1 /******************************************************************************
2 *
3 * Copyright (C) 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the action functions for device manager state
22 * machine.
23 *
24 ******************************************************************************/
25
26 #include "bt_types.h"
27 #include "gki.h"
28 #include "bd.h"
29 #include "bta_sys.h"
30 #include "bta_api.h"
31 #include "bta_dm_int.h"
32 #include "bta_dm_co.h"
33 #include "btm_api.h"
34 #include "btm_int.h"
35 #include "btu.h"
36 #include "sdp_api.h"
37 #include "l2c_api.h"
38 #include "wbt_api.h"
39 #include "utl.h"
40 #include <string.h>
41
42 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
43 static void bta_dm_inq_cmpl_cb (void * p_result);
44 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name);
45 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name);
46 static void bta_dm_find_services ( BD_ADDR bd_addr);
47 static void bta_dm_discover_next_device(void);
48 static void bta_dm_sdp_callback (UINT16 sdp_status);
49 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator);
50 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name);
51 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key);
52 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, LINK_KEY key, UINT8 key_type);
53 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result);
54 static void bta_dm_local_name_cback(BD_ADDR bd_addr);
55 static BOOLEAN bta_dm_check_av(UINT16 event);
56 #if (BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
57 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data);
58 #else
59 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, UINT8 *features, BOOLEAN is_new);
60 #endif
61 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
62
63 /* Extended Inquiry Response */
64 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data);
65
66 #if (BTM_EIR_SERVER_INCLUDED == TRUE)
67 static void bta_dm_set_eir (char *local_name);
68 #endif /* BTM_EIR_SERVER_INCLUDED */
69
70 #if (BTM_EIR_CLIENT_INCLUDED == TRUE)
71 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
72 tBTA_SERVICE_MASK *p_services_to_search,
73 tBTA_SERVICE_MASK *p_services_found);
74 #endif /* BTM_EIR_CLIENT_INCLUDED */
75
76 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result);
77 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle);
78 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result);
79 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle);
80 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle);
81 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle);
82 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
83 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch);
84 static char *bta_dm_get_remname(void);
85 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result);
86
87 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr);
88 static void bta_dm_discover_device(BD_ADDR remote_bd_addr);
89
90 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status );
91
92 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr);
93 static void bta_dm_delay_role_switch_cback (TIMER_LIST_ENT *p_tle);
94
95 static void bta_dm_disable_search_and_disc(void);
96 #if ((defined BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
97 #if ((defined SMP_INCLUDED) && (SMP_INCLUDED == TRUE))
98 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data);
99 #endif
100 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key);
101 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
102 static void bta_dm_gattc_register(void);
103 static void btm_dm_start_gatt_discovery ( BD_ADDR bd_addr);
104 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr);
105 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data);
106 #endif
107 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
108 static void bta_dm_observe_cmpl_cb (void * p_result);
109
110 #ifndef BTA_DM_BLE_ADV_CHNL_MAP
111 #define BTA_DM_BLE_ADV_CHNL_MAP (BTM_BLE_ADV_CHNL_37|BTM_BLE_ADV_CHNL_38|BTM_BLE_ADV_CHNL_39)
112 #endif
113 #endif
114 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr);
115
116 extern void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8* p_uuid128);
117
118 const UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID] =
119 {
120 UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */
121 UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
122 UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */
123 UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */
124 UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */
125 UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
126 UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
127 UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */
128 UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */
129 UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */
130 UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */
131 UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
132 UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */
133 UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */
134 UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */
135 UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */
136 UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */
137 UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */
138 UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */
139 UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */
140 UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */
141 UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */
142 UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */
143 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */
144 UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
145 UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */
146 UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */
147 UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */
148 UUID_SERVCLASS_PBAP_PCE /* BTA_PCE_SERVICE_ID */
149 #if BLE_INCLUDED && BTA_GATT_INCLUDED
150 ,UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */
151 #endif
152 };
153
154 /*
155 * NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should be matching with
156 * the value BTA_MAX_SERVICE_ID in bta_api.h
157 *
158 * i.e., If you add new Service ID for BTA, the correct security ID of the new service
159 * from Security service definitions (btm_api.h) should be added to this lookup table.
160 */
161 const UINT32 bta_service_id_to_btm_srv_id_lkup_tbl [BTA_MAX_SERVICE_ID] =
162 {
163 0, /* Reserved */
164 BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
165 BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */
166 BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */
167 BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */
168 BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */
169 BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
170 BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */
171 BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */
172 BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */
173 BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */
174 BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
175 BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */
176 BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */
177 BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */
178 BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */
179 BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */
180 BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */
181 BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */
182 BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */
183 BTM_SEC_SERVICE_HIDH_SEC_CTRL, /* BTA_HID_SERVICE_ID */
184 BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */
185 BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */
186 BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
187 BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
188 BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */
189 BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */
190 BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */
191 BTM_SEC_SERVICE_PBAP /* BTA_PCE_SERVICE_ID */
192 #if BLE_INCLUDED && BTA_GATT_INCLUDED
193 ,BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */
194 #endif
195
196 };
197
198 /* bta security callback */
199 const tBTM_APPL_INFO bta_security =
200 {
201 &bta_dm_authorize_cback,
202 &bta_dm_pin_cback,
203 &bta_dm_new_link_key_cback,
204 &bta_dm_link_key_request_cback,
205 &bta_dm_authentication_complete_cback,
206 NULL,
207 &bta_dm_bond_cancel_complete_cback,
208 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
209 &bta_dm_sp_cback
210 #else
211 NULL
212 #endif
213 #if BLE_INCLUDED == TRUE
214 #if SMP_INCLUDED == TRUE
215 ,&bta_dm_ble_smp_cback
216 #endif
217 ,&bta_dm_ble_id_key_cback
218 #endif
219
220 };
221
222 /* TBD... To be moved to some conf file..? */
223 #define BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT 5
224 const tBTA_DM_LMP_VER_INFO bta_role_switch_blacklist[BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT] =
225 {
226 {0x000F,0x2000,0x04},
227 {0x00,0x00,0x00},
228 {0x00,0x00,0x00},
229 {0x00,0x00,0x00},
230 {0x00,0x00,0x00}
231 };
232
233 #define MAX_DISC_RAW_DATA_BUF (4096)
234 UINT8 g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF];
235
236 /*******************************************************************************
237 **
238 ** Function bta_dm_app_ready_timer_cback
239 **
240 ** Description allow sending EIR to controller
241 **
242 **
243 ** Returns void
244 **
245 *******************************************************************************/
246 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE)
bta_dm_app_ready_timer_cback(TIMER_LIST_ENT * p_tle)247 static void bta_dm_app_ready_timer_cback (TIMER_LIST_ENT *p_tle)
248 {
249 bta_dm_set_eir (NULL);
250 }
251 #else
252 #define bta_dm_app_ready_timer_cback (x)
253 #endif
254
255 /*******************************************************************************
256 **
257 ** Function bta_dm_enable
258 **
259 ** Description Initialises the BT device manager
260 **
261 **
262 ** Returns void
263 **
264 *******************************************************************************/
bta_dm_enable(tBTA_DM_MSG * p_data)265 void bta_dm_enable(tBTA_DM_MSG *p_data)
266 {
267 tBTA_SYS_HW_MSG *sys_enable_event;
268 tBTA_DM_SEC sec_event;
269
270 /* if already in use, return an error */
271 if( bta_dm_cb.is_bta_dm_active == TRUE )
272 {
273 APPL_TRACE_WARNING0("bta_dm_enable - device already started by another application");
274 memset(&sec_event.enable, 0, sizeof ( tBTA_DM_ENABLE ));
275 sec_event.enable.status = BTA_FAILURE;
276 if( p_data->enable.p_sec_cback != NULL )
277 p_data->enable.p_sec_cback (BTA_DM_ENABLE_EVT, &sec_event);
278 return;
279 }
280
281 /* first, register our callback to SYS HW manager */
282 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
283
284 /* make sure security callback is saved - if no callback, do not erase the previous one,
285 it could be an error recovery mechanism */
286 if( p_data->enable.p_sec_cback != NULL )
287 bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback;
288 /* notify BTA DM is now active */
289 bta_dm_cb.is_bta_dm_active = TRUE;
290
291 /* send a message to BTA SYS */
292 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
293 {
294 sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT;
295 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
296
297 bta_sys_sendmsg(sys_enable_event);
298
299 }
300
301
302
303 }
304
305
306
307 /*******************************************************************************
308 **
309 ** Function bta_dm_sys_hw_cback
310 **
311 ** Description callback register to SYS to get HW status updates
312 **
313 **
314 ** Returns void
315 **
316 *******************************************************************************/
bta_dm_sys_hw_cback(tBTA_SYS_HW_EVT status)317 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status )
318 {
319 DEV_CLASS dev_class;
320 tBTA_DM_SEC_CBACK *temp_cback;
321 #if BLE_INCLUDED == TRUE
322 UINT8 key_mask = 0;
323 BT_OCTET16 er;
324 tBTA_BLE_LOCAL_ID_KEYS id_key;
325 tBT_UUID app_uuid = {LEN_UUID_128,{0}};
326 #endif
327 APPL_TRACE_DEBUG1(" bta_dm_sys_hw_cback with event: %i" , status );
328
329 /* On H/W error evt, report to the registered DM application callback */
330 if (status == BTA_SYS_HW_ERROR_EVT) {
331 if( bta_dm_cb.p_sec_cback != NULL )
332 bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL);
333 return;
334 }
335 if( status == BTA_SYS_HW_OFF_EVT )
336 {
337 if( bta_dm_cb.p_sec_cback != NULL )
338 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
339
340 /* reinitialize the control block */
341 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
342
343 /* unregister from SYS */
344 bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH );
345 /* notify BTA DM is now unactive */
346 bta_dm_cb.is_bta_dm_active = FALSE;
347 }
348 else
349 if( status == BTA_SYS_HW_ON_EVT )
350 {
351 /* FIXME: We should not unregister as the SYS shall invoke this callback on a H/W error.
