not care about the result for now */
3146 bta_dm_cb.rs_event = 0;
3147 bta_dm_search_start((tBTA_DM_MSG *)&bta_dm_cb.search_msg);
3148 }
3149 }
3150
3151 /*******************************************************************************
3152 **
3153 ** Function bta_dm_check_av
3154 **
3155 ** Description This function checks if AV is active
3156 ** if yes, make sure the AV link is master
3157 **
3158 ** Returns BOOLEAN - TRUE, if switch is in progress
3159 **
3160 *******************************************************************************/
bta_dm_check_av(UINT16 event)3161 static BOOLEAN bta_dm_check_av(UINT16 event)
3162 {
3163 BOOLEAN switching = FALSE;
3164 UINT8 i;
3165 tBTA_DM_PEER_DEVICE *p_dev;
3166
3167 APPL_TRACE_WARNING1("bta_dm_check_av:%d", bta_dm_cb.cur_av_count);
3168 if(bta_dm_cb.cur_av_count)
3169 {
3170 for(i=0; i<bta_dm_cb.device_list.count; i++)
3171 {
3172 p_dev = &bta_dm_cb.device_list.peer_device[i];
3173 APPL_TRACE_WARNING3("[%d]: state:%d, info:x%x", i, p_dev->conn_state, p_dev->info);
3174 if((p_dev->conn_state == BTA_DM_CONNECTED) && (p_dev->info & BTA_DM_DI_AV_ACTIVE))
3175 {
3176 /* make master and take away the role switch policy */
3177 if(BTM_CMD_STARTED == BTM_SwitchRole (p_dev->peer_bdaddr, HCI_ROLE_MASTER, (tBTM_CMPL_CB *)bta_dm_rs_cback))
3178 {
3179 /* the role switch command is actually sent */
3180 bta_dm_cb.rs_event = event;
3181 switching = TRUE;
3182 }
3183 /* else either already master or can not switch for some reasons */
3184 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3185 break;
3186 }
3187 }
3188 }
3189 return switching;
3190 }
3191
3192 /*******************************************************************************
3193 **
3194 ** Function bta_dm_acl_change
3195 **
3196 ** Description Process BTA_DM_ACL_CHANGE_EVT
3197 **
3198 **
3199 ** Returns void
3200 **
3201 *******************************************************************************/
bta_dm_acl_change(tBTA_DM_MSG * p_data)3202 void bta_dm_acl_change(tBTA_DM_MSG *p_data)
3203 {
3204
3205 UINT8 i;
3206 UINT8 *p;
3207 tBTA_DM_SEC conn;
3208 BOOLEAN is_new = p_data->acl_change.is_new;
3209 BD_ADDR_PTR p_bda = p_data->acl_change.bd_addr;
3210 BOOLEAN need_policy_change = FALSE;
3211 BOOLEAN issue_unpair_cb = FALSE;
3212
3213 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3214 tBTA_DM_PEER_DEVICE *p_dev;
3215
3216 switch(p_data->acl_change.event)
3217 {
3218 case BTM_BL_UPDATE_EVT: /* busy level update */
3219 if( bta_dm_cb.p_sec_cback )
3220 {
3221 conn.busy_level.level = p_data->acl_change.busy_level;
3222 bta_dm_cb.p_sec_cback(BTA_DM_BUSY_LEVEL_EVT, &conn);
3223 }
3224 return;
3225
3226 case BTM_BL_ROLE_CHG_EVT: /* role change event */
3227 p_dev = bta_dm_find_peer_device(p_bda);
3228 if(p_dev)
3229 {
3230 APPL_TRACE_DEBUG3("bta_dm_acl_change role chg info:x%x new_role:%d dev count:%d",
3231 p_dev->info, p_data->acl_change.new_role, bta_dm_cb.device_list.count);
3232 if(p_dev->info & BTA_DM_DI_AV_ACTIVE)
3233 {
3234 /* there's AV activity on this link */
3235 if(p_data->acl_change.new_role == HCI_ROLE_SLAVE && bta_dm_cb.device_list.count > 1
3236 && p_data->acl_change.hci_status == HCI_SUCCESS)
3237 {
3238 /* more than one connections and the AV connection is role switched to slave
3239 * switch it back to master and remove the switch policy */
3240 BTM_SwitchRole(p_bda, BTM_ROLE_MASTER, NULL);
3241 need_policy_change = TRUE;
3242 }
3243 else if (bta_dm_cfg.avoid_scatter && (p_data->acl_change.new_role == HCI_ROLE_MASTER))
3244 {
3245 /* if the link updated to be master include AV activities, remove the switch policy */
3246 need_policy_change = TRUE;
3247 }
3248
3249 if(need_policy_change)
3250 {
3251 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3252 }
3253 }
3254 else
3255 {
3256 /* there's AV no activity on this link and role switch happened
3257 * check if AV is active
3258 * if so, make sure the AV link is master */
3259 bta_dm_check_av(0);
3260 }
3261 bta_sys_notify_role_chg(p_data->acl_change.bd_addr, p_data->acl_change.new_role, p_data->acl_change.hci_status);
3262 bdcpy(conn.role_chg.bd_addr, p_bda);
3263 conn.role_chg.new_role = (UINT8) p_data->acl_change.new_role;
3264 if( bta_dm_cb.p_sec_cback )
3265 bta_dm_cb.p_sec_cback(BTA_DM_ROLE_CHG_EVT, &conn);
3266 }
3267 return;
3268 }
3269 #endif
3270
3271 /* Collision report from Stack: Notify profiles */
3272 if (p_data->acl_change.event == BTM_BL_COLLISION_EVT)
3273 {
3274 bta_sys_notify_collision (p_bda);
3275 return;
3276 }
3277
3278 if(is_new)
3279 {
3280 for(i=0; i<bta_dm_cb.device_list.count; i++)
3281 {
3282 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda))
3283 break;
3284
3285 }
3286
3287 if(i == bta_dm_cb.device_list.count)
3288 {
3289 bdcpy(bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].peer_bdaddr, p_bda);
3290 bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].link_policy = bta_dm_cb.cur_policy;
3291 bta_dm_cb.device_list.count++;
3292 }
3293
3294 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_CONNECTED;
3295 bta_dm_cb.device_list.peer_device[i].pref_role = BTA_ANY_ROLE;
3296 bdcpy(conn.link_up.bd_addr, p_bda);
3297 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_NONE;
3298 if( ((NULL != (p = BTM_ReadLocalFeatures ())) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) &&
3299 ((NULL != (p = BTM_ReadRemoteFeatures (p_bda))) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) )
3300 {
3301 /* both local and remote devices support SSR */
3302 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_USE_SSR;
3303 }
3304 APPL_TRACE_WARNING1("info:x%x", bta_dm_cb.device_list.peer_device[i].info);
3305 if( bta_dm_cb.p_sec_cback )
3306 bta_dm_cb.p_sec_cback(BTA_DM_LINK_UP_EVT, &conn);
3307
3308 }
3309 else
3310 {
3311 for(i=0; i<bta_dm_cb.device_list.count; i++)
3312 {
3313 if(bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda))
3314 continue;
3315
3316 if( bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_UNPAIRING )
3317 {
3318 BTM_SecDeleteDevice(bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
3319 issue_unpair_cb = TRUE;
3320 }
3321
3322 for(; i<bta_dm_cb.device_list.count ; i++)
3323 {
3324 memcpy(&bta_dm_cb.device_list.peer_device[i], &bta_dm_cb.device_list.peer_device[i+1], sizeof(bta_dm_cb.device_list.peer_device[i]));
