1 /******************************************************************************
2 *
3 * Copyright (C) 2000-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions that handle ACL connections. This includes
22 * operations such as hold and sniff modes, supported packet types.
23 *
24 ******************************************************************************/
25
26 #include <stdlib.h>
27 #include <string.h>
28 #include <stdio.h>
29 #include <stddef.h>
30
31 #include "bt_types.h"
32 #include "bt_target.h"
33 #include "gki.h"
34 #include "hcimsgs.h"
35 #include "btu.h"
36 #include "btm_api.h"
37 #include "btm_int.h"
38 #include "l2c_int.h"
39 #include "hcidefs.h"
40 static void btm_establish_continue (tACL_CONN *p_acl_cb);
41
42 #define BTM_DEV_REPLY_TIMEOUT 3 /* 3 second timeout waiting for responses */
43
44 /*******************************************************************************
45 **
46 ** Function btm_acl_init
47 **
48 ** Description This function is called at BTM startup to initialize
49 **
50 ** Returns void
51 **
52 *******************************************************************************/
btm_acl_init(void)53 void btm_acl_init (void)
54 {
55 BTM_TRACE_DEBUG0 ("btm_acl_init");
56 #if 0 /* cleared in btm_init; put back in if called from anywhere else! */
57 memset (&btm_cb.acl_db, 0, sizeof (btm_cb.acl_db));
58 #if RFCOMM_INCLUDED == TRUE
59 memset (btm_cb.btm_scn, 0, BTM_MAX_SCN); /* Initialize the SCN usage to FALSE */
60 #endif
61 btm_cb.btm_def_link_policy = 0;
62 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
63 btm_cb.p_bl_changed_cb = NULL;
64 #else
65 btm_cb.p_acl_changed_cb = NULL;
66 #endif
67 #endif
68
69 /* Initialize nonzero defaults */
70 btm_cb.btm_def_link_super_tout = HCI_DEFAULT_INACT_TOUT;
71 btm_cb.acl_disc_reason = 0xff ;
72 }
73
74 /*******************************************************************************
75 **
76 ** Function btm_bda_to_acl
77 **
78 ** Description This function returns the FIRST acl_db entry for the passed BDA.
79 **
80 ** Returns Returns pointer to the ACL DB for the requested BDA if found.
81 ** NULL if not found.
82 **
83 *******************************************************************************/
btm_bda_to_acl(BD_ADDR bda)84 tACL_CONN *btm_bda_to_acl (BD_ADDR bda)
85 {
86 tACL_CONN *p = &btm_cb.acl_db[0];
87 UINT16 xx;
88 if (bda)
89 {
90 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++)
91 {
92 if ((p->in_use) && (!memcmp (p->remote_addr, bda, BD_ADDR_LEN)))
93 {
94 BTM_TRACE_DEBUG0 ("btm_bda_to_acl found");
95 return(p);
96 }
97 }
98 }
99 BTM_TRACE_DEBUG0 ("btm_bda_to_acl Not found");
100
101 /* If here, no BD Addr found */
102 return((tACL_CONN *)NULL);
103 }
104
105 /*******************************************************************************
106 **
107 ** Function btm_handle_to_acl_index
108 **
109 ** Description This function returns the FIRST acl_db entry for the passed hci_handle.
110 **
111 ** Returns index to the acl_db or MAX_L2CAP_LINKS.
112 **
113 *******************************************************************************/
btm_handle_to_acl_index(UINT16 hci_handle)114 UINT8 btm_handle_to_acl_index (UINT16 hci_handle)
115 {
116 tACL_CONN *p = &btm_cb.acl_db[0];
117 UINT8 xx;
118 BTM_TRACE_DEBUG0 ("btm_handle_to_acl_index");
119 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++)
120 {
121 if ((p->in_use) && (p->hci_handle == hci_handle))
122 {
123 break;
124 }
125 }
126
127 /* If here, no BD Addr found */
128 return(xx);
129 }
130
131
132 /*******************************************************************************
133 **
134 ** Function btm_acl_created
135 **
136 ** Description This function is called by L2CAP when an ACL connection
137 ** is created.
138 **
139 ** Returns void
140 **
141 *******************************************************************************/
btm_acl_created(BD_ADDR bda,DEV_CLASS dc,BD_NAME bdn,UINT16 hci_handle,UINT8 link_role,UINT8 is_le_link)142 void btm_acl_created (BD_ADDR bda, DEV_CLASS dc, BD_NAME bdn,
143 UINT16 hci_handle, UINT8 link_role, UINT8 is_le_link)
144 {
145 tBTM_SEC_DEV_REC *p_dev_rec;
146 UINT8 yy;
147 tACL_CONN *p;
148 UINT8 xx;
149
150 BTM_TRACE_DEBUG3 ("btm_acl_created hci_handle=%d link_role=%d is_le_link=%d",
151 hci_handle,link_role, is_le_link);
152 /* Ensure we don't have duplicates */
153 p = btm_bda_to_acl(bda);
154 if (p != (tACL_CONN *)NULL)
155 {
156 p->hci_handle = hci_handle;
157 p->link_role = link_role;
158 #if BLE_INCLUDED == TRUE
159 p->is_le_link = is_le_link;
160 #endif
161 BTM_TRACE_DEBUG6 ("Duplicate btm_acl_created: RemBdAddr: %02x%02x%02x%02x%02x%02x",
162 bda[0], bda[1], bda[2], bda[3], bda[4], bda[5]);
163 BTM_SetLinkPolicy(p->remote_addr, &btm_cb.btm_def_link_policy);
164 return;
165 }
166
167 /* Allocate acl_db entry */
168 for (xx = 0, p = &btm_cb.acl_db[0]; xx < MAX_L2CAP_LINKS; xx++, p++)
169 {
170 if (!p->in_use)
171 {
172 p->in_use = TRUE;
173 p->hci_handle = hci_handle;
174 p->link_role = link_role;
175 p->link_up_issued = FALSE;
176 #if BLE_INCLUDED == TRUE
177 p->is_le_link = is_le_link;
178 #endif
179 p->restore_pkt_types = 0; /* Only exists while SCO is active */
180 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
181
182 #if BTM_PWR_MGR_INCLUDED == FALSE
183 p->mode = BTM_ACL_MODE_NORMAL;
184 #else
185 btm_pm_sm_alloc(xx);
186 #endif /* BTM_PWR_MGR_INCLUDED == FALSE */
187
188 memcpy (p->remote_addr, bda, BD_ADDR_LEN);
189
190 if (dc)
191 memcpy (p->remote_dc, dc, DEV_CLASS_LEN);
192
193 if (bdn)
194 memcpy (p->remote_name, bdn, BTM_MAX_REM_BD_NAME_LEN);
195
196
197 /* Check if we already know features for this device */
198 p_dev_rec = btm_find_dev_by_handle (hci_handle);
199
200 #if (BLE_INCLUDED == TRUE)
201 if (p_dev_rec )
202 {
203 BTM_TRACE_DEBUG1 ("device_type=0x%x", p_dev_rec->device_type);
204 }
205 #endif
206
207
208 if (p_dev_rec
209 #if (BLE_INCLUDED == TRUE)
210 && p_dev_rec->device_type != BT_DEVICE_TYPE_BLE
211 #endif
212 )
213 {
214
215 /* if BR/EDR do something more */
216 btsnd_hcic_read_rmt_clk_offset (p->hci_handle);
217 btsnd_hcic_rmt_ver_req (p->hci_handle);
218
219 for (yy = 0; yy < BD_FEATURES_LEN; yy++)
220 {
221 if (p_dev_rec->features[yy])
222 {
223 memcpy (p->features, p_dev_rec->features, BD_FEATURES_LEN);
224 if (BTM_SEC_MODE_SP == btm_cb.security_mode &&
225 HCI_SIMPLE_PAIRING_SUPPORTED(p->features))
226 {
227 /* if SM4 supported, check peer support for SM4
228 * The remote controller supports SSP according to saved remote features
229 * read the extended feature page 1 for the host support for SSP */
230 if (btsnd_hcic_rmt_ext_features (p_dev_rec->hci_handle, 1))
231 return;
232 }
233 /* peer does not support SSP */
234 p_dev_rec->sm4 |= BTM_SM4_KNOWN;
235
236 btm_establish_continue (p);
237 return;
238 }
239 }
240 }
241 #if (BLE_INCLUDED == TRUE)
242 /* If here, features are not known yet */
243 if (p_dev_rec && p_dev_rec->device_type == BT_DEVICE_TYPE_BLE)
244 {
245 btm_establish_continue(p);
246
247 if (link_role == HCI_ROLE_MASTER)
248 {
249 btm_ble_update_bg_state();
250 btm_ble_resume_bg_conn (NULL, FALSE);
251
252 btsnd_hcic_ble_read_remote_feat(p->hci_handle);
253 }
254 }
255 else
256 #endif
257 {
258 btsnd_hcic_rmt_features_req (p->hci_handle);
259 }
260
261 /* read page 1 - on rmt feature event for buffer reasons */
262 return;
263 }
264 }
265 }
266
267
268 /*******************************************************************************
269 **
270 ** Function btm_acl_report_role_change
271 **
272 ** Description This function is called when the local device is deemed
273 ** to be down. It notifies L2CAP of the failure.
274 **
275 ** Returns void
276 **
277 *******************************************************************************/
btm_acl_report_role_change(UINT8 hci_status,BD_ADDR bda)278 void btm_acl_report_role_change (UINT8 hci_status, BD_ADDR bda)
279 {
280 tBTM_ROLE_SWITCH_CMPL ref_data;
281 BTM_TRACE_DEBUG0 ("btm_acl_report_role_change");
282 if (btm_cb.devcb.p_switch_role_cb && (bda &&
283 (0 == memcmp(btm_cb.devcb.switch_role_ref_data.remote_bd_addr, bda, BD_ADDR_LEN))))
284 {
285 memset (&btm_cb.devcb.switch_role_ref_data, 0, sizeof(tBTM_ROLE_SWITCH_CMPL));
286 ref_data.hci_status = hci_status;
287 memcpy (&ref_data, &btm_cb.devcb.switch_role_ref_data, sizeof(tBTM_ROLE_SWITCH_CMPL));
288 (*btm_cb.devcb.p_switch_role_cb)(&ref_data);
289 btm_cb.devcb.p_switch_role_cb = NULL;
290 }
291 }
292
293 /*******************************************************************************
294 **
295 ** Function btm_acl_removed
296 **
297 ** Description This function is called by L2CAP when an ACL connection
298 ** is removed. Since only L2CAP creates ACL links, we use
299 ** the L2CAP link index as our index into the control blocks.
300 **
301 ** Returns void
302 **
303 *******************************************************************************/
btm_acl_removed(BD_ADDR bda)304 void btm_acl_removed (BD_ADDR bda)
305 {
306 tACL_CONN *p;
307 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
308 tBTM_BL_EVENT_DATA evt_data;
309 #endif
310 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
311 tBTM_SEC_DEV_REC *p_dev_rec=NULL;
312 UINT16 combined_mode;
313 #endif
314
315 BTM_TRACE_DEBUG0 ("btm_acl_removed");
316 p = btm_bda_to_acl(bda);
317 if (p != (tACL_CONN *)NULL)
318 {
319 p->in_use = FALSE;
320
321 /* if the disconnected channel has a pending role switch, clear it now */
322 btm_acl_report_role_change(HCI_ERR_NO_CONNECTION, bda);
323
324 /* Only notify if link up has had a chance to be issued */
325 if (p->link_up_issued)
326 {
327 p->link_up_issued = FALSE;
328
329 /* If anyone cares, tell him database changed */
330 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
331 if (btm_cb.p_bl_changed_cb)
332 {
333 evt_data.event = BTM_BL_DISCN_EVT;
334 evt_data.discn.p_bda = bda;
335
336 (*btm_cb.p_bl_changed_cb)(&evt_data);
337 }
338
339 btm_acl_update_busy_level (BTM_BLI_ACL_DOWN_EVT);
340 #else
341 if (btm_cb.p_acl_changed_cb)
342 (*btm_cb.p_acl_changed_cb) (bda, NULL, NULL, NULL, FALSE);
343 #endif
344 }
345
346 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
347
348 BTM_TRACE_DEBUG4 ("acl hci_handle=%d is_le_link=%d connectable_mode=0x%0x link_role=%d",
349 p->hci_handle,
350 p->is_le_link,
351 btm_cb.ble_ctr_cb.inq_var.connectable_mode,
352 p->link_role);
353
354
355 /* If we are LE connectable, check if we need to start advertising again */
356 if ( p->is_le_link && (btm_cb.ble_ctr_cb.inq_var.connectable_mode != BTM_BLE_NON_CONNECTABLE) )
357 {
358 tACL_CONN *pa = &btm_cb.acl_db[0];
359 UINT16 xx;
360
361 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, pa++)
362 {
363 /* If any other LE link is up, we are still not connectable */
364 if (pa->in_use && pa->is_le_link)
365 return;
366 }
367 combined_mode = (btm_cb.ble_ctr_cb.inq_var.connectable_mode | btm_cb.btm_inq_vars.connectable_mode);
368 btm_ble_set_connectability ( combined_mode );
369 }
370
371 p_dev_rec = btm_find_dev(bda);
372 if ( p_dev_rec)
373 {
374 BTM_TRACE_DEBUG1("before update p_dev_rec->sec_flags=0x%x", p_dev_rec->sec_flags);
375 if (p->is_le_link)
376 {
377 BTM_TRACE_DEBUG0("LE link down");
378 p_dev_rec->sec_flags &= ~(BTM_SEC_ENCRYPTED | BTM_SEC_ROLE_SWITCHED);
379 if ( (p_dev_rec->sec_flags & BTM_SEC_LINK_KEY_KNOWN) == 0)
380 {
381 BTM_TRACE_DEBUG0("Not Bonded");
382 p_dev_rec->sec_flags &= ~(BTM_SEC_AUTHENTICATED | BTM_SEC_LINK_KEY_AUTHED);
383 }
384 else
385 {
386 BTM_TRACE_DEBUG0("Bonded");
387 }
388 }
389 else
390 {
391 BTM_TRACE_DEBUG0("Bletooth link down");
392 p_dev_rec->sec_flags &= ~(BTM_SEC_AUTHORIZED | BTM_SEC_AUTHENTICATED | BTM_SEC_ENCRYPTED | BTM_SEC_ROLE_SWITCHED);
393 }
394 BTM_TRACE_DEBUG1("after update p_dev_rec->sec_flags=0x%x", p_dev_rec->sec_flags);
395 }
396 else
397 {
398 BTM_TRACE_ERROR0("Device not found");
399
400 }
401 #endif
402
403 return;
404 }
405 }
406
407
408 /*******************************************************************************
409 **
410 ** Function btm_acl_device_down
411 **
412 ** Description This function is called when the local device is deemed
413 ** to be down. It notifies L2CAP of the failure.
414 **
415 ** Returns void
416 **
417 *******************************************************************************/
btm_acl_device_down(void)418 void btm_acl_device_down (void)
419 {
420 tACL_CONN *p = &btm_cb.acl_db[0];
421 UINT16 xx;
422 BTM_TRACE_DEBUG0 ("btm_acl_device_down");
423 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++)
424 {
425 if (p->in_use)
426 {
427 BTM_TRACE_DEBUG1 ("hci_handle=%d HCI_ERR_HW_FAILURE ",p->hci_handle );
428 l2c_link_hci_disc_comp (p->hci_handle, HCI_ERR_HW_FAILURE);
429 }
430 }
431 }
432
433 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
434 /*******************************************************************************
435 **
436 ** Function btm_acl_update_busy_level
437 **
438 ** Description This function is called to update the busy level of the system
439 ** .