352 * We need to revisit when this platform has more than one BLuetooth H/W chip */
353 //bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH);
354
355 /* save security callback */
356 temp_cback = bta_dm_cb.p_sec_cback;
357 /* make sure the control block is properly initialized */
358 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
359 /* and retrieve the callback */
360 bta_dm_cb.p_sec_cback=temp_cback;
361 bta_dm_cb.is_bta_dm_active = TRUE;
362
363 /* hw is ready, go on with BTA DM initialization */
364 memset(&bta_dm_search_cb, 0x00, sizeof(bta_dm_search_cb));
365 memset(&bta_dm_conn_srvcs, 0x00, sizeof(bta_dm_conn_srvcs));
366 memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB));
367
368 memcpy(dev_class, bta_dm_cfg.dev_class, sizeof(dev_class));
369 BTM_SetDeviceClass (dev_class);
370
371 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
372 /* load BLE local information: ID keys, ER if available */
373 bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key);
374
375 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER)
376 {
377 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER, (tBTM_BLE_LOCAL_KEYS *)&er);
378 }
379 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID)
380 {
381 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID, (tBTM_BLE_LOCAL_KEYS *)&id_key);
382 }
383 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
384 #endif
385
386 BTM_SecRegister((tBTM_APPL_INFO*)&bta_security);
387 BTM_SetDefaultLinkSuperTout(bta_dm_cfg.link_timeout);
388 BTM_WritePageTimeout(bta_dm_cfg.page_timeout);
389 bta_dm_cb.cur_policy = bta_dm_cfg.policy_settings;
390 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
391 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
392 BTM_RegBusyLevelNotif (bta_dm_bl_change_cback, NULL, BTM_BL_UPDATE_MASK|BTM_BL_ROLE_CHG_MASK);
393 #else
394 BTM_AclRegisterForChanges(bta_dm_acl_change_cback);
395 #endif
396 /* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the bd_addr
397 from the control block and invoking the callback which was sending the DM_ENABLE_EVT.
398 But then we have a few HCI commands being invoked above which were still in progress
399 when the ENABLE_EVT was sent. So modified this to fetch the local name which forces
400 the DM_ENABLE_EVT to be sent only after all the init steps are complete */
401 BTM_ReadLocalDeviceNameFromController((tBTM_CMPL_CB *)bta_dm_local_name_cback);
402
403 bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback);
404
405 /* initialize bluetooth low power manager */
406 bta_dm_init_pm();
407
408 bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback);
409
410
411 // BLUEDROID REMOVE ??
412 #if 0
413 #if 1
414 /* Create broadcom primary DI record */
415 if(WBT_ExtCreateRecord())
416 {
417 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&( BTA_EIR_CANNED_UUID_LIST != TRUE )
418 /* while app_ready_timer is running, BTA DM doesn't send EIR to controller */
419 bta_dm_cb.app_ready_timer.p_cback = (TIMER_CBACK*)&bta_dm_app_ready_timer_cback;
420 bta_sys_start_timer(&bta_dm_cb.app_ready_timer, 0, 100);
421
422 bta_sys_add_uuid(UUID_SERVCLASS_PNP_INFORMATION);
423 #endif
424 bta_dm_di_cb.di_handle[bta_dm_di_cb.di_num] = 0; /* primary DI record */
425 bta_dm_di_cb.di_num ++;
426 }
427 #else /* Eventually implement pin code */
428 if (WBT_ExtCreateRecord())
429 WBT_ExtAddPinCode();
430 #endif
431 #endif
432 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
433 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128);
434 bta_dm_gattc_register();
435 #endif
436
437 }
438 else
439 APPL_TRACE_DEBUG0(" --- ignored event");
440
441 }
442
443
444 /*******************************************************************************
445 **
446 ** Function bta_dm_disable
447 **
448 ** Description Disables the BT device manager
449 **
450 **
451 ** Returns void
452 **
453 *******************************************************************************/
bta_dm_disable(tBTA_DM_MSG * p_data)454 void bta_dm_disable (tBTA_DM_MSG *p_data)
455 {
456 /* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after last channel is closed) */
457 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0);
458
459 /* disable all active subsystems */
460 bta_sys_disable(BTA_SYS_HW_BLUETOOTH);
461
462 BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0);
463 BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0);
464
465 bta_dm_disable_pm();
466 bta_dm_disable_search_and_disc();
467 bta_dm_cb.disabling = TRUE;
468
469
470 if(BTM_GetNumAclLinks()==0)
471 {
472 #if (defined(BTA_DISABLE_DELAY) && BTA_DISABLE_DELAY > 0)
473 /* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the shutdown by
474 * BTA_DISABLE_DELAY milliseconds
475 */
476 APPL_TRACE_WARNING2("%s BTA_DISABLE_DELAY set to %d ms",
477 __FUNCTION__, BTA_DISABLE_DELAY);
478 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
479 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
480 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, BTA_DISABLE_DELAY);
481 #else
482 bta_dm_disable_conn_down_timer_cback(NULL);
483 #endif
484 }
485 else
486 {
487 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback;
488 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 5000);
489 }
490
491 }
492
493 /*******************************************************************************
494 **
495 ** Function bta_dm_disable_timer_cback
496 **
497 ** Description Called if the disable timer expires
498 ** Used to close ACL connections which are still active
499 **
500 **
501 **
502 ** Returns void
503 **
504 *******************************************************************************/
bta_dm_disable_timer_cback(TIMER_LIST_ENT * p_tle)505 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle)
506 {
507
508 UINT8 i;
509
510 APPL_TRACE_EVENT0(" bta_dm_disable_timer_cback ");
511
512 if(BTM_GetNumAclLinks())
513 {
514 for(i=0; i<bta_dm_cb.device_list.count; i++)
515 {
516 btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
517
518 }
519
520 }
521 else
522 {
523 bta_dm_cb.disabling = FALSE;
524
525 bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION);
526 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
527 }
528 }
529
530
531
532
533 /*******************************************************************************
534 **
535 ** Function bta_dm_set_dev_name
536 **
537 ** Description Sets local device name
538 **
539 **
540 ** Returns void
541 **
542 *******************************************************************************/
bta_dm_set_dev_name(tBTA_DM_MSG * p_data)543 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data)
544 {
545
546 BTM_SetLocalDeviceName((char*)p_data->set_name.name);
547 #if (BTM_EIR_SERVER_INCLUDED == TRUE)
548 bta_dm_set_eir ((char*)p_data->set_name.name);
549 #endif
550 }
551
552 /*******************************************************************************
553 **
554 ** Function bta_dm_set_visibility
555 **
556 ** Description Sets discoverability, connectability and pairability
557 **
558 **
559 ** Returns void
560 **
561 *******************************************************************************/
bta_dm_set_visibility(tBTA_DM_MSG * p_data)562 void bta_dm_set_visibility (tBTA_DM_MSG *p_data)
563 {
564
565
566 /* set modes for Discoverability and connectability if not ignore */
567 if (p_data->set_visibility.disc_mode != BTA_DM_IGNORE)
568 BTM_SetDiscoverability((UINT8)p_data->set_visibility.disc_mode,
569 bta_dm_cb.inquiry_scan_window,
570 bta_dm_cb.inquiry_scan_interval);
571
572 if (p_data->set_visibility.conn_mode != BTA_DM_IGNORE)
573 BTM_SetConnectability((UINT8)p_data->set_visibility.conn_mode,
574 bta_dm_cb.page_scan_window,
575 bta_dm_cb.page_scan_interval);
576
577 /* Send False or True if not ignore */
578 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE )
579 {
580
581 if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE)
582 bta_dm_cb.disable_pair_mode = TRUE;
583 else
584 bta_dm_cb.disable_pair_mode = FALSE;
585
586 }
587
588 /* Send False or True if not ignore */
589 if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
590 {
591
592 if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL)
593 bta_dm_cb.conn_paired_only = FALSE;
594 else
595 bta_dm_cb.conn_paired_only = TRUE;
596
597 }
598
599 /* Change mode if either mode is not ignore */
600 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE || p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
601 BTM_SetPairableMode((BOOLEAN)(!(bta_dm_cb.disable_pair_mode)),bta_dm_cb.conn_paired_only);
602
603 }
604
605
606 /*******************************************************************************
607 **
608 ** Function bta_dm_set_afhchannels
609 **
610 ** Description This function sets the AFH first and
611 ** last disable channel, so channels within
612 ** that range are disabled.