3325 }
3326 break;
3327 }
3328 if(bta_dm_cb.device_list.count)
3329 bta_dm_cb.device_list.count--;
3330
3331 if(bta_dm_search_cb.wait_disc && !bdcmp(bta_dm_search_cb.peer_bdaddr, p_bda))
3332 {
3333 bta_dm_search_cb.wait_disc = FALSE;
3334
3335 if(bta_dm_search_cb.sdp_results)
3336 {
3337 APPL_TRACE_EVENT0(" timer stopped ");
3338 bta_sys_stop_timer(&bta_dm_search_cb.search_timer);
3339 bta_dm_discover_next_device();
3340 }
3341
3342 }
3343
3344 if(bta_dm_cb.disabling)
3345 {
3346 if(!BTM_GetNumAclLinks())
3347 {
3348 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
3349 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
3350 /* start a timer to make sure that the profiles get the disconnect event */
3351 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1000);
3352 }
3353 }
3354
3355 bdcpy(conn.link_down.bd_addr, p_bda);
3356 conn.link_down.status = (UINT8) btm_get_acl_disc_reason_code();
3357 if( bta_dm_cb.p_sec_cback )
3358 {
3359 bta_dm_cb.p_sec_cback(BTA_DM_LINK_DOWN_EVT, &conn);
3360 if( issue_unpair_cb )
3361 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &conn);
3362 }
3363 }
3364
3365 bta_dm_adjust_roles(TRUE);
3366 }
3367
3368 /*******************************************************************************
3369 **
3370 ** Function bta_dm_disable_conn_down_timer_cback
3371 **
3372 ** Description Sends disable event to application
3373 **
3374 **
3375 ** Returns void
3376 **
3377 *******************************************************************************/
bta_dm_disable_conn_down_timer_cback(TIMER_LIST_ENT * p_tle)3378 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle)
3379 {
3380 tBTA_SYS_HW_MSG *sys_enable_event;
3381
3382 /* register our callback to SYS HW manager */
3383 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
3384
3385 /* send a message to BTA SYS */
3386 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
3387 {
3388 sys_enable_event->hdr.event = BTA_SYS_API_DISABLE_EVT;
3389 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
3390 bta_sys_sendmsg(sys_enable_event);
3391 }
3392
3393 bta_dm_cb.disabling = FALSE;
3394
3395 }
3396
3397 /*******************************************************************************
3398 **
3399 ** Function bta_dm_rssi_cback
3400 **
3401 ** Description Callback from btm with rssi values
3402 **
3403 **
3404 ** Returns void
3405 **
3406 *******************************************************************************/
bta_dm_rssi_cback(tBTM_RSSI_RESULTS * p_result)3407 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result)
3408 {
3409 tBTA_DM_SEC sec_event;
3410
3411 if(p_result->status == BTM_SUCCESS)
3412 {
3413
3414 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda);
3415 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_RSSI_MASK;
3416 sec_event.sig_strength.rssi_value = p_result->rssi;
3417 if( bta_dm_cb.p_sec_cback!= NULL )
3418 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event);
3419
3420 }
3421 }
3422
3423 /*******************************************************************************
3424 **
3425 ** Function bta_dm_link_quality_cback
3426 **
3427 ** Description Callback from btm with link quality value
3428 **
3429 **
3430 ** Returns void
3431 **
3432 *******************************************************************************/
bta_dm_link_quality_cback(tBTM_LINK_QUALITY_RESULTS * p_result)3433 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result)
3434 {
3435
3436 tBTA_DM_SEC sec_event;
3437
3438 if(p_result->status == BTM_SUCCESS)
3439 {
3440
3441 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda);
3442 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_LINK_QUALITY_MASK;
3443 sec_event.sig_strength.link_quality_value = p_result->link_quality;
3444 if( bta_dm_cb.p_sec_cback!= NULL )
3445 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event);
3446
3447 }
3448 }
3449
3450 /*******************************************************************************
3451 **
3452 ** Function bta_dm_rm_cback
3453 **
3454 ** Description Role management callback from sys
3455 **
3456 **
3457 ** Returns void
3458 **
3459 *******************************************************************************/
bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status,UINT8 id,UINT8 app_id,BD_ADDR peer_addr)3460 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
3461 {
3462
3463 UINT8 j;
3464 tBTA_PREF_ROLES role;
3465 tBTA_DM_PEER_DEVICE *p_dev;
3466
3467 p_dev = bta_dm_find_peer_device(peer_addr);
3468 if( status == BTA_SYS_CONN_OPEN)
3469 {
3470 if(p_dev)
3471 {
3472 /* Do not set to connected if we are in the middle of unpairing. When AV stream is
3473 * started it fakes out a SYS_CONN_OPEN to potentially trigger a role switch command.
3474 * But this should not be done if we are in the middle of unpairing.
3475 */
3476 if (p_dev->conn_state != BTA_DM_UNPAIRING)
3477 p_dev->conn_state = BTA_DM_CONNECTED;
3478
3479 for(j=1; j<= p_bta_dm_rm_cfg[0].app_id; j++)
3480 {
3481 if(((p_bta_dm_rm_cfg[j].app_id == app_id) || (p_bta_dm_rm_cfg[j].app_id == BTA_ALL_APP_ID))
3482 && (p_bta_dm_rm_cfg[j].id == id))
3483 {
3484 role = p_bta_dm_rm_cfg[j].cfg;
3485
3486 if(role > p_dev->pref_role )
3487 p_dev->pref_role = role;
3488 break;
3489 }
3490 }
3491
3492 }
3493
3494 }
3495
3496 if((BTA_ID_AV == id)||(BTA_ID_AVK ==id))
3497 {
3498 if( status == BTA_SYS_CONN_BUSY)
3499 {
3500 if(p_dev)
3501 p_dev->info |= BTA_DM_DI_AV_ACTIVE;
3502 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3503 if(BTA_ID_AV == id)
3504 bta_dm_cb.cur_av_count = app_id;
3505 }
3506 else if( status == BTA_SYS_CONN_IDLE)
3507 {
3508 if(p_dev)
3509 p_dev->info &= ~BTA_DM_DI_AV_ACTIVE;
3510 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3511 if(BTA_ID_AV == id)
3512 bta_dm_cb.cur_av_count = app_id;
3513 }
3514 APPL_TRACE_WARNING2("bta_dm_rm_cback:%d, status:%d", bta_dm_cb.cur_av_count, status);
3515 }
3516
3517
3518 bta_dm_adjust_roles(FALSE);
3519
3520 }
3521
3522 /*******************************************************************************
3523 **
3524 ** Function bta_dm_dev_blacklisted_for_switch
3525 **
3526 ** Description Checks if the device is blacklisted for immediate role switch after connection.