440 **
441 ** Returns void
442 **
443 *******************************************************************************/
btm_acl_update_busy_level(tBTM_BLI_EVENT event)444 void btm_acl_update_busy_level (tBTM_BLI_EVENT event)
445 {
446 tBTM_BL_UPDATE_DATA evt;
447 UINT8 busy_level;
448 BTM_TRACE_DEBUG0 ("btm_acl_update_busy_level");
449 switch (event)
450 {
451 case BTM_BLI_ACL_UP_EVT:
452 BTM_TRACE_DEBUG0 ("BTM_BLI_ACL_UP_EVT");
453 btm_cb.num_acl++;
454 busy_level = (UINT8)btm_cb.num_acl;
455 break;
456 case BTM_BLI_ACL_DOWN_EVT:
457 if (btm_cb.num_acl)
458 {
459 btm_cb.num_acl--;
460 BTM_TRACE_DEBUG1 ("BTM_BLI_ACL_DOWN_EVT", btm_cb.num_acl);
461 }
462 else
463 {
464 BTM_TRACE_ERROR0 ("BTM_BLI_ACL_DOWN_EVT issued, but num_acl already zero !!!");
465 }
466 busy_level = (UINT8)btm_cb.num_acl;
467 break;
468 case BTM_BLI_PAGE_EVT:
469 BTM_TRACE_DEBUG0 ("BTM_BLI_PAGE_EVT");
470 btm_cb.is_paging = TRUE;
471 busy_level = BTM_BL_PAGING_STARTED;
472 break;
473 case BTM_BLI_PAGE_DONE_EVT:
474 BTM_TRACE_DEBUG0 ("BTM_BLI_PAGE_DONE_EVT");
475 btm_cb.is_paging = FALSE;
476 busy_level = BTM_BL_PAGING_COMPLETE;
477 break;
478 case BTM_BLI_INQ_EVT:
479 BTM_TRACE_DEBUG0 ("BTM_BLI_INQ_EVT");
480 btm_cb.is_inquiry = TRUE;
481 busy_level = BTM_BL_INQUIRY_STARTED;
482 break;
483 case BTM_BLI_INQ_CANCEL_EVT:
484 BTM_TRACE_DEBUG0 ("BTM_BLI_INQ_CANCEL_EVT");
485 btm_cb.is_inquiry = FALSE;
486 busy_level = BTM_BL_INQUIRY_CANCELLED;
487 break;
488 case BTM_BLI_INQ_DONE_EVT:
489 BTM_TRACE_DEBUG0 ("BTM_BLI_INQ_DONE_EVT");
490 btm_cb.is_inquiry = FALSE;
491 busy_level = BTM_BL_INQUIRY_COMPLETE;
492 break;
493 }
494
495 if (busy_level != btm_cb.busy_level)
496 {
497 evt.event = BTM_BL_UPDATE_EVT;
498 evt.busy_level = busy_level;
499 btm_cb.busy_level = busy_level;
500 if (btm_cb.p_bl_changed_cb && (btm_cb.bl_evt_mask & BTM_BL_UPDATE_MASK))
501 {
502 (*btm_cb.p_bl_changed_cb)((tBTM_BL_EVENT_DATA *)&evt);
503 }
504 }
505 }
506 #endif
507
508
509 /*******************************************************************************
510 **
511 ** Function BTM_GetRole
512 **
513 ** Description This function is called to get the role of the local device
514 ** for the ACL connection with the specified remote device
515 **
516 ** Returns BTM_SUCCESS if connection exists.
517 ** BTM_UNKNOWN_ADDR if no active link with bd addr specified
518 **
519 *******************************************************************************/
BTM_GetRole(BD_ADDR remote_bd_addr,UINT8 * p_role)520 tBTM_STATUS BTM_GetRole (BD_ADDR remote_bd_addr, UINT8 *p_role)
521 {
522 tACL_CONN *p;
523 BTM_TRACE_DEBUG0 ("BTM_GetRole");
524 if ((p = btm_bda_to_acl(remote_bd_addr)) == NULL)
525 {
526 *p_role = BTM_ROLE_UNDEFINED;
527 return(BTM_UNKNOWN_ADDR);
528 }
529
530 /* Get the current role */
531 *p_role = p->link_role;
532 return(BTM_SUCCESS);
533 }
534
535
536 /*******************************************************************************
537 **
538 ** Function BTM_SwitchRole
539 **
540 ** Description This function is called to switch role between master and
541 ** slave. If role is already set it will do nothing. If the
542 ** command was initiated, the callback function is called upon
543 ** completion.
544 **
545 ** Returns BTM_SUCCESS if already in specified role.
546 ** BTM_CMD_STARTED if command issued to controller.
547 ** BTM_NO_RESOURCES if couldn't allocate memory to issue command
548 ** BTM_UNKNOWN_ADDR if no active link with bd addr specified
549 ** BTM_MODE_UNSUPPORTED if local device does not support role switching
550 ** BTM_BUSY if the previous command is not completed
551 **
552 *******************************************************************************/
BTM_SwitchRole(BD_ADDR remote_bd_addr,UINT8 new_role,tBTM_CMPL_CB * p_cb)553 tBTM_STATUS BTM_SwitchRole (BD_ADDR remote_bd_addr, UINT8 new_role, tBTM_CMPL_CB *p_cb)
554 {
555 tACL_CONN *p;
556 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
557 #if BTM_SCO_INCLUDED == TRUE
558 BOOLEAN is_sco_active;
559 #endif
560 #if BTM_PWR_MGR_INCLUDED == TRUE
561 tBTM_STATUS status;
562 tBTM_PM_MODE pwr_mode;
563 tBTM_PM_PWR_MD settings;
564 #endif
565 #if (BT_USE_TRACES == TRUE)
566 BD_ADDR_PTR p_bda;
567 #endif
568 BTM_TRACE_API6 ("BTM_SwitchRole BDA: %02x-%02x-%02x-%02x-%02x-%02x",
569 remote_bd_addr[0], remote_bd_addr[1], remote_bd_addr[2],
570 remote_bd_addr[3], remote_bd_addr[4], remote_bd_addr[5]);
571
572 /* Make sure the local device supports switching */
573 if (!(HCI_SWITCH_SUPPORTED(btm_cb.devcb.local_features)))
574 return(BTM_MODE_UNSUPPORTED);
575
576 if (btm_cb.devcb.p_switch_role_cb && p_cb)
577 {
578 #if (BT_USE_TRACES == TRUE)
579 p_bda = btm_cb.devcb.switch_role_ref_data.remote_bd_addr;
580 BTM_TRACE_DEBUG6 ("Role switch on other device is in progress 0x%02x%02x%02x%02x%02x%02x",
581 p_bda[0], p_bda[1], p_bda[2],
582 p_bda[3], p_bda[4], p_bda[5]);
583 #endif
584 return(BTM_BUSY);
585 }
586
587 if ((p = btm_bda_to_acl(remote_bd_addr)) == NULL)
588 return(BTM_UNKNOWN_ADDR);
589
590 /* Finished if already in desired role */
591 if (p->link_role == new_role)
592 return(BTM_SUCCESS);
593
594 #if BTM_SCO_INCLUDED == TRUE
595 /* Check if there is any SCO Active on this BD Address */
596 is_sco_active = btm_is_sco_active_by_bdaddr(remote_bd_addr);
597
598 if (is_sco_active == TRUE)
599 return(BTM_NO_RESOURCES);
600 #endif
601
602 /* Ignore role switch request if the previous request was not completed */
603 if (p->switch_role_state != BTM_ACL_SWKEY_STATE_IDLE)
604 {
605 BTM_TRACE_DEBUG1 ("BTM_SwitchRole busy: %d",
606 p->switch_role_state);
607 return(BTM_BUSY);
608 }
609
610 /* Cannot switch role while parked or sniffing */
611 #if BTM_PWR_MGR_INCLUDED == FALSE
612 if (p->mode == HCI_MODE_PARK)
613 {
614 if (!btsnd_hcic_exit_park_mode (p->hci_handle))
615 return(BTM_NO_RESOURCES);
616
617 p->switch_role_state = BTM_ACL_SWKEY_STATE_MODE_CHANGE;
618 }
619 else if (p->mode == HCI_MODE_SNIFF)
620 {
621 if (!btsnd_hcic_exit_sniff_mode (p->hci_handle))
622 return(BTM_NO_RESOURCES);
623
624 p->switch_role_state = BTM_ACL_SWKEY_STATE_MODE_CHANGE;
625 }
626 #else /* power manager is in use */
627
628 if ((status = BTM_ReadPowerMode(p->remote_addr, &pwr_mode)) != BTM_SUCCESS)
629 return(status);
630
631 /* Wake up the link if in sniff or park before attempting switch */
632 if (pwr_mode == BTM_PM_MD_PARK || pwr_mode == BTM_PM_MD_SNIFF)
633 {
634 /* Coverity FALSE-POSITIVE error from Coverity tool. Please do NOT remove following comment. */
635 /* coverity[uninit_use_in_call] False-positive: setting the mode to BTM_PM_MD_ACTIVE only uses settings.mode
636 the other data members of tBTM_PM_PWR_MD are ignored
637 */
638 settings.mode = BTM_PM_MD_ACTIVE;
639 status = BTM_SetPowerMode (BTM_PM_SET_ONLY_ID, p->remote_addr, &settings);
640 if (status != BTM_CMD_STARTED)
641 return(BTM_WRONG_MODE);
642
643 p->switch_role_state = BTM_ACL_SWKEY_STATE_MODE_CHANGE;
644 }
645 #endif
646 /* some devices do not support switch while encryption is on */
647 else
648 {
649 if (((p_dev_rec = btm_find_dev (remote_bd_addr)) != NULL)
650 && ((p_dev_rec->sec_flags & BTM_SEC_ENCRYPTED) != 0)
651 && !BTM_EPR_AVAILABLE(p))
652 {
653 /* bypass turning off encryption if change link key is already doing it */
654 if (p->encrypt_state != BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF)
655 {
656 if (!btsnd_hcic_set_conn_encrypt (p->hci_handle, FALSE))
657 return(BTM_NO_RESOURCES);
658 else
659 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF;
660 }
661
662 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF;
663 }
664 else
665 {
666 if (!btsnd_hcic_switch_role (remote_bd_addr, new_role))
667 return(BTM_NO_RESOURCES);
668
669 p->switch_role_state = BTM_ACL_SWKEY_STATE_IN_PROGRESS;
670
671 #if BTM_DISC_DURING_RS == TRUE
672 if (p_dev_rec)
673 p_dev_rec->rs_disc_pending = BTM_SEC_RS_PENDING;
674 #endif
675 }
676 }
677
678 /* Initialize return structure in case request fails */
679 if (p_cb)
680 {
681 memcpy (btm_cb.devcb.switch_role_ref_data.remote_bd_addr, remote_bd_addr,
682 BD_ADDR_LEN);
683 btm_cb.devcb.switch_role_ref_data.role = new_role;
684 /* initialized to an error code */
685 btm_cb.devcb.switch_role_ref_data.hci_status = HCI_ERR_UNSUPPORTED_VALUE;
686 btm_cb.devcb.p_switch_role_cb = p_cb;
687 }
688 return(BTM_CMD_STARTED);
689 }
690
691 /*******************************************************************************
692 **
693 ** Function BTM_ChangeLinkKey
694 **
695 ** Description This function is called to change the link key of the
696 ** connection.
697 **
698 ** Returns BTM_CMD_STARTED if command issued to controller.
699 ** BTM_NO_RESOURCES if couldn't allocate memory to issue command
700 ** BTM_UNKNOWN_ADDR if no active link with bd addr specified
701 ** BTM_BUSY if the previous command is not completed
702 **
703 *******************************************************************************/
BTM_ChangeLinkKey(BD_ADDR remote_bd_addr,tBTM_CMPL_CB * p_cb)704 tBTM_STATUS BTM_ChangeLinkKey (BD_ADDR remote_bd_addr, tBTM_CMPL_CB *p_cb)
705 {
706 tACL_CONN *p;
707 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
708 #if BTM_PWR_MGR_INCLUDED == TRUE
709 tBTM_STATUS status;
710 tBTM_PM_MODE pwr_mode;
711 tBTM_PM_PWR_MD settings;
712 #endif
713 BTM_TRACE_DEBUG0 ("BTM_ChangeLinkKey");
714 if ((p = btm_bda_to_acl(remote_bd_addr)) == NULL)
715 return(BTM_UNKNOWN_ADDR);
716
717 /* Ignore change link key request if the previsous request has not completed */
718 if (p->change_key_state != BTM_ACL_SWKEY_STATE_IDLE)
719 {
720 BTM_TRACE_DEBUG0 ("Link key change request declined since the previous request for this device has not completed ");
721 return(BTM_BUSY);
722 }
723
724 memset (&btm_cb.devcb.chg_link_key_ref_data, 0, sizeof(tBTM_CHANGE_KEY_CMPL));
725
726 /* Cannot change key while parked */
727 #if BTM_PWR_MGR_INCLUDED == FALSE
728 if (p->mode == HCI_MODE_PARK)
729 {
730 if (!btsnd_hcic_exit_park_mode (p->hci_handle))
731 return(BTM_NO_RESOURCES);
732
733 p->change_key_state = BTM_ACL_SWKEY_STATE_MODE_CHANGE;
734 }
735 #else /* power manager is in use */
736
737
738 if ((status = BTM_ReadPowerMode(p->remote_addr, &pwr_mode)) != BTM_SUCCESS)
739 return(status);
740
741 /* Wake up the link if in park before attempting to change link keys */
742 if (pwr_mode == BTM_PM_MD_PARK)
743 {
744 /* Coverity: FALSE-POSITIVE error from Coverity tool. Please do NOT remove following comment. */
745 /* coverity[uninit_use_in_call] False-positive: setting the mode to BTM_PM_MD_ACTIVE only uses settings.mode
746 the other data members of tBTM_PM_PWR_MD are ignored
747 */
748 settings.mode = BTM_PM_MD_ACTIVE;
749 status = BTM_SetPowerMode (BTM_PM_SET_ONLY_ID, p->remote_addr, &settings);
750 if (status != BTM_CMD_STARTED)
751 return(BTM_WRONG_MODE);
752
753 p->change_key_state = BTM_ACL_SWKEY_STATE_MODE_CHANGE;
754 }
755 #endif
756 /* some devices do not support change of link key while encryption is on */
757 else if (((p_dev_rec = btm_find_dev (remote_bd_addr)) != NULL)
758 && ((p_dev_rec->sec_flags & BTM_SEC_ENCRYPTED) != 0) && !BTM_EPR_AVAILABLE(p))
759 {
760 /* bypass turning off encryption if switch role is already doing it */
761 if (p->encrypt_state != BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF)
762 {
763 if (!btsnd_hcic_set_conn_encrypt (p->hci_handle, FALSE))
764 return(BTM_NO_RESOURCES);
765 else
766 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF;
767 }
768
769 p->change_key_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF;
770 }
771 else /* Ok to initiate change of link key */
772 {
773 if (!btsnd_hcic_change_link_key (p->hci_handle))
774 return(BTM_NO_RESOURCES);
775
776 p->change_key_state = BTM_ACL_SWKEY_STATE_IN_PROGRESS;
777 }
778
779 /* Initialize return structure in case request fails */
780 memcpy (btm_cb.devcb.chg_link_key_ref_data.remote_bd_addr, remote_bd_addr,
781 BD_ADDR_LEN);
782 btm_cb.devcb.p_chg_link_key_cb = p_cb;
783 return(BTM_CMD_STARTED);
784 }
785
786 /*******************************************************************************
787 **
788 ** Function btm_acl_link_key_change
789 **
790 ** Description This function is called to when a change link key event
791 ** is received.