613 **
614 **
615 ** Returns void
616 **
617 *******************************************************************************/
bta_dm_set_afhchannels(tBTA_DM_MSG * p_data)618 void bta_dm_set_afhchannels (tBTA_DM_MSG *p_data)
619 {
620 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last);
621
622 }
623
624
625 /*******************************************************************************
626 **
627 ** Function bta_dm_vendor_spec_command
628 **
629 ** Description Send a vendor specific command to the controller
630 **
631 **
632 ** Returns void
633 **
634 *******************************************************************************/
bta_dm_vendor_spec_command(tBTA_DM_MSG * p_data)635 void bta_dm_vendor_spec_command (tBTA_DM_MSG *p_data)
636 {
637 tBTM_STATUS status;
638
639 status = BTM_VendorSpecificCommand(p_data->vendor_command.opcode,p_data->vendor_command.param_len,p_data->vendor_command.p_param_buf, p_data->vendor_command.p_cback);
640
641 }
642
643
644 /*******************************************************************************
645 **
646 ** Function bta_dm_tx_inqpower
647 **
648 ** Description write inquiry tx power.
649 **
650 **
651 ** Returns void
652 **
653 *******************************************************************************/
bta_dm_tx_inqpower(tBTA_DM_MSG * p_data)654 void bta_dm_tx_inqpower(tBTA_DM_MSG *p_data)
655 {
656 if (BTM_WriteInquiryTxPower (p_data->tx_inq_pwr.tx_power) == BTM_ILLEGAL_VALUE)
657 {
658 APPL_TRACE_ERROR1("Invalid Inquiry Tx Power: %d", p_data->tx_inq_pwr.tx_power);
659 }
660 return;
661 }
662
663 /*******************************************************************************
664 **
665 ** Function bta_dm_remove_device
666 **
667 ** Description Removes device, Disconnects ACL link if required.
668 ****
669 *******************************************************************************/
bta_dm_remove_device(tBTA_DM_MSG * p_data)670 void bta_dm_remove_device (tBTA_DM_MSG *p_data)
671 {
672 tBTA_DM_API_REMOVE_DEVICE *p_dev = &p_data->remove_dev;
673 int i;
674 tBTA_DM_SEC sec_event;
675
676 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
677 /* need to remove all pending background connection before unpair */
678 BTA_GATTC_CancelOpen(0, p_dev->bd_addr, FALSE);
679 #endif
680
681 if (BTM_IsAclConnectionUp(p_dev->bd_addr))
682 {
683 /* Take the link down first, and mark the device for removal when disconnected */
684 btm_remove_acl( p_dev->bd_addr) ;
685
686 for(i=0; i<bta_dm_cb.device_list.count; i++)
687 {
688 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_dev->bd_addr))
689 break;
690 }
691
692 if(i < bta_dm_cb.device_list.count)
693 {
694 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
695 }
696 }
697 else /* Ok to remove the device in application layer */
698 {
699 BTM_SecDeleteDevice(p_dev->bd_addr);
700 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
701 /* remove all cached GATT information */
702 BTA_GATTC_Refresh(p_dev->bd_addr);
703 #endif
704
705 if( bta_dm_cb.p_sec_cback )
706 {
707 bdcpy(sec_event.link_down.bd_addr, p_dev->bd_addr);
708 /* No connection, set status to success (acl disc code not valid) */
709 sec_event.link_down.status = HCI_SUCCESS;
710 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event);
711 }
712 }
713 }
714
715 /*******************************************************************************
716 **
717 ** Function bta_dm_add_device
718 **
719 ** Description This function adds a Link Key to an security database entry.
720 ** It is normally called during host startup to restore all required information
721 ** stored in the NVRAM.
722 ****
723 *******************************************************************************/
bta_dm_add_device(tBTA_DM_MSG * p_data)724 void bta_dm_add_device (tBTA_DM_MSG *p_data)
725 {
726 tBTA_DM_API_ADD_DEVICE *p_dev = &p_data->add_dev;
727 UINT8 *p_dc = NULL;
728 UINT8 *p_lc = NULL;
729 UINT32 trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
730 UINT8 index = 0;
731 UINT8 btm_mask_index = 0;
732
733 memset (trusted_services_mask, 0, sizeof(trusted_services_mask));
734
735 /* If not all zeros, the device class has been specified */
736 if (p_dev->dc_known)
737 p_dc = (UINT8 *)p_dev->dc;
738
739 if (p_dev->link_key_known)
740 p_lc = (UINT8 *)p_dev->link_key;
741
742 if (p_dev->is_trusted)
743 {
744 /* covert BTA service mask to BTM mask */
745 while (p_dev->tm && (index < BTA_MAX_SERVICE_ID))
746 {
747 if (p_dev->tm & (UINT32)(1<<index))
748 {
749
750 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS;
751 trusted_services_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] - (UINT32)(btm_mask_index * 32)));
752
753 p_dev->tm &= (UINT32)(~(1<<index));
754
755 }
756 index++;
757 }
758 }
759
760 if (!BTM_SecAddDevice (p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features,
761 trusted_services_mask, p_lc, p_dev->key_type, p_dev->io_cap))
762 {
763 APPL_TRACE_ERROR2 ("BTA_DM: Error adding device %08x%04x",
764 (p_dev->bd_addr[0]<<24)+(p_dev->bd_addr[1]<<16)+(p_dev->bd_addr[2]<<8)+p_dev->bd_addr[3],
765 (p_dev->bd_addr[4]<<8)+p_dev->bd_addr[5]);
766 }
767 }
768
769 /*******************************************************************************
770 **
771 ** Function bta_dm_close_acl
772 **
773 ** Description This function forces to close the connection to a remote device
774 ** and optionaly remove the device from security database if
775 ** required.
776 ****
777 *******************************************************************************/
bta_dm_close_acl(tBTA_DM_MSG * p_data)778 void bta_dm_close_acl(tBTA_DM_MSG *p_data)
779 {
780 tBTA_DM_API_REMOVE_ACL *p_remove_acl = &p_data->remove_acl;
781 UINT8 index;
782
783 APPL_TRACE_DEBUG0("bta_dm_close_acl");
784
785 if (BTM_IsAclConnectionUp(p_remove_acl->bd_addr))
786 {
787 for (index = 0; index < bta_dm_cb.device_list.count; index ++)
788 {
789 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, p_remove_acl->bd_addr))
790 break;
791 }
792 if (index != bta_dm_cb.device_list.count)
793 {
794 if (p_remove_acl->remove_dev)
795 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE;
796 }
797 else
798 {
799 APPL_TRACE_ERROR0("unknown device, remove ACL failed");
800 }
801 /* Disconnect the ACL link */
802 btm_remove_acl(p_remove_acl->bd_addr);
803 }
804 /* if to remove the device from security database ? do it now */
805 else if (p_remove_acl->remove_dev)
806 {
807 if (!BTM_SecDeleteDevice(p_remove_acl->bd_addr))
808 {
809 APPL_TRACE_ERROR0("delete device from security database failed.");
810 }
811 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
812 /* need to remove all pending background connection if any */
813 BTA_GATTC_CancelOpen(0, p_remove_acl->bd_addr, FALSE);
814 /* remove all cached GATT information */
815 BTA_GATTC_Refresh(p_remove_acl->bd_addr);
816 #endif
817 }
818 /* otherwise, no action needed */
819
820 }
821 /*******************************************************************************
822 **
823 ** Function bta_dm_bond
824 **
825 ** Description Bonds with peer device
826 **
827 **
828 ** Returns void
829 **
830 *******************************************************************************/
bta_dm_bond(tBTA_DM_MSG * p_data)831 void bta_dm_bond (tBTA_DM_MSG *p_data)
832 {
833 tBTM_STATUS status;
834 tBTA_DM_SEC sec_event;
835 char *p_name;
836
837 status = BTM_SecBond ( p_data->bond.bd_addr, 0, NULL, 0 );
838
839 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED))
840 {
841
842 p_name = BTM_SecReadDevName(p_data->bond.bd_addr);
843 if (!p_name)
844 p_name = "";
845
846 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
847 bdcpy(sec_event.auth_cmpl.bd_addr, p_data->bond.bd_addr);
848 memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1));
849 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
850
851 /* taken care of by memset [above]
852 sec_event.auth_cmpl.key_present = FALSE;
853 sec_event.auth_cmpl.success = FALSE;
854 */
855 sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND;
856 if (status == BTM_SUCCESS)
857 {
858 sec_event.auth_cmpl.success = TRUE;
859 }
860 else
861 {
862 /* delete this device entry from Sec Dev DB */
863 bta_dm_remove_sec_dev_entry(p_data->bond.bd_addr);
864 }
865 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
866 }
867
868 }
869
870 /*******************************************************************************
871 **
872 ** Function bta_dm_bond_cancel
873 **
874 ** Description Cancels bonding with a peer device
875 **
876 **
877 ** Returns void
878 **
879 *******************************************************************************/
bta_dm_bond_cancel(tBTA_DM_MSG * p_data)880 void bta_dm_bond_cancel (tBTA_DM_MSG *p_data)
881 {
882 tBTM_STATUS status;
883 tBTA_DM_SEC sec_event;
884
885 APPL_TRACE_EVENT0(" bta_dm_bond_cancel ");
886 status = BTM_SecBondCancel ( p_data->bond_cancel.bd_addr );
887
888 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED && status != BTM_SUCCESS))
889 {
890 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
891
892 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
893 }
894
895 }
896
897 /*******************************************************************************
898 **
899 ** Function bta_dm_pin_reply
900 **
901 ** Description Send the pin_reply to a request from BTM
902 **
903 **
904 ** Returns void
905 **
906 *******************************************************************************/
bta_dm_pin_reply(tBTA_DM_MSG * p_data)907 void bta_dm_pin_reply (tBTA_DM_MSG *p_data)
908 {
909 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
910 UINT32 * current_trusted_mask;
911
912 current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr);
913
914 if(current_trusted_mask)
915 {
916 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
917 }
918 else
919 {
920 memset(trusted_mask, 0, sizeof(trusted_mask));
921 }
922
923 if(p_data->pin_reply.accept)
924 {
925
926 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS, p_data->pin_reply.pin_len, p_data->pin_reply.p_pin, trusted_mask );
927 }
928 else
929 {
930 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL, trusted_mask );
931 }
932
933 }
934
935 /*******************************************************************************
936 **
937 ** Function bta_dm_link_policy
938 **
939 ** Description remove/set link policy mask.