3527 **
3528 ** Returns TRUE if dev is blacklisted else FALSE
3529 **
3530 *******************************************************************************/
bta_dm_dev_blacklisted_for_switch(BD_ADDR remote_bd_addr)3531 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr)
3532 {
3533 UINT16 manufacturer = 0;
3534 UINT16 lmp_sub_version = 0;
3535 UINT8 lmp_version = 0;
3536 UINT8 i = 0;
3537
3538 if (BTM_ReadRemoteVersion(remote_bd_addr, &lmp_version,
3539 &manufacturer, &lmp_sub_version) == BTM_SUCCESS)
3540 {
3541 /* Check if this device version info matches with is
3542 blacklisted versions for role switch */
3543 for (i = 0; i < BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT; i++)
3544 {
3545 if ((bta_role_switch_blacklist[i].lmp_version == lmp_version) &&
3546 (bta_role_switch_blacklist[i].manufacturer == manufacturer)&&
3547 ((bta_role_switch_blacklist[i].lmp_sub_version & lmp_sub_version) ==
3548 bta_role_switch_blacklist[i].lmp_sub_version))
3549 {
3550 APPL_TRACE_EVENT0("Black list F/W version matches.. Delay Role Switch...");
3551 return TRUE;
3552 }
3553
3554 }
3555 }
3556 return FALSE;
3557 }
3558
3559 /*******************************************************************************
3560 **
3561 ** Function bta_dm_delay_role_switch_cback
3562 **
3563 ** Description Callback from btm to delay a role switch
3564 **
3565 ** Returns void
3566 **
3567 *******************************************************************************/
bta_dm_delay_role_switch_cback(TIMER_LIST_ENT * p_tle)3568 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle)
3569 {
3570 APPL_TRACE_EVENT0("bta_dm_delay_role_switch_cback: initiating Delayed RS");
3571 bta_dm_adjust_roles (FALSE);
3572 }
3573
3574 /*******************************************************************************
3575 **
3576 ** Function bta_dm_adjust_roles
3577 **
3578 ** Description Adjust roles
3579 **
3580 **
3581 ** Returns void
3582 **
3583 *******************************************************************************/
bta_dm_adjust_roles(BOOLEAN delay_role_switch)3584 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch)
3585 {
3586
3587 UINT8 i;
3588 BOOLEAN set_master_role = FALSE;
3589
3590 if(bta_dm_cb.device_list.count)
3591 {
3592
3593 /* the configuration is no scatternet
3594 * or AV connection exists and there are more than one ACL link */
3595 if( (p_bta_dm_rm_cfg[0].cfg == BTA_DM_NO_SCATTERNET) ||
3596 (bta_dm_cb.cur_av_count && bta_dm_cb.device_list.count > 1) )
3597 {
3598
3599 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3600 set_master_role = TRUE;
3601
3602 }
3603
3604 for(i=0; i<bta_dm_cb.device_list.count; i++)
3605 {
3606 if(bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED)
3607 {
3608 if(!set_master_role && (bta_dm_cb.device_list.peer_device[i].pref_role != BTA_ANY_ROLE)
3609 && (p_bta_dm_rm_cfg[0].cfg == BTA_DM_PARTIAL_SCATTERNET))
3610 {
3611 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3612 set_master_role = TRUE;
3613 }
3614
3615 if((bta_dm_cb.device_list.peer_device[i].pref_role == BTA_MASTER_ROLE_ONLY)
3616 || (bta_dm_cb.device_list.count > 1))
3617 {
3618
3619 /* Initiating immediate role switch with certain remote devices
3620 has caused issues due to role switch colliding with link encryption setup and
3621 causing encryption (and in turn the link) to fail . These device . Firmware
3622 versions are stored in a blacklist and role switch with these devices are
3623 delayed to avoid the collision with link encryption setup */
3624
3625 if ((delay_role_switch == FALSE) ||
3626 (bta_dm_dev_blacklisted_for_switch(
3627 bta_dm_cb.device_list.peer_device[i].peer_bdaddr) == FALSE))
3628 {
3629 BTM_SwitchRole (bta_dm_cb.device_list.peer_device[i].peer_bdaddr,
3630 HCI_ROLE_MASTER, NULL);
3631 }
3632 else
3633 {
3634 bta_dm_cb.switch_delay_timer.p_cback =
3635 (TIMER_CBACK*)&bta_dm_delay_role_switch_cback;
3636 bta_sys_start_timer(&bta_dm_cb.switch_delay_timer, 0, 500);
3637 }
3638 }
3639
3640 }
3641 }
3642
3643
3644 if(!set_master_role)
3645 {
3646
3647 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3648
3649 }
3650
3651 }
3652 else
3653 {
3654 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3655 }
3656
3657
3658 }
3659
3660 /*******************************************************************************
3661 **
3662 ** Function bta_dm_get_remname
3663 **
3664 ** Description Returns a pointer to the remote name stored in the DM control
3665 ** block if it exists, or from the BTM memory.
3666 **
3667 ** Returns char * - Pointer to the remote device name
3668 *******************************************************************************/
bta_dm_get_remname(void)3669 static char *bta_dm_get_remname(void)
3670 {
3671 char *p_name = bta_dm_search_cb.peer_name;
3672 char *p_temp;
3673
3674 /* If the name isn't already stored, try retrieving from BTM */
3675 if (*p_name == '\0')
3676 if ((p_temp = BTM_SecReadDevName(bta_dm_search_cb.peer_bdaddr)) != NULL)
3677 p_name = p_temp;
3678
3679 return p_name;
3680 }
3681
3682 /*******************************************************************************
3683 **
3684 ** Function bta_dm_bond_cancel_complete_cback
3685 **
3686 ** Description Authentication complete callback from BTM
3687 **
3688 ** Returns void
3689 **
3690 *******************************************************************************/
bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)3691 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)
3692 {
3693
3694 tBTA_DM_SEC sec_event;
3695
3696 if (result == BTM_SUCCESS)
3697 sec_event.bond_cancel_cmpl.result = BTA_SUCCESS;
3698 else
3699 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
3700
3701 if(bta_dm_cb.p_sec_cback)
3702 {
3703 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
3704 }
3705 }
3706
3707 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )
3708 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3709 /*******************************************************************************
3710 **
3711 ** Function bta_dm_update_eir_uuid
3712 **
3713 ** Description
3714 **
3715 **
3716 *******************************************************************************/
bta_dm_update_eir_uuid(tBTA_DM_MSG * p_data)3717 void bta_dm_update_eir_uuid (tBTA_DM_MSG *p_data)
3718 {
3719 tBTA_DM_API_UPDATE_EIR_UUID *p_msg = (tBTA_DM_API_UPDATE_EIR_UUID *)p_data;
3720 UINT8 xx;
3721 UINT8 empty_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID;
3722 UINT8 match_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID;
3723
3724 for (xx = 0; xx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; xx++)
3725 {
3726 if (bta_dm_cb.custom_uuid[xx].len == 0)
3727 {
3728 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3729 empty_slot = xx;
3730 }
3731 else if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3732 {
3733 if (!memcmp (bta_dm_cb.custom_uuid[xx].uu.uuid128, p_msg->uuid.uu.uuid128, p_msg->uuid.len))
3734 {
3735 match_slot = xx;;
3736 }
3737 }
3738 }
3739
3740 if (p_msg->is_add)
3741 {
3742 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3743 {
3744 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3745 {
3746 APPL_TRACE_ERROR0("No space to add UUID for EIR");
3747 return;
3748 }
3749 else
3750 {
3751 memcpy (&(bta_dm_cb.custom_uuid[empty_slot]), &(p_msg->uuid), sizeof(tBT_UUID));
3752 }
3753 }
3754 else
3755 {
3756 APPL_TRACE_ERROR0("UUID is already added for EIR");
3757 return;
3758 }
3759 }
3760 else
3761 {
3762 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3763 {
3764 APPL_TRACE_ERROR0("UUID is not found for EIR");
3765 return;
3766 }
3767 else
3768 {
3769 memset (&(bta_dm_cb.custom_uuid[match_slot]), 0, sizeof(tBT_UUID));
3770 }
3771 }
3772
3773 bta_dm_set_eir (NULL);
3774 }
3775 #endif
3776
3777 /*******************************************************************************
3778 **
3779 ** Function bta_dm_set_eir_config
3780 **
3781 ** Description
3782 **
3783 **
3784 *******************************************************************************/
bta_dm_set_eir_config(tBTA_DM_MSG * p_data)3785 void bta_dm_set_eir_config (tBTA_DM_MSG *p_data)
3786 {
3787 if (p_data->set_eir_cfg.p_eir_cfg)
3788 {
3789 /* User defined config */
3790 p_bta_dm_eir_cfg = p_data->set_eir_cfg.p_eir_cfg;
3791 }
3792 else
3793 {
3794 /* Back to default config */
3795 p_bta_dm_eir_cfg = (tBTA_DM_EIR_CONF*)&bta_dm_eir_cfg;
3796 }
3797
3798 bta_dm_set_eir (NULL);
3799 }
3800
3801 /*******************************************************************************
3802 **
3803 ** Function bta_dm_set_eir
3804 **
3805 ** Description This function creates EIR tagged data and writes it to controller.