792 **
793 *******************************************************************************/
btm_acl_link_key_change(UINT16 handle,UINT8 status)794 void btm_acl_link_key_change (UINT16 handle, UINT8 status)
795 {
796 tBTM_CHANGE_KEY_CMPL *p_data;
797 tACL_CONN *p;
798 UINT8 xx;
799 BTM_TRACE_DEBUG0 ("btm_acl_link_key_change");
800 /* Look up the connection by handle and set the current mode */
801 xx = btm_handle_to_acl_index(handle);
802
803 /* don't assume that we can never get a bad hci_handle */
804 if (xx >= MAX_L2CAP_LINKS)
805 return;
806
807 p_data = &btm_cb.devcb.chg_link_key_ref_data;
808 p = &btm_cb.acl_db[xx];
809 p_data->hci_status = status;
810
811 /* if switching state is switching we need to turn encryption on */
812 /* if idle, we did not change encryption */
813 if (p->change_key_state == BTM_ACL_SWKEY_STATE_SWITCHING)
814 {
815 /* Make sure there's not also a role switch going on before re-enabling */
816 if (p->switch_role_state != BTM_ACL_SWKEY_STATE_SWITCHING)
817 {
818 if (btsnd_hcic_set_conn_encrypt (p->hci_handle, TRUE))
819 {
820 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_ON;
821 p->change_key_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_ON;
822 return;
823 }
824 }
825 else /* Set the state and wait for change link key */
826 {
827 p->change_key_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_ON;
828 return;
829 }
830 }
831
832 /* Set the switch_role_state to IDLE since the reply received from HCI */
833 /* regardless of its result either success or failed. */
834 if (p->change_key_state == BTM_ACL_SWKEY_STATE_IN_PROGRESS)
835 {
836 p->change_key_state = BTM_ACL_SWKEY_STATE_IDLE;
837 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
838 }
839
840 if (btm_cb.devcb.p_chg_link_key_cb)
841 {
842 (*btm_cb.devcb.p_chg_link_key_cb)((void *)p_data);
843 btm_cb.devcb.p_chg_link_key_cb = NULL;
844 }
845
846 BTM_TRACE_ERROR2("Change Link Key Complete Event: Handle 0x%02x, HCI Status 0x%02x",
847 handle, p_data->hci_status);
848 }
849
850 /*******************************************************************************
851 **
852 ** Function btm_acl_encrypt_change
853 **
854 ** Description This function is when encryption of the connection is
855 ** completed by the LM. Checks to see if a role switch or
856 ** change of link key was active and initiates or continues
857 ** process if needed.
858 **
859 ** Returns void
860 **
861 *******************************************************************************/
btm_acl_encrypt_change(UINT16 handle,UINT8 status,UINT8 encr_enable)862 void btm_acl_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
863 {
864 tACL_CONN *p;
865 UINT8 xx;
866 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
867 tBTM_BL_ROLE_CHG_DATA evt;
868 #endif
869 #if BTM_DISC_DURING_RS == TRUE
870 tBTM_SEC_DEV_REC *p_dev_rec;
871 #endif
872 BTM_TRACE_DEBUG3 ("btm_acl_encrypt_change handle=%d status=%d encr_enabl=%d", handle, status, encr_enable);
873 xx = btm_handle_to_acl_index(handle);
874 /* don't assume that we can never get a bad hci_handle */
875 if (xx < MAX_L2CAP_LINKS)
876 p = &btm_cb.acl_db[xx];
877 else
878 return;
879
880 /* Process Role Switch if active */
881 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF)
882 {
883 /* if encryption turn off failed we still will try to switch role */
884 if (encr_enable)
885 {
886 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
887 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
888 }
889 else
890 {
891 p->switch_role_state = BTM_ACL_SWKEY_STATE_SWITCHING;
892 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_TEMP_FUNC;
893 }
894
895 if (!btsnd_hcic_switch_role (p->remote_addr, (UINT8)!p->link_role))
896 {
897 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
898 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
899 btm_acl_report_role_change(btm_cb.devcb.switch_role_ref_data.hci_status, p->remote_addr);
900 }
901 #if BTM_DISC_DURING_RS == TRUE
902 else
903 {
904 if ((p_dev_rec = btm_find_dev (p->remote_addr)) != NULL)
905 p_dev_rec->rs_disc_pending = BTM_SEC_RS_PENDING;
906 }
907 #endif
908
909 }
910 /* Finished enabling Encryption after role switch */
911 else if (p->switch_role_state == BTM_ACL_SWKEY_STATE_ENCRYPTION_ON)
912 {
913 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
914 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
915 btm_acl_report_role_change(btm_cb.devcb.switch_role_ref_data.hci_status, p->remote_addr);
916
917 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
918 /* if role change event is registered, report it now */
919 if (btm_cb.p_bl_changed_cb && (btm_cb.bl_evt_mask & BTM_BL_ROLE_CHG_MASK))
920 {
921 evt.event = BTM_BL_ROLE_CHG_EVT;
922 evt.new_role = btm_cb.devcb.switch_role_ref_data.role;
923 evt.p_bda = btm_cb.devcb.switch_role_ref_data.remote_bd_addr;
924 evt.hci_status = btm_cb.devcb.switch_role_ref_data.hci_status;
925 (*btm_cb.p_bl_changed_cb)((tBTM_BL_EVENT_DATA *)&evt);
926
927 BTM_TRACE_DEBUG3("Role Switch Event: new_role 0x%02x, HCI Status 0x%02x, rs_st:%d",
928 evt.new_role, evt.hci_status, p->switch_role_state);
929 }
930 #endif
931
932 #if BTM_DISC_DURING_RS == TRUE
933 /* If a disconnect is pending, issue it now that role switch has completed */
934 if ((p_dev_rec = btm_find_dev (p->remote_addr)) != NULL)
935 {
936 if (p_dev_rec->rs_disc_pending == BTM_SEC_DISC_PENDING)
937 {
938 BTM_TRACE_WARNING0("btm_acl_encrypt_change -> Issuing delayed HCI_Disconnect!!!");
939 btsnd_hcic_disconnect(p_dev_rec->hci_handle, HCI_ERR_PEER_USER);
940 }
941 BTM_TRACE_ERROR2("btm_acl_encrypt_change: tBTM_SEC_DEV:0x%x rs_disc_pending=%d",
942 (UINT32)p_dev_rec, p_dev_rec->rs_disc_pending);
943 p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
944 }
945 #endif
946 }
947
948
949 /* Process Change Link Key if active */
950 if (p->change_key_state == BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF)
951 {
952 /* if encryption turn off failed we still will try to change link key */
953 if (encr_enable)
954 {
955 p->change_key_state = BTM_ACL_SWKEY_STATE_IDLE;
956 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
957 }
958 else
959 {
960 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_TEMP_FUNC;
961 p->change_key_state = BTM_ACL_SWKEY_STATE_SWITCHING;
962 }
963
964 if (!btsnd_hcic_change_link_key (p->hci_handle))
965 {
966 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
967 p->change_key_state = BTM_ACL_SWKEY_STATE_IDLE;
968 if (btm_cb.devcb.p_chg_link_key_cb)
969 {
970 (*btm_cb.devcb.p_chg_link_key_cb)(&btm_cb.devcb.chg_link_key_ref_data);
971 btm_cb.devcb.p_chg_link_key_cb = NULL;
972 }
973 }
974 }
975 /* Finished enabling Encryption after changing link key */
976 else if (p->change_key_state == BTM_ACL_SWKEY_STATE_ENCRYPTION_ON)
977 {
978 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
979 p->change_key_state = BTM_ACL_SWKEY_STATE_IDLE;
980 if (btm_cb.devcb.p_chg_link_key_cb)
981 {
982 (*btm_cb.devcb.p_chg_link_key_cb)(&btm_cb.devcb.chg_link_key_ref_data);
983 btm_cb.devcb.p_chg_link_key_cb = NULL;
984 }
985 }
986 }
987 /*******************************************************************************
988 **
989 ** Function BTM_SetLinkPolicy
990 **
991 ** Description Create and send HCI "Write Policy Set" command
992 **
993 ** Returns status of the operation
994 **
995 *******************************************************************************/
BTM_SetLinkPolicy(BD_ADDR remote_bda,UINT16 * settings)996 tBTM_STATUS BTM_SetLinkPolicy (BD_ADDR remote_bda, UINT16 *settings)
997 {
998 tACL_CONN *p;
999 UINT8 *localFeatures = BTM_ReadLocalFeatures();
1000 BTM_TRACE_DEBUG0 ("BTM_SetLinkPolicy");
1001 /* BTM_TRACE_API1 ("BTM_SetLinkPolicy: requested settings: 0x%04x", *settings ); */
1002
1003 /* First, check if hold mode is supported */
1004 if (*settings != HCI_DISABLE_ALL_LM_MODES)
1005 {
1006 if ( (*settings & HCI_ENABLE_MASTER_SLAVE_SWITCH) && (!HCI_SWITCH_SUPPORTED(localFeatures)) )
1007 {
1008 *settings &= (~HCI_ENABLE_MASTER_SLAVE_SWITCH);
1009 BTM_TRACE_API1 ("BTM_SetLinkPolicy switch not supported (settings: 0x%04x)", *settings );
1010 }
1011 if ( (*settings & HCI_ENABLE_HOLD_MODE) && (!HCI_HOLD_MODE_SUPPORTED(localFeatures)) )
1012 {
1013 *settings &= (~HCI_ENABLE_HOLD_MODE);
1014 BTM_TRACE_API1 ("BTM_SetLinkPolicy hold not supported (settings: 0x%04x)", *settings );
1015 }
1016 if ( (*settings & HCI_ENABLE_SNIFF_MODE) && (!HCI_SNIFF_MODE_SUPPORTED(localFeatures)) )
1017 {
1018 *settings &= (~HCI_ENABLE_SNIFF_MODE);
1019 BTM_TRACE_API1 ("BTM_SetLinkPolicy sniff not supported (settings: 0x%04x)", *settings );
1020 }
1021 if ( (*settings & HCI_ENABLE_PARK_MODE) && (!HCI_PARK_MODE_SUPPORTED(localFeatures)) )
1022 {
1023 *settings &= (~HCI_ENABLE_PARK_MODE);
1024 BTM_TRACE_API1 ("BTM_SetLinkPolicy park not supported (settings: 0x%04x)", *settings );
1025 }
1026 }
1027
1028 if ((p = btm_bda_to_acl(remote_bda)) != NULL)
1029 return(btsnd_hcic_write_policy_set (p->hci_handle, *settings) ? BTM_CMD_STARTED : BTM_NO_RESOURCES);
1030
1031 /* If here, no BD Addr found */
1032 return(BTM_UNKNOWN_ADDR);
1033 }
1034
1035 /*******************************************************************************
1036 **
1037 ** Function BTM_SetDefaultLinkPolicy
1038 **
1039 ** Description Set the default value for HCI "Write Policy Set" command
1040 ** to use when an ACL link is created.
1041 **
1042 ** Returns void
1043 **
1044 *******************************************************************************/
BTM_SetDefaultLinkPolicy(UINT16 settings)1045 void BTM_SetDefaultLinkPolicy (UINT16 settings)
1046 {
1047 BTM_TRACE_DEBUG0 ("BTM_SetDefaultLinkPolicy");
1048 btm_cb.btm_def_link_policy = settings;
1049 }
1050
1051
1052 /*******************************************************************************
1053 **
1054 ** Function BTM_ReadLinkPolicy
1055 **
1056 ** Description This function is called to read the link policy settings.
1057 ** The address of link policy results are returned in the callback.
1058 ** (tBTM_LNK_POLICY_RESULTS)
1059 **
1060 ** Returns status of the operation
1061 **
1062 *******************************************************************************/
BTM_ReadLinkPolicy(BD_ADDR remote_bda,tBTM_CMPL_CB * p_cb)1063 tBTM_STATUS BTM_ReadLinkPolicy (BD_ADDR remote_bda, tBTM_CMPL_CB *p_cb)
1064 {
1065 tACL_CONN *p;
1066
1067 BTM_TRACE_API6 ("BTM_ReadLinkPolicy: RemBdAddr: %02x%02x%02x%02x%02x%02x",
1068 remote_bda[0], remote_bda[1], remote_bda[2],
1069 remote_bda[3], remote_bda[4], remote_bda[5]);
1070
1071 /* If someone already waiting on the version, do not allow another */
1072 if (btm_cb.devcb.p_rlinkp_cmpl_cb)
1073 return(BTM_BUSY);
1074
1075 p = btm_bda_to_acl(remote_bda);
1076 if (p != (tACL_CONN *)NULL)
1077 {
1078 btu_start_timer (&btm_cb.devcb.rlinkp_timer, BTU_TTYPE_BTM_ACL, BTM_DEV_REPLY_TIMEOUT);
1079 btm_cb.devcb.p_rlinkp_cmpl_cb = p_cb;
1080
1081 if (!btsnd_hcic_read_policy_set (p->hci_handle))
1082 {
1083 btu_stop_timer (&btm_cb.devcb.rlinkp_timer);
1084 btm_cb.devcb.p_rlinkp_cmpl_cb = NULL;
1085 return(BTM_NO_RESOURCES);
1086 }
1087
1088 return(BTM_CMD_STARTED);
1089 }
1090
1091 /* If here, no BD Addr found */
1092 return(BTM_UNKNOWN_ADDR);
1093 }
1094
1095
1096 /*******************************************************************************
1097 **
1098 ** Function btm_read_link_policy_complete
1099 **
1100 ** Description This function is called when the command complete message
1101 ** is received from the HCI for the read local link policy request.
1102 **
1103 ** Returns void
1104 **
1105 *******************************************************************************/
btm_read_link_policy_complete(UINT8 * p)1106 void btm_read_link_policy_complete (UINT8 *p)
1107 {
1108 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_rlinkp_cmpl_cb;
1109 tBTM_LNK_POLICY_RESULTS lnkpol;
1110 UINT16 handle;
1111 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
1112 UINT16 index;
1113 BTM_TRACE_DEBUG0 ("btm_read_link_policy_complete");
1114 btu_stop_timer (&btm_cb.devcb.rlinkp_timer);
1115
1116 /* If there was a callback address for read local version, call it */
1117 btm_cb.devcb.p_rlinkp_cmpl_cb = NULL;
1118
1119 if (p_cb)
1120 {
1121 STREAM_TO_UINT8 (lnkpol.hci_status, p);
1122
1123 if (lnkpol.hci_status == HCI_SUCCESS)
1124 {
1125 lnkpol.status = BTM_SUCCESS;
1126
1127 STREAM_TO_UINT16 (handle, p);
1128
1129 STREAM_TO_UINT16 (lnkpol.settings, p);
1130
1131 /* Search through the list of active channels for the correct BD Addr */
1132 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++)
1133 {
1134 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle))
1135 {
1136 memcpy (lnkpol.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
1137 break;
1138 }
1139 }
1140 }
1141 else
1142 lnkpol.status = BTM_ERR_PROCESSING;
1143
1144 (*p_cb)(&lnkpol);
1145 }
1146 }
1147
1148
1149 /*******************************************************************************
1150 **
1151 ** Function btm_read_remote_version_complete
1152 **
1153 ** Description This function is called when the command complete message
1154 ** is received from the HCI for the remote version info.
1155 **
1156 ** Returns void
1157 **
1158 *******************************************************************************/
btm_read_remote_version_complete(UINT8 * p)1159 void btm_read_remote_version_complete (UINT8 *p)
1160 {
1161 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
1162 UINT8 status;
1163 UINT16 handle;
1164 int xx;
1165 BTM_TRACE_DEBUG0 ("btm_read_remote_version_complete");
1166 STREAM_TO_UINT8 (status, p);
1167 if (status == HCI_SUCCESS)
1168 {
1169 STREAM_TO_UINT16 (handle, p);
1170
1171 /* Look up the connection by handle and copy features */
1172 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++)
1173 {
1174 if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle))
1175 {
1176 STREAM_TO_UINT8 (p_acl_cb->lmp_version, p);
1177 STREAM_TO_UINT16 (p_acl_cb->manufacturer, p);
1178 STREAM_TO_UINT16 (p_acl_cb->lmp_subversion, p);
1179 break;
1180 }
1181 }
1182 }
1183 }
1184
1185
1186 /*******************************************************************************
1187 **
1188 ** Function btm_read_remote_features_complete
1189 **
1190 ** Description This function is called when the remote extended features
1191 ** complete event is received from the HCI.