940 ** wake the link, is sniff/park is removed
941 **
942 ** Returns void
943 **
944 *******************************************************************************/
bta_dm_link_policy(tBTA_DM_MSG * p_data)945 void bta_dm_link_policy (tBTA_DM_MSG *p_data)
946 {
947 tBTA_DM_PEER_DEVICE *p_dev;
948
949 p_dev = bta_dm_find_peer_device(p_data->link_policy.bd_addr);
950 if(!p_dev)
951 return;
952
953 APPL_TRACE_DEBUG2(" bta_dm_link_policy set:%d, policy:0x%x",
954 p_data->link_policy.set, p_data->link_policy.policy_mask);
955 if(p_data->link_policy.set)
956 {
957 /* restore the default link policy */
958 p_dev->link_policy |= p_data->link_policy.policy_mask;
959 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
960 }
961 else
962 {
963 /* clear the policy from the default link policy */
964 p_dev->link_policy &= (~p_data->link_policy.policy_mask);
965 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
966
967 if(p_data->link_policy.policy_mask & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
968 {
969 /* if clearing sniff/park, wake the link */
970 bta_dm_pm_active(p_dev->peer_bdaddr);
971 }
972 }
973 }
974
975 /*******************************************************************************
976 **
977 ** Function bta_dm_policy_cback
978 **
979 ** Description process the link policy changes
980 **
981 ** Returns void
982 **
983 *******************************************************************************/
bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status,UINT8 id,UINT8 app_id,BD_ADDR peer_addr)984 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
985 {
986 tBTA_DM_PEER_DEVICE *p_dev = NULL;
987 UINT16 policy = app_id;
988 UINT32 mask = (UINT32)(1 << id);
989
990 if(peer_addr)
991 p_dev = bta_dm_find_peer_device(peer_addr);
992
993 APPL_TRACE_DEBUG2(" bta_dm_policy_cback cmd:%d, policy:0x%x",
994 status, policy);
995 switch(status)
996 {
997 case BTA_SYS_PLCY_SET:
998 if(!p_dev)
999 return;
1000 /* restore the default link policy */
1001 p_dev->link_policy |= policy;
1002 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
1003 break;
1004
1005 case BTA_SYS_PLCY_CLR:
1006 if(!p_dev)
1007 return;
1008 /* clear the policy from the default link policy */
1009 p_dev->link_policy &= (~policy);
1010 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
1011
1012 if(policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
1013 {
1014 /* if clearing sniff/park, wake the link */
1015 bta_dm_pm_active(p_dev->peer_bdaddr);
1016 }
1017 break;
1018
1019 case BTA_SYS_PLCY_DEF_SET:
1020 /* want to restore/set the role switch policy */
1021 bta_dm_cb.role_policy_mask &= ~mask;
1022 if(0 == bta_dm_cb.role_policy_mask)
1023 {
1024 /* if nobody wants to insist on the role */
1025 bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH;
1026 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
1027 }
1028 break;
1029
1030 case BTA_SYS_PLCY_DEF_CLR:
1031 /* want to remove the role switch policy */
1032 bta_dm_cb.role_policy_mask |= mask;
1033 bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH;
1034 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
1035 break;
1036 }
1037 }
1038
1039
1040 /*******************************************************************************
1041 **
1042 ** Function bta_dm_auth_reply
1043 **
1044 ** Description Send the authorization reply to a request from BTM
1045 **
1046 **
1047 ** Returns void
1048 **
1049 *******************************************************************************/
bta_dm_auth_reply(tBTA_DM_MSG * p_data)1050 void bta_dm_auth_reply (tBTA_DM_MSG *p_data)
1051 {
1052
1053 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
1054 UINT8 btm_mask_index = 0;
1055 UINT32 * current_trusted_mask;
1056
1057 current_trusted_mask = BTM_ReadTrustedMask(p_data->auth_reply.bd_addr);
1058
1059 if(current_trusted_mask)
1060 {
1061 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
1062 }
1063 else
1064 {
1065 memset(trusted_mask, 0, sizeof(trusted_mask));
1066 }
1067
1068 if(p_data->auth_reply.response != BTA_DM_NOT_AUTH)
1069 {
1070 if(p_data->auth_reply.response == BTA_DM_AUTH_PERM)
1071 {
1072 if(p_data->auth_reply.service < BTA_MAX_SERVICE_ID)
1073 {
1074 /* convert BTA service id to BTM mask */
1075 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] / 32;
1076 trusted_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] - (UINT32)(btm_mask_index * 32)));
1077
1078 }
1079 }
1080 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_SUCCESS,trusted_mask);
1081 }
1082 else
1083 {
1084 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_NOT_AUTHORIZED,trusted_mask);
1085 }
1086
1087 }
1088
1089 /*******************************************************************************
1090 **
1091 ** Function bta_dm_confirm
1092 **
1093 ** Description Send the user confirm request reply in response to a
1094 ** request from BTM
1095 **
1096 ** Returns void
1097 **
1098 *******************************************************************************/
bta_dm_confirm(tBTA_DM_MSG * p_data)1099 void bta_dm_confirm(tBTA_DM_MSG *p_data)
1100 {
1101 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1102
1103 if(p_data->confirm.accept == TRUE)
1104 res = BTM_SUCCESS;
1105 BTM_ConfirmReqReply(res, p_data->confirm.bd_addr);
1106 }
1107
1108 /*******************************************************************************
1109 **
1110 ** Function bta_dm_passkey_cancel
1111 **
1112 ** Description Send the passkey cancel from SP initiator by sending a negative
1113 ** passkey request replyreply.
1114 ** Returns void
1115 **
1116 *******************************************************************************/
1117 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
bta_dm_passkey_cancel(tBTA_DM_MSG * p_data)1118 void bta_dm_passkey_cancel(tBTA_DM_MSG *p_data)
1119 {
1120 BTM_PasskeyReqReply(BTM_NOT_AUTHORIZED, p_data->passkey_cancel.bd_addr, 0);
1121 }
1122 #endif
1123
1124 /*******************************************************************************
1125 **
1126 ** Function bta_dm_loc_oob
1127 **
1128 ** Description Retrieve the OOB data from the local LM
1129 **
1130 ** Returns void
1131 **
1132 *******************************************************************************/
1133 #if (BTM_OOB_INCLUDED == TRUE)
bta_dm_loc_oob(tBTA_DM_MSG * p_data)1134 void bta_dm_loc_oob(tBTA_DM_MSG *p_data)
1135 {
1136 BTM_ReadLocalOobData();
1137 }
1138
1139 /*******************************************************************************
1140 **
1141 ** Function bta_dm_ci_io_req_act
1142 **
1143 ** Description respond to the IO capabilities request from BTM
1144 **
1145 ** Returns void
1146 **
1147 *******************************************************************************/
bta_dm_ci_io_req_act(tBTA_DM_MSG * p_data)1148 void bta_dm_ci_io_req_act(tBTA_DM_MSG *p_data)
1149 {
1150 tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO;
1151 if(p_data->ci_io_req.auth_req)
1152 auth_req = BTM_AUTH_AP_YES;
1153 BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap,
1154 p_data->ci_io_req.oob_data, auth_req);
1155 }
1156
1157 /*******************************************************************************
1158 **
1159 ** Function bta_dm_ci_rmt_oob_act
1160 **
1161 ** Description respond to the OOB data request for the remote device from BTM
1162 **
1163 **
1164 ** Returns void
1165 **
1166 *******************************************************************************/
bta_dm_ci_rmt_oob_act(tBTA_DM_MSG * p_data)1167 void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG *p_data)
1168 {
1169 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1170
1171 if(p_data->ci_rmt_oob.accept == TRUE)
1172 res = BTM_SUCCESS;
1173 BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr,
1174 p_data->ci_rmt_oob.c, p_data->ci_rmt_oob.r );
1175 }
1176 #endif /* BTM_OOB_INCLUDED */
1177
1178 /*******************************************************************************
1179 **
1180 ** Function bta_dm_search_start
1181 **
1182 ** Description Starts an inquiry
1183 **
1184 **
1185 ** Returns void
1186 **
1187 *******************************************************************************/
bta_dm_search_start(tBTA_DM_MSG * p_data)1188 void bta_dm_search_start (tBTA_DM_MSG *p_data)
1189 {
1190 tBTM_INQUIRY_CMPL result;
1191
1192 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1193 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->search.num_uuid);
1194 #endif
1195