3806 **
3807 ** Returns None
3808 **
3809 *******************************************************************************/
bta_dm_set_eir(char * local_name)3810 static void bta_dm_set_eir (char *local_name)
3811 {
3812 BT_HDR *p_buf;
3813 UINT8 *p;
3814 UINT8 *p_length;
3815 #if (BTA_EIR_CANNED_UUID_LIST != TRUE)
3816 UINT8 *p_type;
3817 UINT8 max_num_uuid;
3818 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3819 UINT8 custom_uuid_idx;
3820 #endif
3821 #endif
3822 #if (BTM_EIR_DEFAULT_FEC_REQUIRED == FALSE)
3823 UINT8 free_eir_length = HCI_EXT_INQ_RESPONSE_LEN;
3824 #else
3825 UINT8 free_eir_length = HCI_DM5_PACKET_SIZE;
3826 #endif
3827 UINT8 num_uuid;
3828 UINT8 data_type;
3829 UINT8 local_name_len;
3830
3831 /* wait until complete to disable */
3832 if (bta_dm_cb.disable_timer.in_use)
3833 return;
3834
3835 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )
3836 /* wait until App is ready */
3837 if (bta_dm_cb.app_ready_timer.in_use)
3838 return;
3839
3840 /* if local name is not provided, get it from controller */
3841 if( local_name == NULL )
3842 {
3843 if( BTM_ReadLocalDeviceName( &local_name ) != BTM_SUCCESS )
3844 {
3845 APPL_TRACE_ERROR0("Fail to read local device name for EIR");
3846 }
3847 }
3848 #endif
3849
3850 /* Allocate a buffer to hold HCI command */
3851 if ((p_buf = (BT_HDR *)GKI_getpoolbuf(BTM_CMD_POOL_ID)) == NULL)
3852 {
3853 APPL_TRACE_ERROR0("bta_dm_set_eir couldn't allocate buffer");
3854 return;
3855 }
3856 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET;
3857
3858 memset(p, 0x00, HCI_EXT_INQ_RESPONSE_LEN );
3859
3860 APPL_TRACE_DEBUG0("BTA is generating EIR");
3861
3862 if( local_name )
3863 local_name_len = strlen( local_name );
3864 else
3865 local_name_len = 0;
3866
3867 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
3868 /* if local name is longer than minimum length of shortened name */
3869 /* check whether it needs to be shortened or not */
3870 if( local_name_len > p_bta_dm_eir_cfg->bta_dm_eir_min_name_len )
3871 {
3872 /* get number of UUID 16-bit list */
3873 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
3874 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len/LEN_UUID_16;
3875 #else
3876 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
3877 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p,
3878 max_num_uuid, &num_uuid );
3879 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; /* reset p */
3880 #endif
3881
3882 /* if UUID doesn't fit remaing space, shorten local name */
3883 if ( local_name_len > (free_eir_length - 4 - num_uuid*LEN_UUID_16))
3884 {
3885 APPL_TRACE_WARNING0("BTA EIR: local name is shortened");
3886 local_name_len = p_bta_dm_eir_cfg->bta_dm_eir_min_name_len;
3887 data_type = BTM_EIR_SHORTENED_LOCAL_NAME_TYPE;
3888 }
3889 else
3890 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
3891 }
3892
3893 UINT8_TO_STREAM(p, local_name_len + 1);
3894 UINT8_TO_STREAM(p, data_type);
3895 memcpy(p, local_name, local_name_len);
3896 p += local_name_len;
3897 free_eir_length -= local_name_len + 2;
3898
3899 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
3900 /* if UUID list is provided as static data in configuration */
3901 if(( p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len > 0 )
3902 &&(p_bta_dm_eir_cfg->bta_dm_eir_uuid16))
3903 {
3904 if( free_eir_length > LEN_UUID_16 + 2)
3905 {
3906 free_eir_length -= 2;
3907
3908 if( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len)
3909 {
3910 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len / LEN_UUID_16;
3911 data_type = BTM_EIR_COMPLETE_16BITS_UUID_TYPE;
3912 }
3913 else /* not enough room for all UUIDs */
3914 {
3915 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
3916 num_uuid = free_eir_length / LEN_UUID_16;
3917 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
3918 }
3919 UINT8_TO_STREAM(p, num_uuid * LEN_UUID_16 + 1);
3920 UINT8_TO_STREAM(p, data_type);
3921 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_uuid16, num_uuid * LEN_UUID_16 );
3922 p += num_uuid * LEN_UUID_16;
3923 free_eir_length -= num_uuid * LEN_UUID_16;
3924 }
3925 }
3926 #else /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
3927 /* if UUID list is dynamic */
3928 if ( free_eir_length >= 2)
3929 {
3930 p_length = p++;
3931 p_type = p++;
3932 num_uuid = 0;
3933
3934 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
3935 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, max_num_uuid, &num_uuid );
3936
3937 if( data_type == BTM_EIR_MORE_16BITS_UUID_TYPE )
3938 {
3939 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
3940 }
3941 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3942 else
3943 {
3944 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
3945 {
3946 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_16)
3947 {
3948 if ( num_uuid < max_num_uuid )
3949 {
3950 UINT16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid16);
3951 num_uuid++;
3952 }
3953 else
3954 {
3955 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
3956 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
3957 break;
3958 }
3959 }
3960 }
3961 }
3962 #endif /* (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
3963
3964 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_16 + 1);
3965 UINT8_TO_STREAM(p_type, data_type);
3966 free_eir_length -= num_uuid * LEN_UUID_16 + 2;
3967 }
3968 #endif /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
3969
3970 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3971 /* Adding 32-bit UUID list */
3972 if ( free_eir_length >= 2)
3973 {
3974 p_length = p++;
3975 p_type = p++;
3976 num_uuid = 0;
3977 data_type = BTM_EIR_COMPLETE_32BITS_UUID_TYPE;
3978
3979 max_num_uuid = (free_eir_length - 2)/LEN_UUID_32;
3980
3981 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
3982 {
3983 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_32)
3984 {
3985 if ( num_uuid < max_num_uuid )
3986 {
3987 UINT32_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid32);
3988 num_uuid++;
3989 }
3990 else
3991 {
3992 data_type = BTM_EIR_MORE_32BITS_UUID_TYPE;
3993 APPL_TRACE_WARNING0("BTA EIR: UUID 32-bit list is truncated");
3994 break;
3995 }
3996 }
3997 }
3998
3999 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_32 + 1);
4000 UINT8_TO_STREAM(p_type, data_type);
4001 free_eir_length -= num_uuid * LEN_UUID_32 + 2;
4002 }
4003
4004 /* Adding 128-bit UUID list */
4005 if ( free_eir_length >= 2)
4006 {
4007 p_length = p++;
4008 p_type = p++;
4009 num_uuid = 0;
4010 data_type = BTM_EIR_COMPLETE_128BITS_UUID_TYPE;
4011
4012 max_num_uuid = (free_eir_length - 2)/LEN_UUID_128;
4013
4014 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4015 {
4016 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_128)
4017 {
4018 if ( num_uuid < max_num_uuid )
4019 {
4020 ARRAY16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid128);
4021 num_uuid++;
4022 }
4023 else
4024 {
4025 data_type = BTM_EIR_MORE_128BITS_UUID_TYPE;
4026 APPL_TRACE_WARNING0("BTA EIR: UUID 128-bit list is truncated");
4027 break;
4028 }
4029 }
4030 }
4031
4032 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_128 + 1);
4033 UINT8_TO_STREAM(p_type, data_type);
4034 free_eir_length -= num_uuid * LEN_UUID_128 + 2;
4035 }
4036 #endif /* ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
4037
4038 /* if Flags are provided in configuration */
4039 if(( p_bta_dm_eir_cfg->bta_dm_eir_flag_len > 0 )
4040 &&( p_bta_dm_eir_cfg->bta_dm_eir_flags )
4041 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2 ))