1192 **
1193 ** Returns void
1194 **
1195 *******************************************************************************/
btm_read_remote_features_complete(UINT8 * p)1196 void btm_read_remote_features_complete (UINT8 *p)
1197 {
1198 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
1199 UINT8 status;
1200 UINT16 handle;
1201 int xx, yy;
1202 UINT8 req_pend;
1203 tBTM_SEC_DEV_REC *p_dev_rec;
1204 BTM_TRACE_DEBUG0 ("btm_read_remote_features_complete");
1205 STREAM_TO_UINT8 (status, p);
1206 if (status == HCI_SUCCESS)
1207 {
1208 STREAM_TO_UINT16 (handle, p);
1209
1210 /* Look up the connection by handle and copy features */
1211 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++)
1212 {
1213 if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle))
1214 {
1215 for (yy = 0; yy < BD_FEATURES_LEN; yy++)
1216 STREAM_TO_UINT8 (p_acl_cb->features[yy], p);
1217
1218 p_dev_rec = btm_find_dev_by_handle (handle);
1219 if (!p_dev_rec)
1220 {
1221 /* Get a new device; might be doing dedicated bonding */
1222 p_dev_rec = btm_find_or_alloc_dev (p_acl_cb->remote_addr);
1223 }
1224
1225 memcpy (p_dev_rec->features, p_acl_cb->features, BD_FEATURES_LEN);
1226
1227 if (BTM_SEC_MODE_SP == btm_cb.security_mode &&
1228 HCI_SIMPLE_PAIRING_SUPPORTED(p_acl_cb->features))
1229 {
1230 /* if SM4 supported, check peer support for SM4
1231 * The remote controller supports SSP
1232 * read the extended feature page 1 for the host support for SSP */
1233 if (btsnd_hcic_rmt_ext_features (handle, 1))
1234 break;
1235 }
1236 else
1237 {
1238 req_pend = (p_dev_rec->sm4 & BTM_SM4_REQ_PEND);
1239 p_dev_rec->sm4 = BTM_SM4_KNOWN;
1240 if (req_pend)
1241 {
1242 l2cu_resubmit_pending_sec_req (p_dev_rec->bd_addr);
1243 }
1244 }
1245
1246 btm_establish_continue (p_acl_cb);
1247 break;
1248 }
1249 }
1250 }
1251 }
1252
1253 /*******************************************************************************
1254 **
1255 ** Function btm_read_remote_ext_features_complete
1256 **
1257 ** Description This function is called when the remote extended features
1258 ** complete event is received from the HCI.
1259 **
1260 ** Returns void
1261 **
1262 *******************************************************************************/
btm_read_remote_ext_features_complete(UINT8 * p)1263 void btm_read_remote_ext_features_complete (UINT8 *p)
1264 {
1265 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
1266 tBTM_SEC_DEV_REC *p_dev_rec;
1267 UINT8 status, page_num, max_page;
1268 UINT16 handle;
1269 int xx;
1270 BD_FEATURES ext_features; /* extended Features suported by the device */
1271 UINT8 req_pend;
1272 BTM_TRACE_DEBUG0 ("btm_read_remote_ext_features_complete");
1273 STREAM_TO_UINT8 (status, p);
1274 if (status == HCI_SUCCESS)
1275 {
1276 STREAM_TO_UINT16 (handle, p);
1277
1278 /* Look up the connection by handle and copy features */
1279 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++)
1280 {
1281 if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle))
1282 {
1283 STREAM_TO_UINT8 (page_num, p);
1284 STREAM_TO_UINT8 (max_page, p);
1285 p_dev_rec = btm_find_dev_by_handle (handle);
1286 if (!p_dev_rec)
1287 p_dev_rec = btm_find_or_alloc_dev (p_acl_cb->remote_addr);
1288
1289 req_pend = (p_dev_rec->sm4 & BTM_SM4_REQ_PEND);
1290
1291 if (page_num == 1 && max_page >= 1)
1292 {
1293 /* only the byte 0 of page 1 is used right now */
1294 STREAM_TO_UINT8 (ext_features[0], p);
1295
1296 if (HCI_SSP_HOST_SUPPORTED(ext_features))
1297 {
1298 p_dev_rec->sm4 = BTM_SM4_TRUE;
1299 }
1300 }
1301
1302 BTM_TRACE_API5 ("ext_features_complt page_num:%d max_page:%d f[0]:x%02x, sm4:%x, pend:%d",
1303 page_num, max_page, *p, p_dev_rec->sm4, req_pend);
1304
1305 if (!BTM_SEC_IS_SM4(p_dev_rec->sm4))
1306 {
1307 p_dev_rec->sm4 = BTM_SM4_KNOWN;
1308 }
1309
1310 if (req_pend)
1311 l2cu_resubmit_pending_sec_req (p_dev_rec->bd_addr);
1312
1313 btm_establish_continue (p_acl_cb);
1314
1315 break;
1316 }
1317 }
1318 }
1319 }
1320
1321 /*******************************************************************************
1322 **
1323 ** Function btm_read_remote_ext_features_failed
1324 **
1325 ** Description This function is called when the remote extended features
1326 ** complete event returns a failed status.
1327 **
1328 ** Returns void
1329 **
1330 *******************************************************************************/
btm_read_remote_ext_features_failed(UINT8 status)1331 void btm_read_remote_ext_features_failed (UINT8 status)
1332 {
1333 BTM_TRACE_ERROR1 ("btm_read_remote_ext_features_failed (status 0x%02x)", status);
1334 }
1335
1336 /*******************************************************************************
1337 **
1338 ** Function btm_establish_continue
1339 **
1340 ** Description This function is called when the command complete message
1341 ** is received from the HCI for the read local link policy request.
1342 **
1343 ** Returns void
1344 **
1345 *******************************************************************************/
btm_establish_continue(tACL_CONN * p_acl_cb)1346 static void btm_establish_continue (tACL_CONN *p_acl_cb)
1347 {
1348 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
1349 tBTM_BL_EVENT_DATA evt_data;
1350 #endif
1351 BTM_TRACE_DEBUG0 ("btm_establish_continue");
1352 #if (!defined(BTM_BYPASS_EXTRA_ACL_SETUP) || BTM_BYPASS_EXTRA_ACL_SETUP == FALSE)
1353 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
1354 if (!p_acl_cb->is_le_link)
1355 #endif
1356 {
1357 /* For now there are a some devices that do not like sending */
1358 /* commands events and data at the same time. */
1359 /* Set the packet types to the default allowed by the device */
1360 btm_set_packet_types (p_acl_cb, btm_cb.btm_acl_pkt_types_supported);
1361
1362 if (btm_cb.btm_def_link_policy)
1363 BTM_SetLinkPolicy (p_acl_cb->remote_addr, &btm_cb.btm_def_link_policy);
1364
1365 BTM_SetLinkSuperTout (p_acl_cb->remote_addr, btm_cb.btm_def_link_super_tout);
1366 }
1367 #endif
1368 p_acl_cb->link_up_issued = TRUE;
1369
1370 /* If anyone cares, tell him database changed */
1371 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
1372 if (btm_cb.p_bl_changed_cb)
1373 {
1374 evt_data.event = BTM_BL_CONN_EVT;
1375 evt_data.conn.p_bda = p_acl_cb->remote_addr;
1376 evt_data.conn.p_bdn = p_acl_cb->remote_name;
1377 evt_data.conn.p_dc = p_acl_cb->remote_dc;
1378 evt_data.conn.p_features = p_acl_cb->features;
1379
1380
1381 (*btm_cb.p_bl_changed_cb)(&evt_data);
1382 }
1383 btm_acl_update_busy_level (BTM_BLI_ACL_UP_EVT);
1384 #else
1385 if (btm_cb.p_acl_changed_cb)
1386 (*btm_cb.p_acl_changed_cb) (p_acl_cb->remote_addr,
1387 p_acl_cb->remote_dc,
1388 p_acl_cb->remote_name,
1389 p_acl_cb->features,
1390 TRUE);
1391 #endif
1392 }
1393
1394
1395 /*******************************************************************************
1396 **
1397 ** Function BTM_SetDefaultLinkSuperTout
1398 **
1399 ** Description Set the default value for HCI "Write Link Supervision Timeout"
1400 ** command to use when an ACL link is created.
1401 **
1402 ** Returns void
1403 **
1404 *******************************************************************************/
BTM_SetDefaultLinkSuperTout(UINT16 timeout)1405 void BTM_SetDefaultLinkSuperTout (UINT16 timeout)
1406 {
1407 BTM_TRACE_DEBUG0 ("BTM_SetDefaultLinkSuperTout");
1408 btm_cb.btm_def_link_super_tout = timeout;
1409 }
1410
1411 /*******************************************************************************
1412 **
1413 ** Function BTM_SetLinkSuperTout
1414 **
1415 ** Description Create and send HCI "Write Link Supervision Timeout" command
1416 **
1417 ** Returns status of the operation
1418 **
1419 *******************************************************************************/
BTM_SetLinkSuperTout(BD_ADDR remote_bda,UINT16 timeout)1420 tBTM_STATUS BTM_SetLinkSuperTout (BD_ADDR remote_bda, UINT16 timeout)
1421 {
1422 tACL_CONN *p = btm_bda_to_acl(remote_bda);
1423
1424 BTM_TRACE_DEBUG0 ("BTM_SetLinkSuperTout");
1425 if (p != (tACL_CONN *)NULL)
1426 {
1427 p->link_super_tout = timeout;
1428
1429 /* Only send if current role is Master; 2.0 spec requires this */
1430 if (p->link_role == BTM_ROLE_MASTER)
1431 {
1432 if (!btsnd_hcic_write_link_super_tout (LOCAL_BR_EDR_CONTROLLER_ID,
1433 p->hci_handle, timeout))
1434 return(BTM_NO_RESOURCES);
1435
1436 return(BTM_CMD_STARTED);
1437 }
1438 else
1439 return(BTM_SUCCESS);
1440 }
1441
1442 /* If here, no BD Addr found */
1443 return(BTM_UNKNOWN_ADDR);
1444 }
1445
1446 /*******************************************************************************
1447 **
1448 ** Function BTM_RegForLstoEvt
1449 **
1450 ** Description register for the HCI "Link Supervision Timeout Change" event
1451 **
1452 ** Returns void
1453 **
1454 *******************************************************************************/
BTM_RegForLstoEvt(tBTM_LSTO_CBACK * p_cback)1455 void BTM_RegForLstoEvt (tBTM_LSTO_CBACK *p_cback)
1456 {
1457 BTM_TRACE_DEBUG0 ("BTM_RegForLstoEvt");
1458 btm_cb.p_lsto_cback = p_cback;
1459 }
1460
1461 /*******************************************************************************
1462 **
1463 ** Function btm_proc_lsto_evt
1464 **
1465 ** Description process the HCI "Link Supervision Timeout Change" event
1466 **
1467 ** Returns void
1468 **
1469 *******************************************************************************/
btm_proc_lsto_evt(UINT16 handle,UINT16 timeout)1470 void btm_proc_lsto_evt(UINT16 handle, UINT16 timeout)
1471 {
1472 UINT8 xx;
1473
1474 BTM_TRACE_DEBUG0 ("btm_proc_lsto_evt");
1475 if (btm_cb.p_lsto_cback)
1476 {
1477 /* Look up the connection by handle and set the current mode */
1478 xx = btm_handle_to_acl_index(handle);
1479
1480 /* don't assume that we can never get a bad hci_handle */
1481 if (xx < MAX_L2CAP_LINKS)
1482 {
1483 (*btm_cb.p_lsto_cback)(btm_cb.acl_db[xx].remote_addr, timeout);
1484 }
1485 }
1486 }
1487
1488 #if BTM_PWR_MGR_INCLUDED == FALSE
1489 /*******************************************************************************
1490 **
1491 ** Function BTM_SetHoldMode
1492 **
1493 ** Description This function is called to set a connection into hold mode.
1494 ** A check is made if the connection is in sniff or park mode,
1495 ** and if yes, the hold mode is ignored.
1496 **
1497 ** Returns status of the operation
1498 **
1499 *******************************************************************************/
BTM_SetHoldMode(BD_ADDR remote_bda,UINT16 min_interval,UINT16 max_interval)1500 tBTM_STATUS BTM_SetHoldMode (BD_ADDR remote_bda, UINT16 min_interval, UINT16 max_interval)
1501 {
1502 tACL_CONN *p;
1503
1504 BTM_TRACE_DEBUG0 ("BTM_SetHoldMode");
1505 /* First, check if hold mode is supported */
1506 if (!HCI_HOLD_MODE_SUPPORTED(BTM_ReadLocalFeatures()))
1507 return(BTM_MODE_UNSUPPORTED);
1508
1509 p = btm_bda_to_acl(remote_bda);
1510 if (p != (tACL_CONN *)NULL)
1511 {
1512 /* If the connection is in park or sniff mode, forget about holding it */
1513 if (p->mode != BTM_ACL_MODE_NORMAL)
1514 return(BTM_SUCCESS);
1515
1516 if (!btsnd_hcic_hold_mode (p->hci_handle, max_interval, min_interval))
1517 return(BTM_NO_RESOURCES);
1518
1519 return(BTM_CMD_STARTED);
1520 }
1521
1522 /* If here, no BD Addr found */
1523 return(BTM_UNKNOWN_ADDR);
1524 }
1525
1526
1527 /*******************************************************************************
1528 **
1529 ** Function BTM_SetSniffMode
1530 **
1531 ** Description This function is called to set a connection into sniff mode.
1532 ** A check is made if the connection is already in sniff or park
1533 ** mode, and if yes, the sniff mode is ignored.
1534 **
1535 ** Returns status of the operation
1536 **
1537 *******************************************************************************/
BTM_SetSniffMode(BD_ADDR remote_bda,UINT16 min_period,UINT16 max_period,UINT16 attempt,UINT16 timeout)1538 tBTM_STATUS BTM_SetSniffMode (BD_ADDR remote_bda, UINT16 min_period, UINT16 max_period,
1539 UINT16 attempt, UINT16 timeout)
1540 {
1541 tACL_CONN *p;
1542 BTM_TRACE_DEBUG0 ("BTM_SetSniffMode");
1543 /* First, check if sniff mode is supported */
1544 if (!HCI_SNIFF_MODE_SUPPORTED(BTM_ReadLocalFeatures()))
1545 return(BTM_MODE_UNSUPPORTED);
1546
1547 p = btm_bda_to_acl(remote_bda);
1548 if (p != (tACL_CONN *)NULL)
1549 {
1550 /* If the connection is in park mode, forget about sniffing it */
1551 if (p->mode != BTM_ACL_MODE_NORMAL)
1552 return(BTM_WRONG_MODE);
1553
1554 if (!btsnd_hcic_sniff_mode (p->hci_handle, max_period,
1555 min_period, attempt, timeout))
1556 return(BTM_NO_RESOURCES);
1557
1558 return(BTM_CMD_STARTED);
1559 }
1560
1561 /* If here, no BD Addr found */
1562 return(BTM_UNKNOWN_ADDR);
1563 }
1564
1565
1566
1567
1568 /*******************************************************************************
1569 **
1570 ** Function BTM_CancelSniffMode
1571 **
1572 ** Description This function is called to put a connection out of sniff mode.
1573 ** A check is made if the connection is already in sniff mode,
1574 ** and if not, the cancel sniff mode is ignored.