1196 APPL_TRACE_DEBUG1("bta_dm_search_start avoid_scatter=%d", bta_dm_cfg.avoid_scatter);
1197 if (bta_dm_cfg.avoid_scatter &&
1198 (p_data->search.rs_res == BTA_DM_RS_NONE) && bta_dm_check_av(BTA_DM_API_SEARCH_EVT))
1199 {
1200 memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH));
1201 return;
1202 }
1203
1204 BTM_ClearInqDb(NULL);
1205 /* save search params */
1206 bta_dm_search_cb.p_search_cback = p_data->search.p_cback;
1207 bta_dm_search_cb.services = p_data->search.services;
1208
1209 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1210 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1211
1212 if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 &&
1213 p_data->search.p_uuid != NULL)
1214 {
1215 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1216 {
1217 APPL_TRACE_ERROR0("bta_dm_search_start no resources");
1218
1219 result.status = BTA_FAILURE;
1220 result.num_resp = 0;
1221 bta_dm_inq_cmpl_cb ((void *)&result);
1222 return;
1223 }
1224 // bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len);
1225 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len);
1226 }
1227 #endif
1228 result.status = BTM_StartInquiry( (tBTM_INQ_PARMS*)&p_data->search.inq_params,
1229 bta_dm_inq_results_cb,
1230 (tBTM_CMPL_CB*) bta_dm_inq_cmpl_cb);
1231
1232 APPL_TRACE_EVENT1("bta_dm_search_start status=%d", result.status);
1233 if (result.status != BTM_CMD_STARTED)
1234 {
1235 result.num_resp = 0;
1236 bta_dm_inq_cmpl_cb ((void *)&result);
1237 }
1238
1239 }
1240
1241 /*******************************************************************************
1242 **
1243 ** Function bta_dm_search_cancel
1244 **
1245 ** Description Cancels an ongoing search for devices
1246 **
1247 **
1248 ** Returns void
1249 **
1250 *******************************************************************************/
bta_dm_search_cancel(tBTA_DM_MSG * p_data)1251 void bta_dm_search_cancel (tBTA_DM_MSG *p_data)
1252 {
1253
1254 tBTA_DM_MSG * p_msg;
1255
1256 if(BTM_IsInquiryActive())
1257 {
1258 BTM_CancelInquiry();
1259 bta_dm_search_cancel_notify(NULL);
1260
1261 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1262 {
1263 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1264 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1265 bta_sys_sendmsg(p_msg);
1266
1267 }
1268 }
1269 /* If no Service Search going on then issue cancel remote name in case it is active */
1270 else if (!bta_dm_search_cb.name_discover_done)
1271 {
1272 BTM_CancelRemoteDeviceName();
1273 }
1274 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1275 if (bta_dm_search_cb.gatt_disc_active)
1276 {
1277 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
1278 }
1279 #endif
1280 }
1281
1282 /*******************************************************************************
1283 **
1284 ** Function bta_dm_discover
1285 **
1286 ** Description Discovers services on a remote device
1287 **
1288 **
1289 ** Returns void
1290 **
1291 *******************************************************************************/
bta_dm_discover(tBTA_DM_MSG * p_data)1292 void bta_dm_discover (tBTA_DM_MSG *p_data)
1293 {
1294 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1295 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->discover.num_uuid);
1296 #endif
1297 APPL_TRACE_EVENT2("bta_dm_discover services_to_search=0x%04X, sdp_search=%d",
1298 p_data->discover.services, p_data->discover.sdp_search);
1299
1300 /* save the search condition */
1301 bta_dm_search_cb.services = p_data->discover.services;
1302
1303 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1304 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1305 if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 &&
1306 p_data->discover.p_uuid != NULL)
1307 {
1308 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1309 {
1310 p_data->discover.p_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1311 return;
1312 }
1313 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len);
1314 }
1315 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
1316 #endif
1317
1318 bta_dm_search_cb.p_search_cback = p_data->discover.p_cback;
1319 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1320 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
1321 bta_dm_search_cb.service_index = 0;
1322 bta_dm_search_cb.services_found = 0;
1323 bta_dm_search_cb.peer_name[0] = 0;
1324 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1325 bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr);
1326
1327 bta_dm_search_cb.name_discover_done = FALSE;
1328 memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID));
1329 bta_dm_discover_device(p_data->discover.bd_addr);
1330 }
1331
1332 /*******************************************************************************
1333 **
1334 ** Function bta_dm_di_disc_cmpl
1335 **
1336 ** Description Sends event to application when DI discovery complete
1337 **
1338 ** Returns void
1339 **
1340 *******************************************************************************/
bta_dm_di_disc_cmpl(tBTA_DM_MSG * p_data)1341 void bta_dm_di_disc_cmpl(tBTA_DM_MSG *p_data)
1342 {
1343 tBTA_DM_DI_DISC_CMPL di_disc;
1344
1345 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1346 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1347
1348 if((p_data->hdr.offset == SDP_SUCCESS)
1349 || (p_data->hdr.offset == SDP_DB_FULL))
1350 {
1351 di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db);
1352 }
1353 else
1354 di_disc.result = BTA_FAILURE;
1355
1356 bta_dm_di_cb.p_di_db = NULL;
1357 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, (tBTA_DM_SEARCH *) &di_disc);
1358 }
1359
1360 /*******************************************************************************
1361 **
1362 ** Function bta_dm_di_disc_callback
1363 **
1364 ** Description This function queries a remote device for DI information.
1365 **
1366 **
1367 ** Returns void
1368 **
1369 *******************************************************************************/
bta_dm_di_disc_callback(UINT16 result)1370 static void bta_dm_di_disc_callback(UINT16 result)
1371 {
1372 tBTA_DM_MSG * p_msg;
1373
1374 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1375 {
1376 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1377 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1378 p_msg->hdr.offset = result;
1379 bta_sys_sendmsg(p_msg);
1380 }
1381 }
1382
1383 /*******************************************************************************
1384 **
1385 ** Function bta_dm_disable_search_and_disc
1386 **
1387 ** Description Cancels an ongoing search or discovery for devices in case of
1388 ** a Bluetooth disable
1389 **
1390 **
1391 ** Returns void
1392 **
1393 *******************************************************************************/
bta_dm_disable_search_and_disc(void)1394 static void bta_dm_disable_search_and_disc (void)
1395 {
1396 tBTA_DM_DI_DISC_CMPL di_disc;
1397 tBTA_DM_MSG * p_msg;
1398
1399 if(BTM_IsInquiryActive()||(bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE))
1400 {
1401 BTM_CancelInquiry();
1402 bta_dm_search_cancel_notify(NULL);
1403
1404 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1405 {
1406 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1407 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1408 bta_sys_sendmsg(p_msg);
1409
1410 }
1411 }
1412 /* If no Service Search going on then issue cancel remote name in case it is active */
1413 else if (!bta_dm_search_cb.name_discover_done)
1414 {
1415 BTM_CancelRemoteDeviceName();
1416
1417 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1418 {
1419 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1420 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1421 bta_sys_sendmsg(p_msg);
1422 }
1423 }
1424 else if(bta_dm_di_cb.p_di_db != NULL)
1425 {
1426 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1427 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1428 di_disc.result = BTA_FAILURE;
1429
1430 bta_dm_di_cb.p_di_db = NULL;
1431 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, NULL);
1432 }
1433
1434 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE)
1435 if (bta_dm_search_cb.gatt_disc_active)
1436 {
1437 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
1438 }
1439 #endif
1440 }
1441
1442 /*******************************************************************************
1443 **
1444 ** Function bta_dm_di_disc
1445 **
1446 ** Description This function queries a remote device for DI information.