4042 {
4043 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 1);
4044 UINT8_TO_STREAM(p, BTM_EIR_FLAGS_TYPE);
4045 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_flags,
4046 p_bta_dm_eir_cfg->bta_dm_eir_flag_len);
4047 p += p_bta_dm_eir_cfg->bta_dm_eir_flag_len;
4048 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2;
4049 }
4050
4051 /* if Inquiry Tx Resp Power compiled */
4052 if((p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power) &&
4053 (free_eir_length >= 3))
4054 {
4055 UINT8_TO_STREAM(p, 2); /* Length field */
4056 UINT8_TO_STREAM(p, BTM_EIR_TX_POWER_LEVEL_TYPE);
4057 UINT8_TO_STREAM(p, *(p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power));
4058 free_eir_length -= 3;
4059 }
4060
4061 /* if Manufacturer Specific are provided in configuration */
4062 if(( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len > 0 )
4063 &&( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec )
4064 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2 ))
4065 {
4066 p_length = p;
4067
4068 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 1);
4069 UINT8_TO_STREAM(p, BTM_EIR_MANUFACTURER_SPECIFIC_TYPE);
4070 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec,
4071 p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len);
4072 p += p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len;
4073 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2;
4074
4075 }
4076 else
4077 {
4078 p_length = NULL;
4079 }
4080
4081 if( free_eir_length )
4082 UINT8_TO_STREAM(p, 0); /* terminator of significant part */
4083
4084 BTM_WriteEIR( p_buf );
4085
4086 }
4087 #endif
4088
4089 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
4090 /*******************************************************************************
4091 **
4092 ** Function bta_dm_eir_search_services
4093 **
4094 ** Description This function searches services in received EIR
4095 **
4096 ** Returns None
4097 **
4098 *******************************************************************************/
bta_dm_eir_search_services(tBTM_INQ_RESULTS * p_result,tBTA_SERVICE_MASK * p_services_to_search,tBTA_SERVICE_MASK * p_services_found)4099 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
4100 tBTA_SERVICE_MASK *p_services_to_search,
4101 tBTA_SERVICE_MASK *p_services_found)
4102 {
4103 tBTA_SERVICE_MASK service_index = 0;
4104 tBTM_EIR_SEARCH_RESULT result;
4105
4106 APPL_TRACE_DEBUG6("BTA searching services in EIR of BDA:0x%02X%02X%02X%02X%02X%02X",
4107 p_result->remote_bd_addr[0],p_result->remote_bd_addr[1],
4108 p_result->remote_bd_addr[2],p_result->remote_bd_addr[3],
4109 p_result->remote_bd_addr[4],p_result->remote_bd_addr[5]);
4110
4111 APPL_TRACE_DEBUG1(" with services_to_search=0x%08X", *p_services_to_search);
4112
4113 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
4114 /* always do GATT based service discovery by SDP instead of from EIR */
4115 /* if GATT based service is also to be put in EIR, need to modify this */
4116 while (service_index < (BTA_MAX_SERVICE_ID - 1))
4117 #else
4118 while(service_index < BTA_MAX_SERVICE_ID)
4119 #endif
4120 {
4121 if( *p_services_to_search
4122 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)))
4123 {
4124 result = BTM_HasInquiryEirService( p_result,
4125 bta_service_id_to_uuid_lkup_tbl[service_index] );
4126
4127 /* Searching for HSP v1.2 only device */
4128 if ((result != BTM_EIR_FOUND) &&
4129 (bta_service_id_to_uuid_lkup_tbl[service_index] == UUID_SERVCLASS_HEADSET))
4130 {
4131 result = BTM_HasInquiryEirService (p_result, UUID_SERVCLASS_HEADSET_HS);
4132 }
4133
4134 if( result == BTM_EIR_FOUND )
4135 {
4136 /* If Plug and Play service record, need to check to see if Broadcom stack */
4137 /* However, EIR data doesn't have EXT_BRCM_VERSION so just skip it */
4138 if( bta_service_id_to_uuid_lkup_tbl[service_index]
4139 != UUID_SERVCLASS_PNP_INFORMATION )
4140 {
4141
4142 *p_services_found |=
4143 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index));
4144 /* remove the service from services to be searched */
4145 *p_services_to_search &=
4146 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4147 }
4148 }
4149 else if( result == BTM_EIR_NOT_FOUND )
4150 {
4151 /* remove the service from services to be searched */
4152 *p_services_to_search &=
4153 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4154 }
4155 }
4156
4157 service_index++;
4158 }
4159
4160 APPL_TRACE_ERROR2("BTA EIR search result, services_to_search=0x%08X, services_found=0x%08X",
4161 *p_services_to_search, *p_services_found);
4162 }
4163 #endif
4164
4165 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE)
4166 /*******************************************************************************
4167 **
4168 ** Function bta_dm_eir_update_uuid
4169 **
4170 ** Description This function adds or removes service UUID in EIR database.
4171 **
4172 ** Returns None
4173 **
4174 *******************************************************************************/
bta_dm_eir_update_uuid(UINT16 uuid16,BOOLEAN adding)4175 void bta_dm_eir_update_uuid(UINT16 uuid16, BOOLEAN adding)
4176 {
4177 /* if this UUID is not advertised in EIR */
4178 if( !BTM_HasEirService( p_bta_dm_eir_cfg->uuid_mask, uuid16 ))
4179 return;
4180
4181 if( adding )
4182 {
4183 APPL_TRACE_EVENT1("Adding UUID=0x%04X into EIR", uuid16);
4184
4185 BTM_AddEirService( bta_dm_cb.eir_uuid, uuid16 );
4186 }
4187 else
4188 {
4189 APPL_TRACE_EVENT1("Removing UUID=0x%04X from EIR", uuid16);
4190
4191 BTM_RemoveEirService( bta_dm_cb.eir_uuid, uuid16 );
4192 }
4193
4194 bta_dm_set_eir (NULL);
4195
4196 APPL_TRACE_EVENT2("bta_dm_eir_update_uuid UUID bit mask=0x%08X %08X",
4197 bta_dm_cb.eir_uuid[1], bta_dm_cb.eir_uuid[0] );
4198 }
4199 #endif
4200
4201 /*******************************************************************************
4202 **
4203 ** Function bta_dm_enable_test_mode
4204 **
4205 ** Description enable test mode
4206 **
4207 **
4208 ** Returns void
4209 **
4210 *******************************************************************************/
bta_dm_enable_test_mode(tBTA_DM_MSG * p_data)4211 void bta_dm_enable_test_mode(tBTA_DM_MSG *p_data)
4212 {
4213 BTM_EnableTestMode();
4214 }
4215
4216 /*******************************************************************************
4217 **
4218 ** Function bta_dm_disable_test_mode
4219 **
4220 ** Description disable test mode
4221 **
4222 **
4223 ** Returns void
4224 **
4225 *******************************************************************************/
bta_dm_disable_test_mode(tBTA_DM_MSG * p_data)4226 void bta_dm_disable_test_mode(tBTA_DM_MSG *p_data)
4227 {
4228 BTM_DeviceReset(NULL);
4229 }
4230
4231 /*******************************************************************************
4232 **
4233 ** Function bta_dm_execute_callback
4234 **
4235 ** Description Just execute a generic call back in the context of the BTU/BTA tack
4236 **
4237 **
4238 ** Returns void
4239 **
4240 *******************************************************************************/
bta_dm_execute_callback(tBTA_DM_MSG * p_data)4241 void bta_dm_execute_callback(tBTA_DM_MSG *p_data)
4242 {
4243 /* sanity check */
4244 if(p_data->exec_cback.p_exec_cback == NULL)
4245 {
4246 return;
4247 }
4248
4249 p_data->exec_cback.p_exec_cback(p_data->exec_cback.p_param);
4250 }
4251 /*******************************************************************************
4252 **
4253 ** Function bta_dm_encrypt_cback
4254 **
4255 ** Description link encryption complete callback.