1575 **
1576 ** Returns status of the operation
1577 **
1578 *******************************************************************************/
BTM_CancelSniffMode(BD_ADDR remote_bda)1579 tBTM_STATUS BTM_CancelSniffMode (BD_ADDR remote_bda)
1580 {
1581 tACL_CONN *p = btm_bda_to_acl(remote_bda);
1582 BTM_TRACE_DEBUG0 ("BTM_CancelSniffMode ");
1583 if (p == (tACL_CONN *)NULL)
1584 return(BTM_UNKNOWN_ADDR);
1585
1586 /* If the connection is not in sniff mode, cannot cancel */
1587 if (p->mode != BTM_ACL_MODE_SNIFF)
1588 return(BTM_WRONG_MODE);
1589
1590 if (!btsnd_hcic_exit_sniff_mode (p->hci_handle))
1591 return(BTM_NO_RESOURCES);
1592
1593 return(BTM_CMD_STARTED);
1594 }
1595
1596
1597 /*******************************************************************************
1598 **
1599 ** Function BTM_SetParkMode
1600 **
1601 ** Description This function is called to set a connection into park mode.
1602 ** A check is made if the connection is already in sniff or park
1603 ** mode, and if yes, the park mode is ignored.
1604 **
1605 ** Returns status of the operation
1606 **
1607 *******************************************************************************/
BTM_SetParkMode(BD_ADDR remote_bda,UINT16 beacon_min_period,UINT16 beacon_max_period)1608 tBTM_STATUS BTM_SetParkMode (BD_ADDR remote_bda, UINT16 beacon_min_period, UINT16 beacon_max_period)
1609 {
1610 tACL_CONN *p;
1611
1612 BTM_TRACE_DEBUG0 ("BTM_SetParkMode");
1613 /* First, check if park mode is supported */
1614 if (!HCI_PARK_MODE_SUPPORTED(BTM_ReadLocalFeatures()))
1615 return(BTM_MODE_UNSUPPORTED);
1616
1617 p = btm_bda_to_acl(remote_bda);
1618 if (p != (tACL_CONN *)NULL)
1619 {
1620 /* If the connection is in sniff mode, forget about parking it */
1621 if (p->mode != BTM_ACL_MODE_NORMAL)
1622 return(BTM_WRONG_MODE);
1623
1624 /* no park mode if SCO exists -- CR#1982, 1.1 errata 1124
1625 command status event should be returned /w error code 0x0C "Command Disallowed"
1626 Let LM do this.
1627 */
1628 if (!btsnd_hcic_park_mode (p->hci_handle,
1629 beacon_max_period, beacon_min_period))
1630 return(BTM_NO_RESOURCES);
1631
1632 return(BTM_CMD_STARTED);
1633 }
1634
1635 /* If here, no BD Addr found */
1636 return(BTM_UNKNOWN_ADDR);
1637 }
1638
1639 /*******************************************************************************
1640 **
1641 ** Function BTM_CancelParkMode
1642 **
1643 ** Description This function is called to put a connection out of park mode.
1644 ** A check is made if the connection is already in park mode,
1645 ** and if not, the cancel sniff mode is ignored.
1646 **
1647 ** Returns status of the operation
1648 **
1649 *******************************************************************************/
BTM_CancelParkMode(BD_ADDR remote_bda)1650 tBTM_STATUS BTM_CancelParkMode (BD_ADDR remote_bda)
1651 {
1652 tACL_CONN *p;
1653
1654 BTM_TRACE_DEBUG0 ("BTM_CancelParkMode");
1655 p = btm_bda_to_acl(remote_bda);
1656 if (p != (tACL_CONN *)NULL)
1657 {
1658 /* If the connection is not in park mode, cannot cancel */
1659 if (p->mode != BTM_ACL_MODE_PARK)
1660 return(BTM_WRONG_MODE);
1661
1662 if (!btsnd_hcic_exit_park_mode (p->hci_handle))
1663 return(BTM_NO_RESOURCES);
1664
1665 return(BTM_CMD_STARTED);
1666 }
1667
1668 /* If here, no BD Addr found */
1669 return(BTM_UNKNOWN_ADDR);
1670 }
1671 #endif /* BTM_PWR_MGR_INCLUDED == FALSE */
1672
1673
1674 /*******************************************************************************
1675 **
1676 ** Function BTM_SetPacketTypes
1677 **
1678 ** Description This function is set the packet types used for a specific
1679 ** ACL connection,
1680 **
1681 ** Returns status of the operation
1682 **
1683 *******************************************************************************/
BTM_SetPacketTypes(BD_ADDR remote_bda,UINT16 pkt_types)1684 tBTM_STATUS BTM_SetPacketTypes (BD_ADDR remote_bda, UINT16 pkt_types)
1685 {
1686 tACL_CONN *p;
1687 BTM_TRACE_DEBUG0 ("BTM_SetPacketTypes");
1688
1689 if ((p = btm_bda_to_acl(remote_bda)) != NULL)
1690 return(btm_set_packet_types (p, pkt_types));
1691
1692 /* If here, no BD Addr found */
1693 return(BTM_UNKNOWN_ADDR);
1694 }
1695
1696
1697 /*******************************************************************************
1698 **
1699 ** Function BTM_ReadPacketTypes
1700 **
1701 ** Description This function is set the packet types used for a specific
1702 ** ACL connection,
1703 **
1704 ** Returns packet types supported for the connection, or 0 if no BD address
1705 **
1706 *******************************************************************************/
BTM_ReadPacketTypes(BD_ADDR remote_bda)1707 UINT16 BTM_ReadPacketTypes (BD_ADDR remote_bda)
1708 {
1709 tACL_CONN *p;
1710
1711 BTM_TRACE_DEBUG0 ("BTM_ReadPacketTypes");
1712 p = btm_bda_to_acl(remote_bda);
1713 if (p != (tACL_CONN *)NULL)
1714 {
1715 return(p->pkt_types_mask);
1716 }
1717
1718 /* If here, no BD Addr found */
1719 return(0);
1720 }
1721
1722
1723 /*******************************************************************************
1724 **
1725 ** Function BTM_ReadAclMode
1726 **
1727 ** Description This returns the current mode for a specific
1728 ** ACL connection.
1729 **
1730 ** Input Param remote_bda - device address of desired ACL connection
1731 **
1732 ** Output Param p_mode - address where the current mode is copied into.
1733 ** BTM_ACL_MODE_NORMAL
1734 ** BTM_ACL_MODE_HOLD
1735 ** BTM_ACL_MODE_SNIFF
1736 ** BTM_ACL_MODE_PARK
1737 ** (valid only if return code is BTM_SUCCESS)
1738 **
1739 ** Returns BTM_SUCCESS if successful,
1740 ** BTM_UNKNOWN_ADDR if bd addr is not active or bad
1741 **
1742 *******************************************************************************/
1743 #if BTM_PWR_MGR_INCLUDED == FALSE
BTM_ReadAclMode(BD_ADDR remote_bda,UINT8 * p_mode)1744 tBTM_STATUS BTM_ReadAclMode (BD_ADDR remote_bda, UINT8 *p_mode)
1745 {
1746 tACL_CONN *p;
1747
1748 BTM_TRACE_API6 ("BTM_ReadAclMode: RemBdAddr: %02x%02x%02x%02x%02x%02x",
1749 remote_bda[0], remote_bda[1], remote_bda[2],
1750 remote_bda[3], remote_bda[4], remote_bda[5]);
1751
1752 p = btm_bda_to_acl(remote_bda);
1753 if (p != (tACL_CONN *)NULL)
1754 {
1755 *p_mode = p->mode;
1756 return(BTM_SUCCESS);
1757 }
1758
1759 /* If here, no BD Addr found */
1760 return(BTM_UNKNOWN_ADDR);
1761 }
1762 #endif /* BTM_PWR_MGR_INCLUDED == FALSE */
1763
1764 /*******************************************************************************
1765 **
1766 ** Function BTM_ReadClockOffset
1767 **
1768 ** Description This returns the clock offset for a specific
1769 ** ACL connection.
1770 **
1771 ** Input Param remote_bda - device address of desired ACL connection
1772 **
1773 ** Returns clock-offset or 0 if unknown
1774 **
1775 *******************************************************************************/
BTM_ReadClockOffset(BD_ADDR remote_bda)1776 UINT16 BTM_ReadClockOffset (BD_ADDR remote_bda)
1777 {
1778 tACL_CONN *p;
1779
1780 BTM_TRACE_API6 ("BTM_ReadClockOffset: RemBdAddr: %02x%02x%02x%02x%02x%02x",
1781 remote_bda[0], remote_bda[1], remote_bda[2],
1782 remote_bda[3], remote_bda[4], remote_bda[5]);
1783
1784 if ( (p = btm_bda_to_acl(remote_bda)) != NULL)
1785 return(p->clock_offset);
1786
1787 /* If here, no BD Addr found */
1788 return(0);
1789 }
1790
1791 /*******************************************************************************
1792 **
1793 ** Function BTM_IsAclConnectionUp
1794 **
1795 ** Description This function is called to check if an ACL connection exists
1796 ** to a specific remote BD Address.
1797 **
1798 ** Returns TRUE if connection is up, else FALSE.
1799 **
1800 *******************************************************************************/
BTM_IsAclConnectionUp(BD_ADDR remote_bda)1801 BOOLEAN BTM_IsAclConnectionUp (BD_ADDR remote_bda)
1802 {
1803 tACL_CONN *p;
1804
1805 BTM_TRACE_API6 ("BTM_ReadClockOffset: RemBdAddr: %02x%02x%02x%02x%02x%02x",
1806 remote_bda[0], remote_bda[1], remote_bda[2],
1807 remote_bda[3], remote_bda[4], remote_bda[5]);
1808
1809 p = btm_bda_to_acl(remote_bda);
1810 if (p != (tACL_CONN *)NULL)
1811 {
1812 return(TRUE);
1813 }
1814
1815 /* If here, no BD Addr found */
1816 return(FALSE);
1817 }
1818
1819 /*******************************************************************************
1820 **
1821 ** Function BTM_GetNumAclLinks
1822 **
1823 ** Description This function is called to count the number of
1824 ** ACL links that are active.
1825 **
1826 ** Returns UINT16 Number of active ACL links
1827 **
1828 *******************************************************************************/
BTM_GetNumAclLinks(void)1829 UINT16 BTM_GetNumAclLinks (void)
1830 {
1831 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
1832 return(UINT16)btm_cb.num_acl;
1833 #else
1834 tACL_CONN *p = &btm_cb.acl_db[0];
1835 UINT16 xx, yy;
1836 BTM_TRACE_DEBUG0 ("BTM_GetNumAclLinks");
1837 for (xx = yy = 0; xx < MAX_L2CAP_LINKS; xx++, p++)
1838 {
1839 if (p->in_use)
1840 yy++;
1841 }
1842
1843 return(yy);
1844 #endif
1845 }
1846
1847 /*******************************************************************************
1848 **
1849 ** Function btm_get_acl_disc_reason_code
1850 **
1851 ** Description This function is called to get the disconnection reason code
1852 ** returned by the HCI at disconnection complete event.
1853 **
1854 ** Returns TRUE if connection is up, else FALSE.
1855 **
1856 *******************************************************************************/
btm_get_acl_disc_reason_code(void)1857 UINT16 btm_get_acl_disc_reason_code (void)
1858 {
1859 UINT8 res = btm_cb.acl_disc_reason;
1860 BTM_TRACE_DEBUG0 ("btm_get_acl_disc_reason_code");
1861 return(res);
1862 }
1863
1864
1865 /*******************************************************************************
1866 **
1867 ** Function BTM_GetHCIConnHandle
1868 **
1869 ** Description This function is called to get the handle for an ACL connection
1870 ** to a specific remote BD Address.
1871 **
1872 ** Returns the handle of the connection, or 0xFFFF if none.
1873 **
1874 *******************************************************************************/
BTM_GetHCIConnHandle(BD_ADDR remote_bda)1875 UINT16 BTM_GetHCIConnHandle (BD_ADDR remote_bda)
1876 {
1877 tACL_CONN *p;
1878 BTM_TRACE_DEBUG0 ("BTM_GetHCIConnHandle");
1879 p = btm_bda_to_acl(remote_bda);
1880 if (p != (tACL_CONN *)NULL)
1881 {
1882 return(p->hci_handle);
1883 }
1884
1885 /* If here, no BD Addr found */
1886 return(0xFFFF);
1887 }
1888
1889 #if BTM_PWR_MGR_INCLUDED == FALSE
1890 /*******************************************************************************
1891 **
1892 ** Function btm_process_mode_change
1893 **
1894 ** Description This function is called when an HCI mode change event occurs.
1895 **
1896 ** Input Parms hci_status - status of the event (HCI_SUCCESS if no errors)
1897 ** hci_handle - connection handle associated with the change
1898 ** mode - HCI_MODE_ACTIVE, HCI_MODE_HOLD, HCI_MODE_SNIFF, or HCI_MODE_PARK
1899 ** interval - number of baseband slots (meaning depends on mode)
1900 **
1901 ** Returns void
1902 **
1903 *******************************************************************************/
btm_process_mode_change(UINT8 hci_status,UINT16 hci_handle,UINT8 mode,UINT16 interval)1904 void btm_process_mode_change (UINT8 hci_status, UINT16 hci_handle, UINT8 mode, UINT16 interval)
1905 {
1906 tACL_CONN *p;
1907 UINT8 xx;
1908 BTM_TRACE_DEBUG0 ("btm_process_mode_change");
1909 if (hci_status != HCI_SUCCESS)
1910 {
1911 BTM_TRACE_WARNING1 ("BTM: HCI Mode Change Error Status: 0x%02x", hci_status);
1912 }
1913
1914 /* Look up the connection by handle and set the current mode */
1915 xx = btm_handle_to_acl_index(hci_handle);
1916
1917 /* don't assume that we can never get a bad hci_handle */
1918 if (xx >= MAX_L2CAP_LINKS)
1919 return;
1920
1921 p = &btm_cb.acl_db[xx];
1922
1923 /* If status is not success mode does not mean anything */
1924 if (hci_status == HCI_SUCCESS)
1925 p->mode = mode;
1926
1927 /* If mode change was because of an active role switch or change link key */
1928 btm_cont_rswitch_or_chglinkkey(p, btm_find_dev(p->remote_addr), hci_status);
1929 }
1930 #endif /* BTM_PWR_MGR_INCLUDED == FALSE */
1931
1932 /*******************************************************************************
1933 **
1934 ** Function btm_process_clk_off_comp_evt
1935 **
1936 ** Description This function is called when clock offset command completes.
1937 **
1938 ** Input Parms hci_handle - connection handle associated with the change
1939 ** clock offset
1940 **
1941 ** Returns void
1942 **
1943 *******************************************************************************/
btm_process_clk_off_comp_evt(UINT16 hci_handle,UINT16 clock_offset)1944 void btm_process_clk_off_comp_evt (UINT16 hci_handle, UINT16 clock_offset)
1945 {
1946 UINT8 xx;
1947 BTM_TRACE_DEBUG0 ("btm_process_clk_off_comp_evt");
1948 /* Look up the connection by handle and set the current mode */
1949 if ((xx = btm_handle_to_acl_index(hci_handle)) < MAX_L2CAP_LINKS)
1950 btm_cb.acl_db[xx].clock_offset = clock_offset;
1951 }
1952
1953 /*******************************************************************************
1954 **
1955 ** Function btm_acl_role_changed
1956 **
1957 ** Description This function is called whan a link's master/slave role change
1958 ** event or command status event (with error) is received.
1959 ** It updates the link control block, and calls
1960 ** the registered callback with status and role (if registered).