1447 **
1448 **
1449 ** Returns void
1450 **
1451 *******************************************************************************/
bta_dm_di_disc(tBTA_DM_MSG * p_data)1452 void bta_dm_di_disc (tBTA_DM_MSG *p_data)
1453 {
1454 UINT16 result = BTA_FAILURE;
1455 tBTA_DM_MSG *p_msg;
1456
1457 bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback;
1458 bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.bd_addr);
1459 bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db;
1460
1461 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
1462 {
1463 if ( SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db,
1464 p_data->di_disc.len, bta_dm_di_disc_callback) == SDP_SUCCESS)
1465 {
1466 result = BTA_SUCCESS;
1467 }
1468 }
1469 else
1470 {
1471 APPL_TRACE_ERROR0("No buffer to start DI discovery");
1472 }
1473
1474 if ( result == BTA_FAILURE &&
1475 (p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1476 {
1477 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1478 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1479 p_data->hdr.offset = result;
1480 bta_sys_sendmsg(p_msg);
1481 }
1482 }
1483
1484 /*******************************************************************************
1485 **
1486 ** Function bta_dm_read_remote_device_name
1487 **
1488 ** Description Initiate to get remote device name
1489 **
1490 ** Returns TRUE if started to get remote name
1491 **
1492 *******************************************************************************/
bta_dm_read_remote_device_name(BD_ADDR bd_addr)1493 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr)
1494 {
1495 tBTM_STATUS btm_status;
1496
1497 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name");
1498
1499 bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr);
1500 bta_dm_search_cb.peer_name[0] = 0;
1501
1502 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
1503 (tBTM_CMPL_CB *) bta_dm_remname_cback);
1504
1505 if ( btm_status == BTM_CMD_STARTED )
1506 {
1507 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is started");
1508
1509 return (TRUE);
1510 }
1511 else if ( btm_status == BTM_BUSY )
1512 {
1513 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is busy");
1514
1515 /* Remote name discovery is on going now so BTM cannot notify through "bta_dm_remname_cback" */
1516 /* adding callback to get notified that current reading remore name done */
1517 BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1518
1519 return (TRUE);
1520 }
1521 else
1522 {
1523 APPL_TRACE_WARNING1("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
1524
1525 return (FALSE);
1526 }
1527 }
1528
1529 /*******************************************************************************
1530 **
1531 ** Function bta_dm_inq_cmpl
1532 **
1533 ** Description Process the inquiry complete event from BTM
1534 **
1535 ** Returns void
1536 **
1537 *******************************************************************************/
bta_dm_inq_cmpl(tBTA_DM_MSG * p_data)1538 void bta_dm_inq_cmpl (tBTA_DM_MSG *p_data)
1539 {
1540 tBTA_DM_MSG * p_msg;
1541 tBTA_DM_SEARCH data;
1542
1543 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl");
1544
1545 data.inq_cmpl.num_resps = p_data->inq_cmpl.num;
1546 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data);
1547
1548 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst()) != NULL)
1549 {
1550 /* start name and service discovery from the first device on inquiry result */
1551 bta_dm_search_cb.name_discover_done = FALSE;
1552 bta_dm_search_cb.peer_name[0] = 0;
1553 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
1554 }
1555 else
1556 {
1557 /* no devices, search complete */
1558 bta_dm_search_cb.services = 0;
1559
1560 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1561 {
1562 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1563 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1564 bta_sys_sendmsg(p_msg);
1565 }
1566 }
1567 }
1568
1569 /*******************************************************************************
1570 **
1571 ** Function bta_dm_rmt_name
1572 **
1573 ** Description Process the remote name result from BTM
1574 **
1575 ** Returns void
1576 **
1577 *******************************************************************************/
bta_dm_rmt_name(tBTA_DM_MSG * p_data)1578 void bta_dm_rmt_name (tBTA_DM_MSG *p_data)
1579 {
1580 APPL_TRACE_DEBUG0("bta_dm_rmt_name");
1581
1582 if( p_data->rem_name.result.disc_res.bd_name[0] && bta_dm_search_cb.p_btm_inq_info)
1583 {
1584 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = TRUE;
1585 }
1586
1587 bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr);
1588 }
1589
1590 /*******************************************************************************
1591 **
1592 ** Function bta_dm_disc_rmt_name
1593 **
1594 ** Description Process the remote name result from BTM when application
1595 ** wants to find the name for a bdaddr
1596 **
1597 ** Returns void
1598 **
1599 *******************************************************************************/
bta_dm_disc_rmt_name(tBTA_DM_MSG * p_data)1600 void bta_dm_disc_rmt_name (tBTA_DM_MSG *p_data)
1601 {
1602 tBTM_INQ_INFO *p_btm_inq_info;
1603
1604 APPL_TRACE_DEBUG0("bta_dm_disc_rmt_name");
1605
1606 p_btm_inq_info = BTM_InqDbRead (p_data->rem_name.result.disc_res.bd_addr);
1607 if( p_btm_inq_info )
1608 {
1609 if( p_data->rem_name.result.disc_res.bd_name[0] )
1610 {
1611 p_btm_inq_info->appl_knows_rem_name = TRUE;
1612 }
1613 }
1614
1615 bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr);
1616 }
1617
1618 /*******************************************************************************
1619 **
1620 ** Function bta_dm_sdp_result
1621 **
1622 ** Description Process the discovery result from sdp
1623 **
1624 ** Returns void
1625 **
1626 *******************************************************************************/
bta_dm_sdp_result(tBTA_DM_MSG * p_data)1627 void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
1628 {
1629
1630 tSDP_DISC_REC *p_sdp_rec = NULL;
1631 tBTA_DM_MSG *p_msg;
1632 BOOLEAN service_found = FALSE;
1633 BOOLEAN scn_found = FALSE;
1634 UINT16 service = 0xFFFF;
1635 tSDP_PROTOCOL_ELEM pe;
1636
1637 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1638 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid;
1639 tBTA_DM_SEARCH result;
1640 tBT_UUID service_uuid;
1641 #endif
1642
1643 UINT32 num_uuids = 0;
1644 UINT8 uuid_list[32][MAX_UUID_SIZE]; // assuming a max of 32 services
1645
1646 if((p_data->sdp_event.sdp_result == SDP_SUCCESS)
1647 || (p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH)
1648 || (p_data->sdp_event.sdp_result == SDP_DB_FULL))
1649 {
1650 APPL_TRACE_DEBUG1("sdp_result::0x%x", p_data->sdp_event.sdp_result);
1651 do
1652 {
1653
1654 service_found = FALSE;
1655 p_sdp_rec = NULL;
1656 if( bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID+1) )
1657 {
1658 p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db, &bta_dm_search_cb.uuid, p_sdp_rec);
1659
1660 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe))
1661 {
1662 bta_dm_search_cb.peer_scn = (UINT8) pe.params[0];
1663 scn_found = TRUE;
1664 }
1665 }
1666 else
1667 {
1668 service = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1669 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec);
1670 }
1671 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1672 /* finished with BR/EDR services, now we check the result for GATT based service UUID */
1673 if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID)
1674 {
1675 if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL)
1676 {
1677 p_uuid += (bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search);
1678 /* only support 16 bits UUID for now */
1679 service = p_uuid->uu.uuid16;
1680
1681 }
1682 /* all GATT based services */
1683 do
1684 {
1685 /* find a service record, report it */
1686 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db,
1687 0, p_sdp_rec);
1688 if (p_sdp_rec)
1689 {
1690 if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid))
1691 {
1692 /* send result back to app now, one by one */
1693 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1694 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN));
1695 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
1696 result.disc_ble_res.service.len = service_uuid.len;
1697 result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16;
1698
1699 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
1700 }
1701 }
1702
1703 if (bta_dm_search_cb.uuid_to_search > 0)
1704 break;
1705
1706 } while (p_sdp_rec);
1707 }
1708 else
1709 #endif
1710 {
1711 /* SDP_DB_FULL means some records with the
1712 required attributes were received */
1713 if(((p_data->sdp_event.sdp_result == SDP_DB_FULL) &&
1714 bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) ||
1715 (p_sdp_rec != NULL))
1716 {
1717 /* If Plug and Play service record, check to see if Broadcom stack */
1718 if (service == UUID_SERVCLASS_PNP_INFORMATION)
1719 {
1720 if (p_sdp_rec)
1721 {
1722 if (SDP_FindAttributeInRec (p_sdp_rec, ATTR_ID_EXT_BRCM_VERSION))
1723 {
1724 service_found = TRUE;
1725 }
1726 }
1727 }
1728 else
1729 {
1730 service_found = TRUE;
1731 }
1732
1733 if (service_found)
1734 {
1735 UINT16 tmp_svc = 0xFFFF;
1736 bta_dm_search_cb.services_found |=
1737 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index-1));
1738 tmp_svc = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1739 /* Add to the list of UUIDs */
1740 sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]);
1741 num_uuids++;
1742 }
1743 }
1744 }
1745
1746 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK &&
1747 bta_dm_search_cb.services_to_search == 0)
1748 {
1749 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1750 if ( bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
1751 bta_dm_search_cb.uuid_to_search > 0)
1752 bta_dm_search_cb.uuid_to_search --;
1753
1754 if (bta_dm_search_cb.uuid_to_search == 0 ||
1755 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
1756 #endif
1757 bta_dm_search_cb.service_index++;
1758 }
1759 else /* regular one service per search or PNP search */
1760 break;
1761
1762 }
1763 while(bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID);
1764
1765 // GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1766 // bta_dm_search_cb.p_sdp_db = NULL;
1767 APPL_TRACE_DEBUG1("bta_dm_sdp_result services_found = %04x", bta_dm_search_cb.services_found);
1768
1769 /* Collect the 128-bit services here and put them into the list */
1770 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK)
1771 {
1772 p_sdp_rec = NULL;
1773 do
1774 {
1775 tBT_UUID temp_uuid;
1776 /* find a service record, report it */
1777 p_sdp_rec = SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec);
1778 if (p_sdp_rec)
1779 {
1780 if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid))
1781 {
1782 memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE);
1783 num_uuids++;
1784 }
1785 }
1786 } while (p_sdp_rec);
1787 }
1788 /* if there are more services to search for */
1789 if(bta_dm_search_cb.services_to_search)
1790 {
1791 /* Free up the p_sdp_db before checking the next one */
1792 bta_dm_free_sdp_db(NULL);
1793 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
1794 }
1795 else
1796 {
1797 /* callbacks */
1798 /* start next bd_addr if necessary */
1799
1800 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1801
1802
1803 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1804 {
1805 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1806 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
1807 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
1808 p_msg->disc_result.result.disc_res.raw_data_size = 0;
1809 p_msg->disc_result.result.disc_res.num_uuids = num_uuids;
1810 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
1811 if (num_uuids > 0) {
1812 p_msg->disc_result.result.disc_res.p_uuid_list = (UINT8*)GKI_getbuf(num_uuids*MAX_UUID_SIZE);
1813 if (p_msg->disc_result.result.disc_res.p_uuid_list) {
1814 memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list,
1815 num_uuids*MAX_UUID_SIZE);
1816 } else {
1817 p_msg->disc_result.result.disc_res.num_uuids = 0;
1818 APPL_TRACE_ERROR1("%s: Unable to allocate memory for uuid_list", __FUNCTION__);
1819 }
1820 }
1821 //copy the raw_data to the discovery result structure
1822 //
1823 APPL_TRACE_DEBUG2("bta_dm_sdp_result (raw_data used = 0x%x raw_data_ptr = 0x%x)\r\n",bta_dm_search_cb.p_sdp_db->raw_used, bta_dm_search_cb.p_sdp_db->raw_data);
1824
1825 if ( bta_dm_search_cb.p_sdp_db != NULL && bta_dm_search_cb.p_sdp_db->raw_used != 0 &&
1826 bta_dm_search_cb.p_sdp_db->raw_data != NULL) {
1827
1828 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.p_sdp_db->raw_used);
1829 if ( NULL != p_msg->disc_result.result.disc_res.p_raw_data ) {
1830 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
1831 bta_dm_search_cb.p_sdp_db->raw_data,
1832 bta_dm_search_cb.p_sdp_db->raw_used );
1833
1834 p_msg->disc_result.result.disc_res.raw_data_size =
1835 bta_dm_search_cb.p_sdp_db->raw_used;
1836
1837 } else {
1838 APPL_TRACE_DEBUG1("bta_dm_sdp_result GKI Alloc failed to allocate %d bytes !!\r\n",bta_dm_search_cb.p_sdp_db->raw_used);
1839 }
1840
1841 bta_dm_search_cb.p_sdp_db->raw_data = NULL; //no need to free this - it is a global assigned.