4256 **
4257 ** Returns None
4258 **
4259 *******************************************************************************/
bta_dm_encrypt_cback(BD_ADDR bd_addr,void * p_ref_data,tBTM_STATUS result)4260 void bta_dm_encrypt_cback(BD_ADDR bd_addr, void *p_ref_data, tBTM_STATUS result)
4261 {
4262 tBTA_STATUS bta_status = BTA_SUCCESS;
4263 tBTA_DM_ENCRYPT_CBACK *p_callback = bta_dm_cb.p_encrypt_cback;
4264
4265 bta_dm_cb.p_encrypt_cback = NULL;
4266 switch (result)
4267 {
4268 case BTM_SUCCESS:
4269 break;
4270 case BTM_WRONG_MODE:
4271 bta_status = BTA_WRONG_MODE;
4272 break;
4273 case BTM_NO_RESOURCES:
4274 bta_status = BTA_NO_RESOURCES;
4275 break;
4276 case BTM_BUSY:
4277 bta_status = BTA_BUSY;
4278 break;
4279 default:
4280 bta_status = BTA_FAILURE;
4281 break;
4282 }
4283
4284 APPL_TRACE_DEBUG2("bta_dm_encrypt_cback status =%d p_callback=0x%x", bta_status, p_callback);
4285
4286 if (p_callback)
4287 {
4288 (*p_callback)(bd_addr, bta_status);
4289 }
4290 }
4291 /*******************************************************************************
4292 **
4293 ** Function bta_dm_set_encryption
4294 **
4295 ** Description This function to encrypt the link
4296 **
4297 ** Returns None
4298 **
4299 *******************************************************************************/
bta_dm_set_encryption(tBTA_DM_MSG * p_data)4300 void bta_dm_set_encryption (tBTA_DM_MSG *p_data)
4301 {
4302
4303 APPL_TRACE_DEBUG0("bta_dm_set_encryption"); //todo
4304 if (!p_data->set_encryption.p_callback)
4305 {
4306 APPL_TRACE_ERROR0("bta_dm_set_encryption callback is not provided");
4307 return;
4308 }
4309
4310 if (bta_dm_cb.p_encrypt_cback)
4311 {
4312 (*p_data->set_encryption.p_callback)(p_data->set_encryption.bd_addr, BTA_BUSY);
4313 return;
4314 }
4315
4316
4317 bta_dm_cb.p_encrypt_cback = p_data->set_encryption.p_callback;
4318 bta_dm_cb.sec_act = p_data->set_encryption.sec_act;
4319 BTM_SetEncryption(p_data->set_encryption.bd_addr, bta_dm_encrypt_cback, &bta_dm_cb.sec_act);
4320 }
4321
4322 /*******************************************************************************
4323 **
4324 ** Function bta_dm_set_afh_channels
4325 **
4326 ** Description set afh channels
4327 **
4328 **
4329 ** Returns void
4330 **
4331 *******************************************************************************/
bta_dm_set_afh_channels(tBTA_DM_MSG * p_data)4332 void bta_dm_set_afh_channels(tBTA_DM_MSG * p_data)
4333 {
4334
4335 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last);
4336 }
4337
4338 /*******************************************************************************
4339 **
4340 ** Function bta_dm_set_afh_channel_assesment
4341 **
4342 ** Description set afh channel assesment
4343 **
4344 **
4345 ** Returns void
4346 **
4347 *******************************************************************************/
4348
bta_dm_set_afh_channel_assesment(tBTA_DM_MSG * p_data)4349 void bta_dm_set_afh_channel_assesment (tBTA_DM_MSG * p_data)
4350 {
4351 BTM_SetAfhChannelAssessment(p_data->set_afh_channel_assessment.enable_or_disable);
4352 }
4353
4354 #if (BLE_INCLUDED == TRUE)
4355 #if (SMP_INCLUDED == TRUE)
4356 /*******************************************************************************
4357 **
4358 ** Function bta_dm_ble_smp_cback
4359 **
4360 ** Description Callback for BLE SMP
4361 **
4362 **
4363 ** Returns void
4364 **
4365 *******************************************************************************/
bta_dm_ble_smp_cback(tBTM_LE_EVT event,BD_ADDR bda,tBTM_LE_EVT_DATA * p_data)4366 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data)
4367 {
4368 tBTM_STATUS status = BTM_SUCCESS;
4369 tBTA_DM_SEC sec_event;
4370
4371 if (!bta_dm_cb.p_sec_cback)
4372 return BTM_NOT_AUTHORIZED;
4373
4374 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
4375 switch (event)
4376 {
4377 case BTM_LE_IO_REQ_EVT:
4378 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
4379
4380 bta_dm_co_ble_io_req(bda,
4381 &p_data->io_req.io_cap,
4382 &p_data->io_req.oob_data,
4383 &p_data->io_req.auth_req,
4384 &p_data->io_req.max_key_size,
4385 &p_data->io_req.init_keys,
4386 &p_data->io_req.resp_keys);
4387 #endif
4388 #if BTM_OOB_INCLUDED == FALSE
4389 status = BTM_SUCCESS;
4390 #endif
4391 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
4392
4393 break;
4394
4395 case BTM_LE_SEC_REQUEST_EVT:
4396 bdcpy(sec_event.ble_req.bd_addr, bda);
4397 BCM_STRNCPY_S((char*)sec_event.ble_req.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
4398 bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event);
4399 break;
4400
4401 case BTM_LE_KEY_NOTIF_EVT:
4402 bdcpy(sec_event.key_notif.bd_addr, bda);
4403 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
4404 sec_event.key_notif.passkey = p_data->key_notif;
4405 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event);
4406 break;
4407
4408 case BTM_LE_KEY_REQ_EVT:
4409 bdcpy(sec_event.ble_req.bd_addr, bda);
4410 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_REQ_EVT, &sec_event);
4411 break;
4412
4413 case BTM_LE_OOB_REQ_EVT:
4414 bdcpy(sec_event.ble_req.bd_addr, bda);
4415 bta_dm_cb.p_sec_cback(BTA_DM_BLE_OOB_REQ_EVT, &sec_event);
4416 break;
4417
4418 case BTM_LE_KEY_EVT:
4419 bdcpy(sec_event.ble_key.bd_addr, bda);
4420 sec_event.ble_key.key_type = p_data->key.key_type;
4421 memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE));
4422 bta_dm_cb.p_sec_cback(BTA_DM_BLE_KEY_EVT, &sec_event);
4423 break;
4424
4425 case BTM_LE_COMPLT_EVT:
4426 bdcpy(sec_event.auth_cmpl.bd_addr, bda);
4427 if (p_data->complt.reason != 0)
4428 sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason));
4429 else
4430 sec_event.auth_cmpl.success = TRUE;
4431
4432 if (bta_dm_cb.p_sec_cback)
4433 {
4434 //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
4435 bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event);
4436 }
4437
4438 break;
4439
4440 default:
4441 status = BTM_NOT_AUTHORIZED;
4442 break;
4443 }
4444 return status;
4445 }
4446 #endif /* SMP_INCLUDED == TRUE */
4447
4448 /*******************************************************************************
4449 **
4450 ** Function bta_dm_ble_id_key_cback
4451 **
4452 ** Description Callback for BLE local ID keys
4453 **
4454 **
4455 ** Returns void
4456 **
4457 *******************************************************************************/
bta_dm_ble_id_key_cback(UINT8 key_type,tBTM_BLE_LOCAL_KEYS * p_key)4458 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key)
4459 {
4460 UINT8 evt;
4461 tBTA_DM_SEC dm_key;
4462
4463 switch (key_type)
4464 {
4465 case BTM_BLE_KEY_TYPE_ID:
4466 case BTM_BLE_KEY_TYPE_ER:
4467 if (bta_dm_cb.p_sec_cback)
4468 {
4469 memcpy(&dm_key.ble_id_keys, p_key, sizeof(tBTM_BLE_LOCAL_KEYS));
4470
4471 evt = (key_type == BTM_BLE_KEY_TYPE_ID) ? BTA_DM_BLE_LOCAL_IR_EVT :\
4472 BTA_DM_BLE_LOCAL_ER_EVT;
4473 bta_dm_cb.p_sec_cback(evt, &dm_key);
4474 }
4475 break;
4476
4477 default:
4478 APPL_TRACE_DEBUG1("Unknown key type %d", key_type);
4479 break;
4480 }
4481 return;
4482
4483 }
4484
4485 /*******************************************************************************
4486 **
4487 ** Function bta_dm_add_blekey
4488 **
4489 ** Description This function adds an BLE Key to an security database entry.