1961 **
1962 ** Returns void
1963 **
1964 *******************************************************************************/
btm_acl_role_changed(UINT8 hci_status,BD_ADDR bd_addr,UINT8 new_role)1965 void btm_acl_role_changed (UINT8 hci_status, BD_ADDR bd_addr, UINT8 new_role)
1966 {
1967 UINT8 *p_bda = (bd_addr) ? bd_addr : btm_cb.devcb.switch_role_ref_data.remote_bd_addr;
1968 tACL_CONN *p = btm_bda_to_acl(p_bda);
1969 tBTM_ROLE_SWITCH_CMPL *p_data = &btm_cb.devcb.switch_role_ref_data;
1970 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
1971 tBTM_BL_ROLE_CHG_DATA evt;
1972 #endif
1973 #if BTM_DISC_DURING_RS == TRUE
1974 tBTM_SEC_DEV_REC *p_dev_rec;
1975 #endif
1976 BTM_TRACE_DEBUG0 ("btm_acl_role_changed");
1977 /* Ignore any stray events */
1978 if (p == NULL)
1979 {
1980 /* it could be a failure */
1981 if (hci_status != HCI_SUCCESS)
1982 btm_acl_report_role_change(hci_status, bd_addr);
1983 return;
1984 }
1985
1986 p_data->hci_status = hci_status;
1987
1988 if (hci_status == HCI_SUCCESS)
1989 {
1990 p_data->role = new_role;
1991 memcpy(p_data->remote_bd_addr, p_bda, BD_ADDR_LEN);
1992
1993 /* Update cached value */
1994 p->link_role = new_role;
1995
1996 /* Reload LSTO: link supervision timeout is reset in the LM after a role switch */
1997 if (new_role == BTM_ROLE_MASTER)
1998 {
1999 BTM_SetLinkSuperTout (p->remote_addr, p->link_super_tout);
2000 }
2001 }
2002 else
2003 {
2004 /* so the BTM_BL_ROLE_CHG_EVT uses the old role */
2005 new_role = p->link_role;
2006 }
2007
2008 /* Check if any SCO req is pending for role change */
2009 btm_sco_chk_pend_rolechange (p->hci_handle);
2010
2011 /* if switching state is switching we need to turn encryption on */
2012 /* if idle, we did not change encryption */
2013 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_SWITCHING)
2014 {
2015 /* Make sure there's not also a change link key going on before re-enabling */
2016 if (p->change_key_state != BTM_ACL_SWKEY_STATE_SWITCHING)
2017 {
2018 if (btsnd_hcic_set_conn_encrypt (p->hci_handle, TRUE))
2019 {
2020 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_ON;
2021 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_ON;
2022 return;
2023 }
2024 }
2025 else /* Set the state and wait for change link key */
2026 {
2027 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_ON;
2028 return;
2029 }
2030 }
2031
2032 /* Set the switch_role_state to IDLE since the reply received from HCI */
2033 /* regardless of its result either success or failed. */
2034 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_IN_PROGRESS)
2035 {
2036 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
2037 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
2038 }
2039
2040 /* if role switch complete is needed, report it now */
2041 btm_acl_report_role_change(hci_status, bd_addr);
2042
2043 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
2044 /* if role change event is registered, report it now */
2045 if (btm_cb.p_bl_changed_cb && (btm_cb.bl_evt_mask & BTM_BL_ROLE_CHG_MASK))
2046 {
2047 evt.event = BTM_BL_ROLE_CHG_EVT;
2048 evt.new_role = new_role;
2049 evt.p_bda = p_bda;
2050 evt.hci_status = hci_status;
2051 (*btm_cb.p_bl_changed_cb)((tBTM_BL_EVENT_DATA *)&evt);
2052 }
2053
2054 BTM_TRACE_DEBUG3("Role Switch Event: new_role 0x%02x, HCI Status 0x%02x, rs_st:%d",
2055 p_data->role, p_data->hci_status, p->switch_role_state);
2056 #endif
2057
2058 #if BTM_DISC_DURING_RS == TRUE
2059 /* If a disconnect is pending, issue it now that role switch has completed */
2060 if ((p_dev_rec = btm_find_dev (p_bda)) != NULL)
2061 {
2062 if (p_dev_rec->rs_disc_pending == BTM_SEC_DISC_PENDING)
2063 {
2064 BTM_TRACE_WARNING0("btm_acl_role_changed -> Issuing delayed HCI_Disconnect!!!");
2065 btsnd_hcic_disconnect(p_dev_rec->hci_handle, HCI_ERR_PEER_USER);
2066 }
2067 BTM_TRACE_ERROR2("tBTM_SEC_DEV:0x%x rs_disc_pending=%d", (UINT32)p_dev_rec, p_dev_rec->rs_disc_pending);
2068 p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
2069 }
2070
2071 #endif
2072
2073 }
2074
2075 #if (RFCOMM_INCLUDED==TRUE)
2076 /*******************************************************************************
2077 **
2078 ** Function BTM_AllocateSCN
2079 **
2080 ** Description Look through the Server Channel Numbers for a free one.
2081 **
2082 ** Returns Allocated SCN number or 0 if none.
2083 **
2084 *******************************************************************************/
2085
BTM_AllocateSCN(void)2086 UINT8 BTM_AllocateSCN(void)
2087 {
2088 UINT8 x;
2089 BTM_TRACE_DEBUG0 ("BTM_AllocateSCN");
2090
2091 // stack reserves scn 1 for HFP, HSP we still do the correct way
2092 for (x = 1; x < BTM_MAX_SCN; x++)
2093 {
2094 if (!btm_cb.btm_scn[x])
2095 {
2096 btm_cb.btm_scn[x] = TRUE;
2097 return(x+1);
2098 }
2099 }
2100
2101 return(0); /* No free ports */
2102 }
2103
2104 /*******************************************************************************
2105 **
2106 ** Function BTM_TryAllocateSCN
2107 **
2108 ** Description Try to allocate a fixed server channel
2109 **
2110 ** Returns Returns TRUE if server channel was available
2111 **
2112 *******************************************************************************/
2113
BTM_TryAllocateSCN(UINT8 scn)2114 BOOLEAN BTM_TryAllocateSCN(UINT8 scn)
2115 {
2116 UINT8 x;
2117
2118 /* Make sure we don't exceed max port range.
2119 * Stack reserves scn 1 for HFP, HSP we still do the correct way.
2120 */
2121 if ( (scn>=BTM_MAX_SCN) || (scn == 1) )
2122 return FALSE;
2123
2124 /* check if this port is available */
2125 if (!btm_cb.btm_scn[scn-1])
2126 {
2127 btm_cb.btm_scn[scn-1] = TRUE;
2128 return TRUE;
2129 }
2130
2131 return (FALSE); /* Port was busy */
2132 }
2133
2134 /*******************************************************************************
2135 **
2136 ** Function BTM_FreeSCN
2137 **
2138 ** Description Free the specified SCN.
2139 **
2140 ** Returns TRUE or FALSE
2141 **
2142 *******************************************************************************/
BTM_FreeSCN(UINT8 scn)2143 BOOLEAN BTM_FreeSCN(UINT8 scn)
2144 {
2145 BTM_TRACE_DEBUG0 ("BTM_FreeSCN ");
2146 if (scn <= BTM_MAX_SCN)
2147 {
2148 btm_cb.btm_scn[scn-1] = FALSE;
2149 return(TRUE);
2150 }
2151 else
2152 return(FALSE); /* Illegal SCN passed in */
2153 }
2154
2155 #else
2156
2157 /* Make dummy functions for the RPC to link against */
BTM_AllocateSCN(void)2158 UINT8 BTM_AllocateSCN(void)
2159 {
2160 return(0);
2161 }
2162
BTM_FreeSCN(UINT8 scn)2163 BOOLEAN BTM_FreeSCN(UINT8 scn)
2164 {
2165 return(FALSE);
2166 }
2167
2168 #endif
2169
2170
2171 /*******************************************************************************
2172 **
2173 ** Function btm_acl_timeout
2174 **
2175 ** Description This function is called when a timer list entry expires.
2176 **
2177 ** Returns void
2178 **
2179 *******************************************************************************/
btm_acl_timeout(TIMER_LIST_ENT * p_tle)2180 void btm_acl_timeout (TIMER_LIST_ENT *p_tle)
2181 {
2182 UINT32 timer_type = p_tle->param;
2183
2184 BTM_TRACE_DEBUG0 ("btm_acl_timeout");
2185 if (timer_type == TT_DEV_RLNKP)
2186 {
2187 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_rlinkp_cmpl_cb;
2188 tBTM_LNK_POLICY_RESULTS lnkpol;
2189
2190 lnkpol.status = BTM_ERR_PROCESSING;
2191 lnkpol.settings = 0;
2192
2193 btm_cb.devcb.p_rlinkp_cmpl_cb = NULL;
2194
2195 if (p_cb)
2196 (*p_cb)(&lnkpol);
2197 }
2198 }
2199
2200 /*******************************************************************************
2201 **
2202 ** Function btm_set_packet_types
2203 **
2204 ** Description This function sets the packet types used for a specific
2205 ** ACL connection. It is called internally by btm_acl_created
2206 ** or by an application/profile by BTM_SetPacketTypes.
2207 **
2208 ** Returns status of the operation
2209 **
2210 *******************************************************************************/
btm_set_packet_types(tACL_CONN * p,UINT16 pkt_types)2211 tBTM_STATUS btm_set_packet_types (tACL_CONN *p, UINT16 pkt_types)
2212 {
2213 UINT16 temp_pkt_types;
2214 BTM_TRACE_DEBUG0 ("btm_set_packet_types");
2215 /* Save in the ACL control blocks, types that we support */
2216 temp_pkt_types = (pkt_types & BTM_ACL_SUPPORTED_PKTS_MASK &
2217 btm_cb.btm_acl_pkt_types_supported);
2218
2219 /* OR in any exception packet types if at least 2.0 version of spec */
2220 if (btm_cb.devcb.local_version.hci_version >= HCI_PROTO_VERSION_2_0)
2221 {
2222 temp_pkt_types |= ((pkt_types & BTM_ACL_EXCEPTION_PKTS_MASK) |
2223 (btm_cb.btm_acl_pkt_types_supported & BTM_ACL_EXCEPTION_PKTS_MASK));
2224 }
2225 else
2226 {
2227 temp_pkt_types &= (~BTM_ACL_EXCEPTION_PKTS_MASK);
2228 }
2229
2230 /* Exclude packet types not supported by the peer */
2231 btm_acl_chk_peer_pkt_type_support (p, &temp_pkt_types);
2232
2233 BTM_TRACE_DEBUG1 ("SetPacketType Mask -> 0x%04x", temp_pkt_types);
2234
2235 if (!btsnd_hcic_change_conn_type (p->hci_handle, temp_pkt_types))
2236 {
2237 return(BTM_NO_RESOURCES);
2238 }
2239
2240 p->pkt_types_mask = temp_pkt_types;
2241
2242 return(BTM_CMD_STARTED);
2243 }
2244
2245 /*******************************************************************************
2246 **
2247 ** Function btm_get_max_packet_size
2248 **
2249 ** Returns Returns maximum packet size that can be used for current
2250 ** connection, 0 if connection is not established
2251 **
2252 *******************************************************************************/
btm_get_max_packet_size(BD_ADDR addr)2253 UINT16 btm_get_max_packet_size (BD_ADDR addr)
2254 {
2255 tACL_CONN *p = btm_bda_to_acl(addr);
2256 UINT16 pkt_types = 0;
2257 UINT16 pkt_size = 0;
2258 BTM_TRACE_DEBUG0 ("btm_get_max_packet_size");
2259 if (p != NULL)
2260 {
2261 pkt_types = p->pkt_types_mask;
2262 }
2263 else
2264 {
2265 /* Special case for when info for the local device is requested */
2266 if (memcmp (btm_cb.devcb.local_addr, addr, BD_ADDR_LEN) == 0)
2267 {
2268 pkt_types = btm_cb.btm_acl_pkt_types_supported;
2269 }
2270 }
2271
2272 if (pkt_types)
2273 {
2274 if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_3_DH5))
2275 pkt_size = HCI_EDR3_DH5_PACKET_SIZE;
2276 else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_2_DH5))
2277 pkt_size = HCI_EDR2_DH5_PACKET_SIZE;
2278 else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_3_DH3))
2279 pkt_size = HCI_EDR3_DH3_PACKET_SIZE;
2280 else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DH5)
2281 pkt_size = HCI_DH5_PACKET_SIZE;
2282 else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_2_DH3))
2283 pkt_size = HCI_EDR2_DH3_PACKET_SIZE;
2284 else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DM5)
2285 pkt_size = HCI_DM5_PACKET_SIZE;
2286 else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DH3)
2287 pkt_size = HCI_DH3_PACKET_SIZE;
2288 else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DM3)
2289 pkt_size = HCI_DM3_PACKET_SIZE;
2290 else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_3_DH1))
2291 pkt_size = HCI_EDR3_DH1_PACKET_SIZE;
2292 else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_2_DH1))
2293 pkt_size = HCI_EDR2_DH1_PACKET_SIZE;
2294 else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DH1)
2295 pkt_size = HCI_DH1_PACKET_SIZE;
2296 else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DM1)
2297 pkt_size = HCI_DM1_PACKET_SIZE;
2298 }
2299
2300 #ifdef BRCM_VS
2301 /* Using HCI size 1017 instead of 1021 */
2302 if ((pkt_size == HCI_EDR3_DH5_PACKET_SIZE)
2303 && (btu_cb.hcit_acl_data_size == 1017))
2304 pkt_size = 1017;
2305 #endif
2306
2307 return(pkt_size);
2308 }
2309
2310 /*******************************************************************************
2311 **
2312 ** Function BTM_ReadRemoteVersion
2313 **
2314 ** Returns If connected report peer device info
2315 **
2316 *******************************************************************************/
BTM_ReadRemoteVersion(BD_ADDR addr,UINT8 * lmp_version,UINT16 * manufacturer,UINT16 * lmp_sub_version)2317 tBTM_STATUS BTM_ReadRemoteVersion (BD_ADDR addr, UINT8 *lmp_version,
2318 UINT16 *manufacturer, UINT16 *lmp_sub_version)
2319 {
2320 tACL_CONN *p = btm_bda_to_acl(addr);
2321 BTM_TRACE_DEBUG0 ("BTM_ReadRemoteVersion");
2322 if (p == NULL)
2323 return(BTM_UNKNOWN_ADDR);
2324
2325 if (lmp_version)
2326 *lmp_version = p->lmp_version;
2327
2328 if (manufacturer)
2329 *manufacturer = p->manufacturer;
2330
2331 if (lmp_sub_version)
2332 *lmp_sub_version = p->lmp_subversion;
2333
2334 return(BTM_SUCCESS);
2335 }
2336
2337 /*******************************************************************************
2338 **
2339 ** Function BTM_ReadRemoteFeatures
2340 **
2341 ** Returns pointer to the features string
2342 **
2343 *******************************************************************************/
BTM_ReadRemoteFeatures(BD_ADDR addr)2344 UINT8 *BTM_ReadRemoteFeatures (BD_ADDR addr)
2345 {
2346 tACL_CONN *p = btm_bda_to_acl(addr);
2347 BTM_TRACE_DEBUG0 ("BTM_ReadRemoteFeatures");
2348 if (p == NULL)
2349 {
2350 return(NULL);
2351 }
2352
2353 return(p->features);
2354 }
2355
2356 /*******************************************************************************
2357 **
2358 ** Function BTM_RegBusyLevelNotif
2359 **
2360 ** Description This function is called to register a callback to receive
2361 ** busy level change events.
2362 **
2363 ** Returns BTM_SUCCESS if successfully registered, otherwise error
2364 **
2365 *******************************************************************************/
2366 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
BTM_RegBusyLevelNotif(tBTM_BL_CHANGE_CB * p_cb,UINT8 * p_level,tBTM_BL_EVENT_MASK evt_mask)2367 tBTM_STATUS BTM_RegBusyLevelNotif (tBTM_BL_CHANGE_CB *p_cb, UINT8 *p_level,
2368 tBTM_BL_EVENT_MASK evt_mask)
2369 {
2370 BTM_TRACE_DEBUG0 ("BTM_RegBusyLevelNotif");
2371 if (p_level)
2372 *p_level = btm_cb.busy_level;
2373
2374 btm_cb.bl_evt_mask = evt_mask;
2375
2376 if (!p_cb)
2377 btm_cb.p_bl_changed_cb = NULL;
2378 else if (btm_cb.p_bl_changed_cb)
2379 return(BTM_BUSY);
2380 else
2381 btm_cb.p_bl_changed_cb = p_cb;
2382
2383 return(BTM_SUCCESS);
2384 }
2385 #else
2386 /*******************************************************************************
2387 **
2388 ** Function BTM_AclRegisterForChanges
2389 **
2390 ** Returns This function is called to register a callback for when the
2391 ** ACL database changes, i.e. new entry or entry deleted.