1842 bta_dm_search_cb.p_sdp_db->raw_used = 0;
1843 bta_dm_search_cb.p_sdp_db->raw_size = 0;
1844 }
1845 else {
1846 APPL_TRACE_DEBUG0("bta_dm_sdp_result raw data size is 0 or raw_data is null!!\r\n");
1847 }
1848 /* Done with p_sdp_db. Free it */
1849 bta_dm_free_sdp_db(NULL);
1850 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1851
1852 //Piggy back the SCN over result field
1853 if( scn_found )
1854 {
1855 p_msg->disc_result.result.disc_res.result = (3 + bta_dm_search_cb.peer_scn);
1856 p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK;
1857
1858 APPL_TRACE_EVENT1(" Piggy back the SCN over result field SCN=%d", bta_dm_search_cb.peer_scn);
1859
1860 }
1861 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1862 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1863 bta_dm_get_remname(), (BD_NAME_LEN-1));
1864
1865 /* make sure the string is null terminated */
1866 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1867
1868 bta_sys_sendmsg(p_msg);
1869 }
1870
1871 }
1872
1873 }
1874 else
1875 {
1876 /* conn failed. No need for timer */
1877 if(p_data->sdp_event.sdp_result == SDP_CONN_FAILED || p_data->sdp_event.sdp_result == SDP_CONN_REJECTED
1878 || p_data->sdp_event.sdp_result == SDP_SECURITY_ERR)
1879 bta_dm_search_cb.wait_disc = FALSE;
1880
1881 /* not able to connect go to next device */
1882 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1883 bta_dm_search_cb.p_sdp_db = NULL;
1884
1885 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1886
1887 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1888 {
1889 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1890 p_msg->disc_result.result.disc_res.result = BTA_FAILURE;
1891 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1892 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1893 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1894 bta_dm_get_remname(), (BD_NAME_LEN-1));
1895
1896 /* make sure the string is null terminated */
1897 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1898
1899 bta_sys_sendmsg(p_msg);
1900 }
1901 }
1902 }
1903
1904 /*******************************************************************************
1905 **
1906 ** Function bta_dm_search_cmpl
1907 **
1908 ** Description Sends event to application
1909 **
1910 ** Returns void
1911 **
1912 *******************************************************************************/
bta_dm_search_cmpl(tBTA_DM_MSG * p_data)1913 void bta_dm_search_cmpl (tBTA_DM_MSG *p_data)
1914 {
1915 APPL_TRACE_DEBUG0("bta_dm_search_cmpl");
1916
1917 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1918 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1919 #endif
1920
1921 if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT)
1922 bta_dm_di_disc_cmpl(p_data);
1923 else
1924 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1925 }
1926
1927 /*******************************************************************************
1928 **
1929 ** Function bta_dm_disc_result
1930 **
1931 ** Description Service discovery result when discovering services on a device
1932 **
1933 ** Returns void
1934 **
1935 *******************************************************************************/
bta_dm_disc_result(tBTA_DM_MSG * p_data)1936 void bta_dm_disc_result (tBTA_DM_MSG *p_data)
1937 {
1938 tBTA_DM_MSG * p_msg;
1939
1940 APPL_TRACE_DEBUG0("bta_dm_disc_result");
1941
1942 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1943 /* if any BR/EDR service discovery has been done, report the event */
1944 if ((bta_dm_search_cb.services & ((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK ) & ~BTA_BLE_SERVICE_MASK)))
1945 #endif
1946 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1947
1948 /* send a message to change state */
1949 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1950 {
1951 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1952 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1953 bta_sys_sendmsg(p_msg);
1954 }
1955 }
1956
1957 /*******************************************************************************
1958 **
1959 ** Function bta_dm_search_result
1960 **
1961 ** Description Service discovery result while searching for devices
1962 **
1963 ** Returns void
1964 **
1965 *******************************************************************************/
bta_dm_search_result(tBTA_DM_MSG * p_data)1966 void bta_dm_search_result (tBTA_DM_MSG *p_data)
1967 {
1968 APPL_TRACE_DEBUG2("bta_dm_search_result searching:0x%04x, result:0x%04x",
1969 bta_dm_search_cb.services,
1970 p_data->disc_result.result.disc_res.services);
1971
1972 /* call back if application wants name discovery or found services that application is searching */
1973 if (( !bta_dm_search_cb.services )
1974 ||(( bta_dm_search_cb.services ) && ( p_data->disc_result.result.disc_res.services )))
1975 {
1976 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1977 }
1978
1979 /* if searching did not initiate to create link */
1980 if(!bta_dm_search_cb.wait_disc )
1981 {
1982 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
1983 /* if service searching is done with EIR, don't search next device */
1984 if( bta_dm_search_cb.p_btm_inq_info )
1985 #endif
1986 bta_dm_discover_next_device();
1987 }
1988 else
1989 {
1990 /* wait until link is disconnected or timeout */
1991 bta_dm_search_cb.sdp_results = TRUE;
1992 bta_dm_search_cb.search_timer.p_cback = (TIMER_CBACK*)&bta_dm_search_timer_cback;
1993 bta_sys_start_timer(&bta_dm_search_cb.search_timer, 0, 1000*(L2CAP_LINK_INACTIVITY_TOUT+1) );
1994 }
1995
1996 }
1997
1998 /*******************************************************************************
1999 **
2000 ** Function bta_dm_search_timer_cback
2001 **
2002 ** Description Called when ACL disconnect time is over
2003 **
2004 **
2005 ** Returns void
2006 **
2007 *******************************************************************************/
bta_dm_search_timer_cback(TIMER_LIST_ENT * p_tle)2008 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle)
2009 {
2010
2011 APPL_TRACE_EVENT0(" bta_dm_search_timer_cback ");
2012 bta_dm_search_cb.wait_disc = FALSE;
2013
2014 /* proceed with next device */
2015 bta_dm_discover_next_device();
2016
2017 }
2018
2019
2020 /*******************************************************************************
2021 **
2022 ** Function bta_dm_free_sdp_db
2023 **
2024 ** Description Frees SDP data base
2025 **
2026 ** Returns void
2027 **
2028 *******************************************************************************/
bta_dm_free_sdp_db(tBTA_DM_MSG * p_data)2029 void bta_dm_free_sdp_db (tBTA_DM_MSG *p_data)
2030 {
2031 if(bta_dm_search_cb.p_sdp_db)
2032 {
2033 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2034 bta_dm_search_cb.p_sdp_db = NULL;
2035 }
2036
2037 }
2038
2039 /*******************************************************************************
2040 **
2041 ** Function bta_dm_queue_search
2042 **
2043 ** Description Queues search command while search is being cancelled
2044 **
2045 ** Returns void
2046 **
2047 *******************************************************************************/
bta_dm_queue_search(tBTA_DM_MSG * p_data)2048 void bta_dm_queue_search (tBTA_DM_MSG *p_data)
2049 {
2050 if(bta_dm_search_cb.p_search_queue)
2051 {
2052 GKI_freebuf(bta_dm_search_cb.p_search_queue);
2053 }
2054
2055 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_SEARCH));
2056 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH));
2057
2058 }
2059
2060 /*******************************************************************************
2061 **
2062 ** Function bta_dm_queue_disc
2063 **
2064 ** Description Queues discovery command while search is being cancelled
2065 **
2066 ** Returns void
2067 **
2068 *******************************************************************************/
bta_dm_queue_disc(tBTA_DM_MSG * p_data)2069 void bta_dm_queue_disc (tBTA_DM_MSG *p_data)
2070 {
2071 if(bta_dm_search_cb.p_search_queue)
2072 {
2073 GKI_freebuf(bta_dm_search_cb.p_search_queue);
2074 }
2075
2076 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_DISCOVER));
2077 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER));
2078
2079 }
2080
2081 /*******************************************************************************
2082 **
2083 ** Function bta_dm_search_clear_queue
2084 **
2085 ** Description Clears the queue if API search cancel is called
2086 **
2087 ** Returns void
2088 **
2089 *******************************************************************************/
bta_dm_search_clear_queue(tBTA_DM_MSG * p_data)2090 void bta_dm_search_clear_queue (tBTA_DM_MSG *p_data)
2091 {
2092
2093 if(bta_dm_search_cb.p_search_queue)
2094 {
2095 GKI_freebuf(bta_dm_search_cb.p_search_queue);
2096 bta_dm_search_cb.p_search_queue = NULL;
2097 }
2098
2099
2100 }
2101
2102 /*******************************************************************************
2103 **
2104 ** Function bta_dm_search_cancel_cmpl
2105 **
2106 ** Description Search cancel is complete
2107 **
2108 ** Returns void
2109 **
2110 *******************************************************************************/
bta_dm_search_cancel_cmpl(tBTA_DM_MSG * p_data)2111 void bta_dm_search_cancel_cmpl (tBTA_DM_MSG *p_data)