4490 ** This function shall only be called AFTER BTA_DmAddBleDevice has been called.
4491 ** It is normally called during host startup to restore all required information
4492 ** stored in the NVRAM.
4493 **
4494 ** Parameters:
4495 **
4496 *******************************************************************************/
bta_dm_add_blekey(tBTA_DM_MSG * p_data)4497 void bta_dm_add_blekey (tBTA_DM_MSG *p_data)
4498 {
4499 if (!BTM_SecAddBleKey (p_data->add_ble_key.bd_addr,
4500 (tBTM_LE_KEY_VALUE *)&p_data->add_ble_key.blekey,
4501 p_data->add_ble_key.key_type))
4502 {
4503 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Key for device %08x%04x",
4504 (p_data->add_ble_key.bd_addr[0]<<24)+(p_data->add_ble_key.bd_addr[1]<<16)+\
4505 (p_data->add_ble_key.bd_addr[2]<<8)+p_data->add_ble_key.bd_addr[3],
4506 (p_data->add_ble_key.bd_addr[4]<<8)+p_data->add_ble_key.bd_addr[5]);
4507 }
4508 }
4509
4510 /*******************************************************************************
4511 **
4512 ** Function bta_dm_add_ble_device
4513 **
4514 ** Description This function adds an BLE device to an security database entry.
4515 ** It is normally called during host startup to restore all required information
4516 ** stored in the NVRAM.
4517 **
4518 ** Parameters:
4519 **
4520 *******************************************************************************/
bta_dm_add_ble_device(tBTA_DM_MSG * p_data)4521 void bta_dm_add_ble_device (tBTA_DM_MSG *p_data)
4522 {
4523 if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL,
4524 p_data->add_ble_device.dev_type ,
4525 p_data->add_ble_device.addr_type))
4526 {
4527 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Device for device %08x%04x",
4528 (p_data->add_ble_device.bd_addr[0]<<24)+(p_data->add_ble_device.bd_addr[1]<<16)+ \
4529 (p_data->add_ble_device.bd_addr[2]<<8)+p_data->add_ble_device.bd_addr[3],
4530 (p_data->add_ble_device.bd_addr[4]<<8)+p_data->add_ble_device.bd_addr[5]);
4531 }
4532 }
4533
4534 /*******************************************************************************
4535 **
4536 ** Function bta_dm_add_ble_device
4537 **
4538 ** Description This function adds an BLE device to an security database entry.
4539 ** It is normally called during host startup to restore all required information
4540 ** stored in the NVRAM.
4541 **
4542 ** Parameters:
4543 **
4544 *******************************************************************************/
bta_dm_ble_passkey_reply(tBTA_DM_MSG * p_data)4545 void bta_dm_ble_passkey_reply (tBTA_DM_MSG *p_data)
4546 {
4547 if (p_data->pin_reply.accept)
4548 {
4549
4550 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_SUCCESS, p_data->ble_passkey_reply.passkey);
4551 }
4552 else
4553 {
4554 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED, p_data->ble_passkey_reply.passkey);
4555 }
4556
4557 }
4558
4559 /*******************************************************************************
4560 **
4561 ** Function bta_dm_security_grant
4562 **
4563 ** Description This function grant SMP security request access.
4564 **
4565 ** Parameters:
4566 **
4567 *******************************************************************************/
bta_dm_security_grant(tBTA_DM_MSG * p_data)4568 void bta_dm_security_grant (tBTA_DM_MSG *p_data)
4569 {
4570 BTM_SecurityGrant(p_data->ble_sec_grant.bd_addr, p_data->ble_sec_grant.res);
4571 }
4572
4573 /*******************************************************************************
4574 **
4575 ** Function bta_dm_ble_set_bg_conn_type
4576 **
4577 ** Description This function set the BLE background connection type
4578 **
4579 ** Parameters:
4580 **
4581 *******************************************************************************/
bta_dm_ble_set_bg_conn_type(tBTA_DM_MSG * p_data)4582 void bta_dm_ble_set_bg_conn_type (tBTA_DM_MSG *p_data)
4583 {
4584 BTM_BleSetBgConnType(p_data->ble_set_bd_conn_type.bg_conn_type,
4585 p_data->ble_set_bd_conn_type.p_select_cback);
4586 }
4587
4588 /*******************************************************************************
4589 **
4590 ** Function bta_dm_ble_set_conn_params
4591 **
4592 ** Description This function set the preferred connection parameters.
4593 **
4594 ** Parameters:
4595 **
4596 *******************************************************************************/
bta_dm_ble_set_conn_params(tBTA_DM_MSG * p_data)4597 void bta_dm_ble_set_conn_params (tBTA_DM_MSG *p_data)
4598 {
4599 BTM_BleSetPrefConnParams(p_data->ble_set_conn_params.peer_bda,
4600 p_data->ble_set_conn_params.conn_int_min,
4601 p_data->ble_set_conn_params.conn_int_max,
4602 p_data->ble_set_conn_params.slave_latency,
4603 p_data->ble_set_conn_params.supervision_tout);
4604 }
4605
4606 /*******************************************************************************
4607 **
4608 ** Function bta_dm_ble_set_scan_params
4609 **
4610 ** Description This function set the preferred connection scan parameters.
4611 **
4612 ** Parameters:
4613 **
4614 *******************************************************************************/
bta_dm_ble_set_scan_params(tBTA_DM_MSG * p_data)4615 void bta_dm_ble_set_scan_params (tBTA_DM_MSG *p_data)
4616 {
4617 BTM_BleSetConnScanParams(p_data->ble_set_scan_params.scan_int,
4618 p_data->ble_set_scan_params.scan_window);
4619 }
4620
4621 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
4622
4623 /*******************************************************************************
4624 **
4625 ** Function btm_dm_start_disc_gatt_services
4626 **
4627 ** Description This function starts a GATT service search request.
4628 **
4629 ** Parameters:
4630 **
4631 *******************************************************************************/
btm_dm_start_disc_gatt_services(UINT16 conn_id)4632 static void btm_dm_start_disc_gatt_services (UINT16 conn_id)
4633 {
4634 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid +
4635 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
4636
4637 p_uuid = bta_dm_search_cb.p_srvc_uuid +
4638 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
4639
4640 /* always search for all services */
4641 BTA_GATTC_ServiceSearchRequest(conn_id, p_uuid);
4642 }
4643
4644 /*******************************************************************************
4645 **
4646 ** Function bta_dm_gatt_disc_result
4647 **
4648 ** Description This function process the GATT service search result.
4649 **
4650 ** Parameters:
4651 **
4652 *******************************************************************************/
bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)4653 static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)
4654 {
4655 tBTA_DM_SEARCH result;
4656
4657 /*
4658 * This logic will not work for gatt case. We are checking against the bluetooth profiles here
4659 * just copy the GATTID in raw data field and send it across.
4660 */
4661
4662
4663 if ( bta_dm_search_cb.ble_raw_used + sizeof(tBTA_GATT_ID) < bta_dm_search_cb.ble_raw_size )
4664 {
4665 APPL_TRACE_DEBUG3("ADDING BLE SERVICE uuid=0x%x, ble_ptr = 0x%x, ble_raw_used = 0x%x", service_id.uuid.uu.uuid16,bta_dm_search_cb.p_ble_rawdata,bta_dm_search_cb.ble_raw_used);
4666
4667 memcpy((bta_dm_search_cb.p_ble_rawdata + bta_dm_search_cb.ble_raw_used), &service_id,
4668 sizeof(service_id) );
4669
4670 bta_dm_search_cb.ble_raw_used += sizeof(service_id);
4671
4672 }
4673 else
4674 {
4675 APPL_TRACE_ERROR3("%s out of room to accomodate more service ids ble_raw_size = %d ble_raw_used = %d", __FUNCTION__,bta_dm_search_cb.ble_raw_size, bta_dm_search_cb.ble_raw_used );
4676 }
4677
4678 APPL_TRACE_ERROR1("bta_dm_gatt_disc_result serivce_id len=%d ", service_id.uuid.len);
4679 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
4680 {
4681
4682 /* send result back to app now, one by one */
4683 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
4684 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
4685 memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID));
4686
4687 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
4688 }
4689 }
4690
4691 /*******************************************************************************
4692 **
4693 ** Function bta_dm_gatt_disc_complete
4694 **
4695 ** Description This function process the GATT service search complete.