2392 **
2393 *******************************************************************************/
BTM_AclRegisterForChanges(tBTM_ACL_DB_CHANGE_CB * p_cb)2394 tBTM_STATUS BTM_AclRegisterForChanges (tBTM_ACL_DB_CHANGE_CB *p_cb)
2395 {
2396 BTM_TRACE_DEBUG0 ("BTM_AclRegisterForChanges");
2397 if (!p_cb)
2398 btm_cb.p_acl_changed_cb = NULL;
2399 else if (btm_cb.p_acl_changed_cb)
2400 return(BTM_BUSY);
2401 else
2402 btm_cb.p_acl_changed_cb = p_cb;
2403
2404 return(BTM_SUCCESS);
2405 }
2406 #endif
2407
2408 /*******************************************************************************
2409 **
2410 ** Function BTM_SetQoS
2411 **
2412 ** Description This function is called to setup QoS
2413 **
2414 ** Returns status of the operation
2415 **
2416 *******************************************************************************/
BTM_SetQoS(BD_ADDR bd,FLOW_SPEC * p_flow,tBTM_CMPL_CB * p_cb)2417 tBTM_STATUS BTM_SetQoS (BD_ADDR bd, FLOW_SPEC *p_flow, tBTM_CMPL_CB *p_cb)
2418 {
2419 tACL_CONN *p = &btm_cb.acl_db[0];
2420
2421 BTM_TRACE_API6 ("BTM_SetQoS: BdAddr: %02x%02x%02x%02x%02x%02x",
2422 bd[0], bd[1], bd[2],
2423 bd[3], bd[4], bd[5]);
2424
2425 /* If someone already waiting on the version, do not allow another */
2426 if (btm_cb.devcb.p_qossu_cmpl_cb)
2427 return(BTM_BUSY);
2428
2429 if ( (p = btm_bda_to_acl(bd)) != NULL)
2430 {
2431 btu_start_timer (&btm_cb.devcb.qossu_timer, BTU_TTYPE_BTM_ACL, BTM_DEV_REPLY_TIMEOUT);
2432 btm_cb.devcb.p_qossu_cmpl_cb = p_cb;
2433
2434 if (!btsnd_hcic_qos_setup (p->hci_handle, p_flow->qos_flags, p_flow->service_type,
2435 p_flow->token_rate, p_flow->peak_bandwidth, p_flow->latency,p_flow->delay_variation))
2436 {
2437 btm_cb.devcb.p_qossu_cmpl_cb = NULL;
2438 btu_stop_timer(&btm_cb.devcb.qossu_timer);
2439 return(BTM_NO_RESOURCES);
2440 }
2441 else
2442 return(BTM_CMD_STARTED);
2443 }
2444
2445 /* If here, no BD Addr found */
2446 return(BTM_UNKNOWN_ADDR);
2447 }
2448
2449 /*******************************************************************************
2450 **
2451 ** Function btm_qos_setup_complete
2452 **
2453 ** Description This function is called when the command complete message
2454 ** is received from the HCI for the qos setup request.
2455 **
2456 ** Returns void
2457 **
2458 *******************************************************************************/
btm_qos_setup_complete(UINT8 status,UINT16 handle,FLOW_SPEC * p_flow)2459 void btm_qos_setup_complete (UINT8 status, UINT16 handle, FLOW_SPEC *p_flow)
2460 {
2461 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_qossu_cmpl_cb;
2462 tBTM_QOS_SETUP_CMPL qossu;
2463 BTM_TRACE_DEBUG0 ("btm_qos_setup_complete");
2464 btu_stop_timer (&btm_cb.devcb.qossu_timer);
2465
2466 btm_cb.devcb.p_qossu_cmpl_cb = NULL;
2467
2468 if (p_cb)
2469 {
2470 memset(&qossu, 0, sizeof(tBTM_QOS_SETUP_CMPL));
2471 qossu.status = status;
2472 qossu.handle = handle;
2473 if (p_flow != NULL)
2474 {
2475 qossu.flow.qos_flags = p_flow->qos_flags;
2476 qossu.flow.service_type = p_flow->service_type;
2477 qossu.flow.token_rate = p_flow->token_rate;
2478 qossu.flow.peak_bandwidth = p_flow->peak_bandwidth;
2479 qossu.flow.latency = p_flow->latency;
2480 qossu.flow.delay_variation = p_flow->delay_variation;
2481 }
2482 BTM_TRACE_DEBUG1 ("BTM: p_flow->delay_variation: 0x%02x",
2483 qossu.flow.delay_variation);
2484 (*p_cb)(&qossu);
2485 }
2486 }
2487
2488
2489 /*******************************************************************************
2490 **
2491 ** Function BTM_ReadRSSI
2492 **
2493 ** Description This function is called to read the link policy settings.
2494 ** The address of link policy results are returned in the callback.
2495 ** (tBTM_RSSI_RESULTS)
2496 **
2497 ** Returns BTM_CMD_STARTED if successfully initiated or error code
2498 **
2499 *******************************************************************************/
BTM_ReadRSSI(BD_ADDR remote_bda,tBTM_CMPL_CB * p_cb)2500 tBTM_STATUS BTM_ReadRSSI (BD_ADDR remote_bda, tBTM_CMPL_CB *p_cb)
2501 {
2502 tACL_CONN *p;
2503
2504 BTM_TRACE_API6 ("BTM_ReadRSSI: RemBdAddr: %02x%02x%02x%02x%02x%02x",
2505 remote_bda[0], remote_bda[1], remote_bda[2],
2506 remote_bda[3], remote_bda[4], remote_bda[5]);
2507
2508 /* If someone already waiting on the version, do not allow another */
2509 if (btm_cb.devcb.p_rssi_cmpl_cb)
2510 return(BTM_BUSY);
2511
2512 p = btm_bda_to_acl(remote_bda);
2513 if (p != (tACL_CONN *)NULL)
2514 {
2515 btu_start_timer (&btm_cb.devcb.rssi_timer, BTU_TTYPE_BTM_ACL,
2516 BTM_DEV_REPLY_TIMEOUT);
2517
2518 btm_cb.devcb.p_rssi_cmpl_cb = p_cb;
2519
2520 if (!btsnd_hcic_read_rssi (p->hci_handle))
2521 {
2522 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
2523 btu_stop_timer (&btm_cb.devcb.rssi_timer);
2524 return(BTM_NO_RESOURCES);
2525 }
2526 else
2527 return(BTM_CMD_STARTED);
2528 }
2529
2530 /* If here, no BD Addr found */
2531 return(BTM_UNKNOWN_ADDR);
2532 }
2533
2534 /*******************************************************************************
2535 **
2536 ** Function BTM_ReadLinkQuality
2537 **
2538 ** Description This function is called to read the link qulaity.
2539 ** The value of the link quality is returned in the callback.
2540 ** (tBTM_LINK_QUALITY_RESULTS)
2541 **
2542 ** Returns BTM_CMD_STARTED if successfully initiated or error code
2543 **
2544 *******************************************************************************/
BTM_ReadLinkQuality(BD_ADDR remote_bda,tBTM_CMPL_CB * p_cb)2545 tBTM_STATUS BTM_ReadLinkQuality (BD_ADDR remote_bda, tBTM_CMPL_CB *p_cb)
2546 {
2547 tACL_CONN *p;
2548
2549 BTM_TRACE_API6 ("BTM_ReadLinkQuality: RemBdAddr: %02x%02x%02x%02x%02x%02x",
2550 remote_bda[0], remote_bda[1], remote_bda[2],
2551 remote_bda[3], remote_bda[4], remote_bda[5]);
2552
2553 /* If someone already waiting on the version, do not allow another */
2554 if (btm_cb.devcb.p_lnk_qual_cmpl_cb)
2555 return(BTM_BUSY);
2556
2557 p = btm_bda_to_acl(remote_bda);
2558 if (p != (tACL_CONN *)NULL)
2559 {
2560 btu_start_timer (&btm_cb.devcb.lnk_quality_timer, BTU_TTYPE_BTM_ACL,
2561 BTM_DEV_REPLY_TIMEOUT);
2562 btm_cb.devcb.p_lnk_qual_cmpl_cb = p_cb;
2563
2564 if (!btsnd_hcic_get_link_quality (p->hci_handle))
2565 {
2566 btu_stop_timer (&btm_cb.devcb.lnk_quality_timer);
2567 btm_cb.devcb.p_lnk_qual_cmpl_cb = NULL;
2568 return(BTM_NO_RESOURCES);
2569 }
2570 else
2571 return(BTM_CMD_STARTED);
2572 }
2573
2574 /* If here, no BD Addr found */
2575 return(BTM_UNKNOWN_ADDR);
2576 }
2577
2578 /*******************************************************************************
2579 **
2580 ** Function BTM_ReadTxPower
2581 **
2582 ** Description This function is called to read the current
2583 ** TX power of the connection. The tx power level results
2584 ** are returned in the callback.
2585 ** (tBTM_RSSI_RESULTS)
2586 **
2587 ** Returns BTM_CMD_STARTED if successfully initiated or error code
2588 **
2589 *******************************************************************************/
BTM_ReadTxPower(BD_ADDR remote_bda,tBTM_CMPL_CB * p_cb)2590 tBTM_STATUS BTM_ReadTxPower (BD_ADDR remote_bda, tBTM_CMPL_CB *p_cb)
2591 {
2592 tACL_CONN *p;
2593 BOOLEAN ret;
2594 #define BTM_READ_RSSI_TYPE_CUR 0x00
2595 #define BTM_READ_RSSI_TYPE_MAX 0X01
2596
2597 BTM_TRACE_API6 ("BTM_ReadTxPower: RemBdAddr: %02x%02x%02x%02x%02x%02x",
2598 remote_bda[0], remote_bda[1], remote_bda[2],
2599 remote_bda[3], remote_bda[4], remote_bda[5]);
2600
2601 /* If someone already waiting on the version, do not allow another */
2602 if (btm_cb.devcb.p_tx_power_cmpl_cb)
2603 return(BTM_BUSY);
2604
2605 p = btm_bda_to_acl(remote_bda);
2606 if (p != (tACL_CONN *)NULL)
2607 {
2608 btu_start_timer (&btm_cb.devcb.tx_power_timer, BTU_TTYPE_BTM_ACL,
2609 BTM_DEV_REPLY_TIMEOUT);
2610
2611 btm_cb.devcb.p_tx_power_cmpl_cb = p_cb;
2612
2613 #if BLE_INCLUDED == TRUE
2614 if (p->is_le_link)
2615 {
2616 memcpy(btm_cb.devcb.read_tx_pwr_addr, remote_bda, BD_ADDR_LEN);
2617 ret = btsnd_hcic_ble_read_adv_chnl_tx_power();
2618 }
2619 else
2620 #endif
2621 {
2622 ret = btsnd_hcic_read_tx_power (p->hci_handle, BTM_READ_RSSI_TYPE_CUR);
2623 }
2624 if (!ret)
2625 {
2626 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
2627 btu_stop_timer (&btm_cb.devcb.tx_power_timer);
2628 return(BTM_NO_RESOURCES);
2629 }
2630 else
2631 return(BTM_CMD_STARTED);
2632 }
2633
2634 /* If here, no BD Addr found */
2635 return (BTM_UNKNOWN_ADDR);
2636 }
2637 /*******************************************************************************
2638 **
2639 ** Function btm_read_tx_power_complete
2640 **
2641 ** Description This function is called when the command complete message
2642 ** is received from the HCI for the read tx power request.
2643 **
2644 ** Returns void
2645 **
2646 *******************************************************************************/
btm_read_tx_power_complete(UINT8 * p,BOOLEAN is_ble)2647 void btm_read_tx_power_complete (UINT8 *p, BOOLEAN is_ble)
2648 {
2649 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_tx_power_cmpl_cb;
2650 tBTM_TX_POWER_RESULTS results;
2651 UINT16 handle;
2652 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
2653 UINT16 index;
2654 BTM_TRACE_DEBUG0 ("btm_read_tx_power_complete");
2655 btu_stop_timer (&btm_cb.devcb.tx_power_timer);
2656
2657 /* If there was a callback registered for read rssi, call it */
2658 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
2659
2660 if (p_cb)
2661 {
2662 STREAM_TO_UINT8 (results.hci_status, p);
2663
2664 if (results.hci_status == HCI_SUCCESS)
2665 {
2666 results.status = BTM_SUCCESS;
2667
2668 if (!is_ble)
2669 {
2670 STREAM_TO_UINT16 (handle, p);
2671 STREAM_TO_UINT8 (results.tx_power, p);
2672
2673 /* Search through the list of active channels for the correct BD Addr */
2674 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++)
2675 {
2676 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle))
2677 {
2678 memcpy (results.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
2679 break;
2680 }
2681 }
2682 }
2683 #if BLE_INCLUDED == TRUE
2684 else
2685 {
2686 STREAM_TO_UINT8 (results.tx_power, p);
2687 memcpy(results.rem_bda, btm_cb.devcb.read_tx_pwr_addr, BD_ADDR_LEN);
2688 }
2689 #endif
2690 BTM_TRACE_DEBUG2 ("BTM TX power Complete: tx_power %d, hci status 0x%02x",
2691 results.tx_power, results.hci_status);
2692 }
2693 else
2694 results.status = BTM_ERR_PROCESSING;
2695
2696 (*p_cb)(&results);
2697 }
2698 }
2699
2700 /*******************************************************************************
2701 **
2702 ** Function btm_read_rssi_complete
2703 **
2704 ** Description This function is called when the command complete message
2705 ** is received from the HCI for the read rssi request.
2706 **
2707 ** Returns void
2708 **
2709 *******************************************************************************/
btm_read_rssi_complete(UINT8 * p)2710 void btm_read_rssi_complete (UINT8 *p)
2711 {
2712 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
2713 tBTM_RSSI_RESULTS results;
2714 UINT16 handle;
2715 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
2716 UINT16 index;
2717 BTM_TRACE_DEBUG0 ("btm_read_rssi_complete");
2718 btu_stop_timer (&btm_cb.devcb.rssi_timer);
2719
2720 /* If there was a callback registered for read rssi, call it */
2721 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
2722
2723 if (p_cb)
2724 {
2725 STREAM_TO_UINT8 (results.hci_status, p);
2726
2727 if (results.hci_status == HCI_SUCCESS)
2728 {
2729 results.status = BTM_SUCCESS;
2730
2731 STREAM_TO_UINT16 (handle, p);
2732
2733 STREAM_TO_UINT8 (results.rssi, p);
2734 BTM_TRACE_DEBUG2 ("BTM RSSI Complete: rssi %d, hci status 0x%02x",
2735 results.rssi, results.hci_status);
2736
2737 /* Search through the list of active channels for the correct BD Addr */
2738 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++)
2739 {
2740 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle))
2741 {
2742 memcpy (results.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
2743 break;
2744 }
2745 }
2746 }
2747 else
2748 results.status = BTM_ERR_PROCESSING;
2749
2750 (*p_cb)(&results);
2751 }
2752 }
2753
2754 /*******************************************************************************
2755 **
2756 ** Function btm_read_link_quality_complete
2757 **
2758 ** Description This function is called when the command complete message
2759 ** is received from the HCI for the read link quality.