4696 **
4697 ** Parameters:
4698 **
4699 *******************************************************************************/
bta_dm_gatt_disc_complete(UINT16 conn_id,tBTA_GATT_STATUS status)4700 static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status)
4701 {
4702 tBTA_DM_MSG *p_msg;
4703
4704 APPL_TRACE_DEBUG1("bta_dm_gatt_disc_complete conn_id = %d",conn_id);
4705
4706 if (bta_dm_search_cb.uuid_to_search > 0) bta_dm_search_cb.uuid_to_search --;
4707
4708 if (status == BTA_GATT_OK && bta_dm_search_cb.uuid_to_search > 0)
4709 {
4710 btm_dm_start_disc_gatt_services(conn_id);
4711 }
4712 else
4713 {
4714 bta_dm_search_cb.uuid_to_search = 0;
4715
4716 /* no more services to be discovered */
4717 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
4718 {
4719 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
4720 p_msg->disc_result.result.disc_res.result = (status == BTA_GATT_OK) ? BTA_SUCCESS :BTA_FAILURE;
4721 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
4722 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
4723 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
4724 bta_dm_get_remname(), (BD_NAME_LEN-1));
4725
4726 /* make sure the string is terminated */
4727 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
4728
4729 p_msg->disc_result.result.disc_res.device_type = BT_DEVICE_TYPE_BLE;
4730 if ( bta_dm_search_cb.ble_raw_used > 0 )
4731 {
4732 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.ble_raw_used);
4733
4734 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
4735 bta_dm_search_cb.p_ble_rawdata,
4736 bta_dm_search_cb.ble_raw_used );
4737
4738 p_msg->disc_result.result.disc_res.raw_data_size = bta_dm_search_cb.ble_raw_used;
4739 }
4740 else
4741 {
4742 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
4743 bta_dm_search_cb.p_ble_rawdata = 0;
4744 }
4745
4746 bta_sys_sendmsg(p_msg);
4747 }
4748 if (conn_id != BTA_GATT_INVALID_CONN_ID)
4749 {
4750 BTA_GATTC_Close(conn_id);
4751 }
4752 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
4753 bta_dm_search_cb.gatt_disc_active = FALSE;
4754 }
4755 }
4756
4757 /*******************************************************************************
4758 **
4759 ** Function btm_dm_start_gatt_discovery
4760 **
4761 ** Description This is GATT initiate the service search by open a GATT connection
4762 ** first.
4763 **
4764 ** Parameters:
4765 **
4766 *******************************************************************************/
btm_dm_start_gatt_discovery(BD_ADDR bd_addr)4767 void btm_dm_start_gatt_discovery (BD_ADDR bd_addr)
4768 {
4769 bta_dm_search_cb.gatt_disc_active = TRUE;
4770 BTA_GATTC_Open(bta_dm_search_cb.client_if, bd_addr, TRUE);
4771 }
4772
4773 /*******************************************************************************
4774 **
4775 ** Function bta_dm_cancel_gatt_discovery
4776 **
4777 ** Description This is GATT cancel the GATT service search.
4778 **
4779 ** Parameters:
4780 **
4781 *******************************************************************************/
bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)4782 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)
4783 {
4784 if (bta_dm_search_cb.conn_id == BTA_GATT_INVALID_CONN_ID)
4785 {
4786 BTA_GATTC_CancelOpen(bta_dm_search_cb.client_if, bd_addr, TRUE);
4787 }
4788
4789 bta_dm_gatt_disc_complete(bta_dm_search_cb.conn_id, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
4790 }
4791
4792 /*******************************************************************************
4793 **
4794 ** Function bta_dm_proc_open_evt
4795 **
4796 ** Description process BTA_GATTC_OPEN_EVT in DM.
4797 **
4798 ** Parameters:
4799 **
4800 *******************************************************************************/
bta_dm_proc_open_evt(tBTA_GATTC_OPEN * p_data)4801 void bta_dm_proc_open_evt(tBTA_GATTC_OPEN *p_data)
4802 {
4803 UINT8 *p1;
4804 UINT8 *p2;
4805
4806 p1 = bta_dm_search_cb.peer_bdaddr;
4807 p2 = p_data->remote_bda;
4808
4809 APPL_TRACE_DEBUG5("DM Search state= %d search_cb.peer_dbaddr: [%08x%04x] connected_bda= [%08x%04x] ",
4810 bta_dm_search_cb.state,
4811 ((p1[0])<<24)+((p1[1])<<16)+((p1[2])<<8)+(p1[3]),
4812 ((p1[4])<<8)+ p1[5],
4813 ((p2[0])<<24)+((p2[1])<<16)+((p2[2])<<8)+(p2[3]),
4814 ((p2[4])<<8)+ p2[5]);
4815
4816 APPL_TRACE_DEBUG3("BTA_GATTC_OPEN_EVT conn_id = %d client_if=%d status = %d" ,
4817 p_data->conn_id,
4818 p_data->client_if,
4819 p_data->status);
4820
4821 bta_dm_search_cb.conn_id = p_data->conn_id;
4822
4823 if (p_data->status == BTA_GATT_OK)
4824 {
4825 btm_dm_start_disc_gatt_services(p_data->conn_id);
4826 }
4827 else
4828 {
4829 bta_dm_gatt_disc_complete(BTA_GATT_INVALID_CONN_ID, p_data->status);
4830 }
4831 }
4832
4833 /*******************************************************************************
4834 **
4835 ** Function bta_dm_gattc_callback
4836 **
4837 ** Description This is GATT client callback function used in DM.
4838 **
4839 ** Parameters:
4840 **
4841 *******************************************************************************/
bta_dm_gattc_callback(tBTA_GATTC_EVT event,tBTA_GATTC * p_data)4842 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data)
4843 {
4844 APPL_TRACE_DEBUG1("bta_dm_gattc_callback event = %d", event);
4845
4846 switch (event)
4847 {
4848 case BTA_GATTC_REG_EVT:
4849 APPL_TRACE_DEBUG1("BTA_GATTC_REG_EVT client_if = %d", p_data->reg_oper.client_if);
4850 if (p_data->reg_oper.status == BTA_GATT_OK)
4851 bta_dm_search_cb.client_if = p_data->reg_oper.client_if;
4852 else
4853 bta_dm_search_cb.client_if = BTA_GATTS_INVALID_IF;
4854 break;
4855
4856 case BTA_GATTC_OPEN_EVT:
4857 bta_dm_proc_open_evt(&p_data->open);
4858 break;
4859
4860 case BTA_GATTC_SEARCH_RES_EVT:
4861 bta_dm_gatt_disc_result(p_data->srvc_res.service_uuid.id);
4862 break;
4863
4864 case BTA_GATTC_SEARCH_CMPL_EVT:
4865 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
4866 bta_dm_gatt_disc_complete(p_data->search_cmpl.conn_id, p_data->search_cmpl.status);
4867 break;
4868
4869 case BTA_GATTC_CLOSE_EVT:
4870 APPL_TRACE_DEBUG1("BTA_GATTC_CLOSE_EVT reason = %d", p_data->close.reason);
4871 /* in case of disconnect before search is completed */
4872 if ( (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) &&
4873 !memcmp(p_data->close.remote_bda, bta_dm_search_cb.peer_bdaddr, BD_ADDR_LEN))
4874 {
4875 bta_dm_gatt_disc_complete((UINT16)BTA_GATT_INVALID_CONN_ID, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
4876 }
4877 break;
4878
4879 default:
4880 break;
4881 }
4882 }
4883
4884 #endif /* BTA_GATT_INCLUDED */
4885
4886 #endif /* BLE_INCLUDED */
4887