2760 **
2761 ** Returns void
2762 **
2763 *******************************************************************************/
btm_read_link_quality_complete(UINT8 * p)2764 void btm_read_link_quality_complete (UINT8 *p)
2765 {
2766 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_lnk_qual_cmpl_cb;
2767 tBTM_LINK_QUALITY_RESULTS results;
2768 UINT16 handle;
2769 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
2770 UINT16 index;
2771 BTM_TRACE_DEBUG0 ("btm_read_link_quality_complete");
2772 btu_stop_timer (&btm_cb.devcb.rssi_timer);
2773
2774 /* If there was a callback registered for read rssi, call it */
2775 btm_cb.devcb.p_lnk_qual_cmpl_cb = NULL;
2776
2777 if (p_cb)
2778 {
2779 STREAM_TO_UINT8 (results.hci_status, p);
2780
2781 if (results.hci_status == HCI_SUCCESS)
2782 {
2783 results.status = BTM_SUCCESS;
2784
2785 STREAM_TO_UINT16 (handle, p);
2786
2787 STREAM_TO_UINT8 (results.link_quality, p);
2788 BTM_TRACE_DEBUG2 ("BTM Link Quality Complete: Link Quality %d, hci status 0x%02x",
2789 results.link_quality, results.hci_status);
2790
2791 /* Search through the list of active channels for the correct BD Addr */
2792 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++)
2793 {
2794 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle))
2795 {
2796 memcpy (results.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
2797 break;
2798 }
2799 }
2800 }
2801 else
2802 results.status = BTM_ERR_PROCESSING;
2803
2804 (*p_cb)(&results);
2805 }
2806 }
2807
2808 /*******************************************************************************
2809 **
2810 ** Function btm_remove_acl
2811 **
2812 ** Description This function is called to disconnect an ACL connection
2813 **
2814 ** Returns BTM_SUCCESS if successfully initiated, otherwise BTM_NO_RESOURCES.
2815 **
2816 *******************************************************************************/
btm_remove_acl(BD_ADDR bd_addr)2817 tBTM_STATUS btm_remove_acl (BD_ADDR bd_addr)
2818 {
2819 UINT16 hci_handle = BTM_GetHCIConnHandle(bd_addr);
2820 tBTM_STATUS status = BTM_SUCCESS;
2821
2822 BTM_TRACE_DEBUG0 ("btm_remove_acl");
2823 #if BTM_DISC_DURING_RS == TRUE
2824 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bd_addr);
2825
2826 /* Role Switch is pending, postpone until completed */
2827 if (p_dev_rec && (p_dev_rec->rs_disc_pending == BTM_SEC_RS_PENDING))
2828 {
2829 p_dev_rec->rs_disc_pending = BTM_SEC_DISC_PENDING;
2830 }
2831 else /* otherwise can disconnect right away */
2832 #endif
2833
2834 if (hci_handle != 0xFFFF)
2835 {
2836 if (!btsnd_hcic_disconnect (hci_handle, HCI_ERR_PEER_USER))
2837 status = BTM_NO_RESOURCES;
2838 }
2839 else
2840 status = BTM_UNKNOWN_ADDR;
2841
2842 return status;
2843 }
2844
2845
2846 /*******************************************************************************
2847 **
2848 ** Function BTM_SetTraceLevel
2849 **
2850 ** Description This function sets the trace level for BTM. If called with
2851 ** a value of 0xFF, it simply returns the current trace level.
2852 **
2853 ** Returns The new or current trace level
2854 **
2855 *******************************************************************************/
BTM_SetTraceLevel(UINT8 new_level)2856 UINT8 BTM_SetTraceLevel (UINT8 new_level)
2857 {
2858 BTM_TRACE_DEBUG0 ("BTM_SetTraceLevel");
2859 if (new_level != 0xFF)
2860 btm_cb.trace_level = new_level;
2861
2862 return(btm_cb.trace_level);
2863 }
2864
2865 /*******************************************************************************
2866 **
2867 ** Function btm_cont_rswitch_or_chglinkkey
2868 **
2869 ** Description This function is called to continue processing an active
2870 ** role switch or change of link key procedure. It first
2871 ** disables encryption if enabled and EPR is not supported
2872 **
2873 ** Returns void
2874 **
2875 *******************************************************************************/
btm_cont_rswitch_or_chglinkkey(tACL_CONN * p,tBTM_SEC_DEV_REC * p_dev_rec,UINT8 hci_status)2876 void btm_cont_rswitch_or_chglinkkey (tACL_CONN *p, tBTM_SEC_DEV_REC *p_dev_rec,
2877 UINT8 hci_status)
2878 {
2879 BOOLEAN sw_ok = TRUE;
2880 BOOLEAN chlk_ok = TRUE;
2881 BTM_TRACE_DEBUG0 ("btm_cont_rswitch_or_chglinkkey ");
2882 /* Check to see if encryption needs to be turned off if pending
2883 change of link key or role switch */
2884 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE ||
2885 p->change_key_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2886 {
2887 /* Must turn off Encryption first if necessary */
2888 /* Some devices do not support switch or change of link key while encryption is on */
2889 if (p_dev_rec != NULL && ((p_dev_rec->sec_flags & BTM_SEC_ENCRYPTED) != 0)
2890 && !BTM_EPR_AVAILABLE(p))
2891 {
2892 if (btsnd_hcic_set_conn_encrypt (p->hci_handle, FALSE))
2893 {
2894 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF;
2895 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2896 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF;
2897
2898 if (p->change_key_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2899 p->change_key_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF;
2900 }
2901 else
2902 {
2903 /* Error occurred; set states back to Idle */
2904 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2905 sw_ok = FALSE;
2906
2907 if (p->change_key_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2908 chlk_ok = FALSE;
2909 }
2910 }
2911 else /* Encryption not used or EPR supported, continue with switch
2912 and/or change of link key */
2913 {
2914 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2915 {
2916 p->switch_role_state = BTM_ACL_SWKEY_STATE_IN_PROGRESS;
2917 #if BTM_DISC_DURING_RS == TRUE
2918 if (p_dev_rec)
2919 p_dev_rec->rs_disc_pending = BTM_SEC_RS_PENDING;
2920 #endif
2921 sw_ok = btsnd_hcic_switch_role (p->remote_addr, (UINT8)!p->link_role);
2922 }
2923
2924 if (p->change_key_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE)
2925 {
2926 p->switch_role_state = BTM_ACL_SWKEY_STATE_IN_PROGRESS;
2927 chlk_ok = btsnd_hcic_change_link_key (p->hci_handle);
2928 }
2929 }
2930
2931 if (!sw_ok)
2932 {
2933 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
2934 btm_acl_report_role_change(hci_status, p->remote_addr);
2935 }
2936
2937 if (!chlk_ok)
2938 {
2939 p->change_key_state = BTM_ACL_SWKEY_STATE_IDLE;
2940 if (btm_cb.devcb.p_chg_link_key_cb)
2941 {
2942 btm_cb.devcb.chg_link_key_ref_data.hci_status = hci_status;
2943 (*btm_cb.devcb.p_chg_link_key_cb)(&btm_cb.devcb.chg_link_key_ref_data);
2944 btm_cb.devcb.p_chg_link_key_cb = NULL;
2945 }
2946 }
2947 }
2948 }
2949
2950 /*******************************************************************************
2951 **
2952 ** Function btm_acl_resubmit_page
2953 **
2954 ** Description send pending page request
2955 **
2956 *******************************************************************************/
btm_acl_resubmit_page(void)2957 void btm_acl_resubmit_page (void)
2958 {
2959 tBTM_SEC_DEV_REC *p_dev_rec;
2960 BT_HDR *p_buf;
2961 UINT8 *pp;
2962 BD_ADDR bda;
2963 BTM_TRACE_DEBUG0 ("btm_acl_resubmit_page");
2964 /* If there were other page request schedule can start the next one */
2965 if ((p_buf = (BT_HDR *)GKI_dequeue (&btm_cb.page_queue)) != NULL)
2966 {
2967 /* skip 3 (2 bytes opcode and 1 byte len) to get to the bd_addr
2968 * for both create_conn and rmt_name */
2969 pp = (UINT8 *)(p_buf + 1) + p_buf->offset + 3;
2970
2971 STREAM_TO_BDADDR (bda, pp);
2972
2973 p_dev_rec = btm_find_or_alloc_dev (bda);
2974
2975 memcpy (btm_cb.connecting_bda, p_dev_rec->bd_addr, BD_ADDR_LEN);
2976 memcpy (btm_cb.connecting_dc, p_dev_rec->dev_class, DEV_CLASS_LEN);
2977
2978 btu_hcif_send_cmd (LOCAL_BR_EDR_CONTROLLER_ID, p_buf);
2979 }
2980 else
2981 btm_cb.paging = FALSE;
2982 }
2983
2984 /*******************************************************************************
2985 **
2986 ** Function btm_acl_reset_paging
2987 **
2988 ** Description set paging to FALSE and free the page queue - called at hci_reset
2989 **
2990 *******************************************************************************/
btm_acl_reset_paging(void)2991 void btm_acl_reset_paging (void)
2992 {
2993 BT_HDR *p;
2994 BTM_TRACE_DEBUG0 ("btm_acl_reset_paging");
2995 /* If we sent reset we are definitely not paging any more */
2996 while ((p = (BT_HDR *)GKI_dequeue(&btm_cb.page_queue)) != NULL)
2997 GKI_freebuf (p);
2998
2999 btm_cb.paging = FALSE;
3000 }
3001
3002 /*******************************************************************************
3003 **
3004 ** Function btm_acl_set_discing
3005 **
3006 ** Description set discing to the given value
3007 **
3008 *******************************************************************************/
btm_acl_set_discing(BOOLEAN discing)3009 void btm_acl_set_discing (BOOLEAN discing)
3010 {
3011 BTM_TRACE_DEBUG0 ("btm_acl_set_discing");
3012 btm_cb.discing = discing;
3013 }
3014
3015 /*******************************************************************************
3016 **
3017 ** Function btm_acl_paging
3018 **
3019 ** Description send a paging command or queue it in btm_cb
3020 **
3021 *******************************************************************************/
btm_acl_paging(BT_HDR * p,BD_ADDR bda)3022 void btm_acl_paging (BT_HDR *p, BD_ADDR bda)
3023 {
3024 tBTM_SEC_DEV_REC *p_dev_rec;
3025
3026 BTM_TRACE_DEBUG4 ("btm_acl_paging discing:%d, paging:%d BDA: %06x%06x",
3027 btm_cb.discing, btm_cb.paging,
3028 (bda[0]<<16) + (bda[1]<<8) + bda[2], (bda[3]<<16) + (bda[4] << 8) + bda[5]);
3029 if (btm_cb.discing)
3030 {
3031 btm_cb.paging = TRUE;
3032 GKI_enqueue (&btm_cb.page_queue, p);
3033 }
3034 else
3035 {
3036 if (!BTM_ACL_IS_CONNECTED (bda))
3037 {
3038 BTM_TRACE_DEBUG2 ("connecting_bda: %06x%06x",
3039 (btm_cb.connecting_bda[0]<<16) + (btm_cb.connecting_bda[1]<<8) + btm_cb.connecting_bda[2],
3040 (btm_cb.connecting_bda[3]<<16) + (btm_cb.connecting_bda[4] << 8) + btm_cb.connecting_bda[5]);
3041 if (btm_cb.paging &&
3042 memcmp (bda, btm_cb.connecting_bda, BD_ADDR_LEN) != 0)
3043 {
3044 GKI_enqueue (&btm_cb.page_queue, p);
3045 }
3046 else
3047 {
3048 p_dev_rec = btm_find_or_alloc_dev (bda);
3049 memcpy (btm_cb.connecting_bda, p_dev_rec->bd_addr, BD_ADDR_LEN);
3050 memcpy (btm_cb.connecting_dc, p_dev_rec->dev_class, DEV_CLASS_LEN);
3051
3052 btu_hcif_send_cmd (LOCAL_BR_EDR_CONTROLLER_ID, p);
3053 }
3054
3055 btm_cb.paging = TRUE;
3056 }
3057 else /* ACL is already up */
3058 {
3059 btu_hcif_send_cmd (LOCAL_BR_EDR_CONTROLLER_ID, p);
3060 }
3061 }
3062 }
3063
3064 /*******************************************************************************
3065 **
3066 ** Function btm_acl_notif_conn_collision
3067 **
3068 ** Description Send connection collision event to upper layer if registered
3069 **
3070 ** Returns TRUE if sent out to upper layer,
3071 ** FALSE if BTM_BUSY_LEVEL_CHANGE_INCLUDED == FALSE, or no one
3072 ** needs the notification.
3073 **
3074 ** Note: Function only used if BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE
3075 **
3076 *******************************************************************************/
btm_acl_notif_conn_collision(BD_ADDR bda)3077 BOOLEAN btm_acl_notif_conn_collision (BD_ADDR bda)
3078 {
3079 #if (BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3080 tBTM_BL_EVENT_DATA evt_data;
3081
3082 /* Report possible collision to the upper layer. */
3083 if (btm_cb.p_bl_changed_cb)
3084 {
3085 BTM_TRACE_DEBUG6 ("btm_acl_notif_conn_collision: RemBdAddr: %02x%02x%02x%02x%02x%02x",
3086 bda[0], bda[1], bda[2], bda[3], bda[4], bda[5]);
3087
3088 evt_data.event = BTM_BL_COLLISION_EVT;
3089 evt_data.conn.p_bda = bda;
3090 (*btm_cb.p_bl_changed_cb)(&evt_data);
3091 return TRUE;
3092 }
3093 else
3094 return FALSE;
3095 #else
3096 return FALSE;
3097 #endif
3098 }
3099
3100
3101 /*******************************************************************************
3102 **
3103 ** Function btm_acl_chk_peer_pkt_type_support
3104 **
3105 ** Description Check if peer supports requested packets
3106 **
3107 *******************************************************************************/
btm_acl_chk_peer_pkt_type_support(tACL_CONN * p,UINT16 * p_pkt_type)3108 void btm_acl_chk_peer_pkt_type_support (tACL_CONN *p, UINT16 *p_pkt_type)
3109 {
3110 /* 3 and 5 slot packets? */
3111 if (!HCI_3_SLOT_PACKETS_SUPPORTED(p->features))
3112 *p_pkt_type &= ~(BTM_ACL_PKT_TYPES_MASK_DH3 +BTM_ACL_PKT_TYPES_MASK_DM3);
3113
3114 if (!HCI_5_SLOT_PACKETS_SUPPORTED(p->features))
3115 *p_pkt_type &= ~(BTM_ACL_PKT_TYPES_MASK_DH5 + BTM_ACL_PKT_TYPES_MASK_DM5);
3116
3117 /* If HCI version > 2.0, then also check EDR packet types */
3118 if (btm_cb.devcb.local_version.hci_version >= HCI_PROTO_VERSION_2_0)
3119 {
3120 /* 2 and 3 MPS support? */
3121 if (!HCI_EDR_ACL_2MPS_SUPPORTED(p->features))
3122 /* Not supported. Add 'not_supported' mask for all 2MPS packet types */
3123 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_2_DH1 + BTM_ACL_PKT_TYPES_MASK_NO_2_DH3 + BTM_ACL_PKT_TYPES_MASK_NO_2_DH5);
3124
3125 if (!HCI_EDR_ACL_3MPS_SUPPORTED(p->features))
3126 /* Not supported. Add 'not_supported' mask for all 3MPS packet types */
3127 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_3_DH1 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH3 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH5);
3128
3129 /* EDR 3 and 5 slot support? */
3130 if (HCI_EDR_ACL_2MPS_SUPPORTED(p->features) || HCI_EDR_ACL_3MPS_SUPPORTED(p->features))
3131 {
3132 if (!HCI_3_SLOT_EDR_ACL_SUPPORTED(p->features))
3133 /* Not supported. Add 'not_supported' mask for all 3-slot EDR packet types */
3134 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_2_DH3 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH3);
3135
3136 if (!HCI_5_SLOT_EDR_ACL_SUPPORTED(p->features))
3137 /* Not supported. Add 'not_supported' mask for all 5-slot EDR packet types */
3138 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_2_DH5 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH5);
3139 }
3140 }
3141 }
3142