2112 {
2113
2114 if(bta_dm_search_cb.p_search_queue)
2115 {
2116 bta_sys_sendmsg(bta_dm_search_cb.p_search_queue);
2117 bta_dm_search_cb.p_search_queue = NULL;
2118 }
2119
2120 }
2121
2122 /*******************************************************************************
2123 **
2124 ** Function bta_dm_search_cancel_transac_cmpl
2125 **
2126 ** Description Current Service Discovery or remote name procedure is
2127 ** completed after search cancellation
2128 **
2129 ** Returns void
2130 **
2131 *******************************************************************************/
bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG * p_data)2132 void bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG *p_data)
2133 {
2134
2135 if(bta_dm_search_cb.p_sdp_db)
2136 {
2137 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2138 bta_dm_search_cb.p_sdp_db = NULL;
2139 }
2140
2141 bta_dm_search_cancel_notify(NULL);
2142 }
2143
2144
2145 /*******************************************************************************
2146 **
2147 ** Function bta_dm_search_cancel_notify
2148 **
2149 ** Description Notify application that search has been cancelled
2150 **
2151 ** Returns void
2152 **
2153 *******************************************************************************/
bta_dm_search_cancel_notify(tBTA_DM_MSG * p_data)2154 void bta_dm_search_cancel_notify (tBTA_DM_MSG *p_data)
2155 {
2156 if (bta_dm_search_cb.p_search_cback)
2157 {
2158 bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL);
2159 }
2160 if (!bta_dm_search_cb.name_discover_done)
2161 {
2162 BTM_CancelRemoteDeviceName();
2163 }
2164 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE)
2165 if (bta_dm_search_cb.gatt_disc_active)
2166 {
2167 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2168 }
2169 #endif
2170
2171 }
2172
2173 /*******************************************************************************
2174 **
2175 ** Function bta_dm_find_services
2176 **
2177 ** Description Starts discovery on a device
2178 **
2179 ** Returns void
2180 **
2181 *******************************************************************************/
bta_dm_find_services(BD_ADDR bd_addr)2182 static void bta_dm_find_services ( BD_ADDR bd_addr)
2183 {
2184
2185 tSDP_UUID uuid;
2186 UINT16 attr_list[] = {ATTR_ID_SERVICE_CLASS_ID_LIST, ATTR_ID_EXT_BRCM_VERSION};
2187 UINT16 num_attrs = 1;
2188 tBTA_DM_MSG *p_msg;
2189
2190 memset (&uuid, 0, sizeof(tSDP_UUID));
2191
2192 while(bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID)
2193 {
2194 if( bta_dm_search_cb.services_to_search
2195 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)))
2196 {
2197 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
2198 {
2199 APPL_TRACE_DEBUG1("bta_dm_search_cb.services = %04x***********", bta_dm_search_cb.services);
2200 /* try to search all services by search based on L2CAP UUID */
2201 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK )
2202 {
2203 APPL_TRACE_ERROR1("services_to_search = %08x",bta_dm_search_cb.services_to_search);
2204 if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK)
2205 {
2206 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0];
2207 bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK;
2208 }
2209 else
2210 {
2211 uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP;
2212 bta_dm_search_cb.services_to_search = 0;
2213 }
2214 }
2215 else
2216 {
2217 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2218 /* for LE only profile */
2219 if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID)
2220 {
2221 if (bta_dm_search_cb.uuid_to_search > 0 && bta_dm_search_cb.p_srvc_uuid)
2222 {
2223 memcpy(&uuid,
2224 (const void *)(bta_dm_search_cb.p_srvc_uuid + \
2225 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search),
2226 sizeof(tBT_UUID));
2227
2228 bta_dm_search_cb.uuid_to_search -- ;
2229 }
2230 else
2231 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2232
2233 /* last one? clear the BLE service bit if all discovery has been done */
2234 if (bta_dm_search_cb.uuid_to_search == 0)
2235 bta_dm_search_cb.services_to_search &=
2236 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2237
2238 }
2239 else
2240 #endif
2241 {
2242 /* remove the service from services to be searched */
2243 bta_dm_search_cb.services_to_search &=
2244 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2245 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2246 }
2247 }
2248
2249 if (uuid.len == 0)
2250 uuid.len = LEN_UUID_16;
2251
2252 #if 0
2253 if (uuid.uu.uuid16 == UUID_SERVCLASS_PNP_INFORMATION)
2254 {
2255 num_attrs = 2;
2256 }
2257 #endif
2258
2259 if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID)
2260 {
2261 memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID));
2262 }
2263
2264
2265 APPL_TRACE_ERROR1("****************search UUID = %04x***********", uuid.uu.uuid16);
2266 //SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, num_attrs, attr_list);
2267 SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, 0, NULL);
2268
2269
2270 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2271 bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf;
2272
2273 bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF;
2274
2275 if (!SDP_ServiceSearchAttributeRequest (bd_addr, bta_dm_search_cb.p_sdp_db, &bta_dm_sdp_callback))
2276 {
2277 /* if discovery not successful with this device
2278 proceed to next one */
2279 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2280 bta_dm_search_cb.p_sdp_db = NULL;
2281 bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID;
2282
2283 }
2284 else
2285 {
2286 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2287 if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
2288 bta_dm_search_cb.uuid_to_search == 0) ||
2289 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
2290 #endif
2291 bta_dm_search_cb.service_index++;
2292 return;
2293 }
2294 }
2295 else
2296 {
2297 APPL_TRACE_ERROR0("#### Failed to allocate SDP DB buffer! ####");
2298 }
2299 }
2300
2301 bta_dm_search_cb.service_index++;
2302 }
2303
2304 /* no more services to be discovered */
2305 if(bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID)
2306 {
2307 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2308 {
2309 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2310 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2311 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2312 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2313 bta_dm_get_remname(), (BD_NAME_LEN-1));
2314
2315 /* make sure the string is terminated */
2316 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2317
2318 bta_sys_sendmsg(p_msg);
2319 }
2320 }
2321 }
2322
2323 /*******************************************************************************
2324 **
2325 ** Function bta_dm_discover_next_device
2326 **
2327 ** Description Starts discovery on the next device in Inquiry data base
2328 **
2329 ** Returns void
2330 **
2331 *******************************************************************************/
bta_dm_discover_next_device(void)2332 static void bta_dm_discover_next_device(void)
2333 {
2334
2335 tBTA_DM_MSG * p_msg;
2336
2337 APPL_TRACE_DEBUG0("bta_dm_discover_next_device");
2338
2339 /* searching next device on inquiry result */
2340 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info)) != NULL)
2341 {
2342 bta_dm_search_cb.name_discover_done = FALSE;
2343 bta_dm_search_cb.peer_name[0] = 0;
2344 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
2345 }
2346 else
2347 {
2348 /* no devices, search complete */
2349 bta_dm_search_cb.services = 0;
2350
2351 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2352 {
2353 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
2354 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
2355 bta_sys_sendmsg(p_msg);
2356 }
2357 }
2358 }
2359
2360 /*******************************************************************************
2361 **
2362 ** Function bta_dm_discover_device
2363 **
2364 ** Description Starts name and service discovery on the device
2365 **
2366 ** Returns void
2367 **
2368 *******************************************************************************/
bta_dm_discover_device(BD_ADDR remote_bd_addr)2369 static void bta_dm_discover_device(BD_ADDR remote_bd_addr)
2370 {
2371 tBTA_DM_MSG * p_msg;
2372
2373 APPL_TRACE_DEBUG6("bta_dm_discover_device, BDA:0x%02X%02X%02X%02X%02X%02X",
2374 remote_bd_addr[0],remote_bd_addr[1],
2375 remote_bd_addr[2],remote_bd_addr[3],
2376 remote_bd_addr[4],remote_bd_addr[5]);
2377
2378 bdcpy(bta_dm_search_cb.peer_bdaddr, remote_bd_addr);
2379
2380 APPL_TRACE_DEBUG2("bta_dm_discover_device name_discover_done = %d p_btm_inq_info 0x%x ",
2381 bta_dm_search_cb.name_discover_done,
2382 bta_dm_search_cb.p_btm_inq_info
2383 );
2384 if ( bta_dm_search_cb.p_btm_inq_info ) {
2385
2386 APPL_TRACE_DEBUG1("bta_dm_discover_device appl_knows_rem_name %d",
2387 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name
2388 );
2389 }
2390
2391 /* if name discovery is not done and application needs remote name */
2392 if ((!bta_dm_search_cb.name_discover_done)
2393 && (( bta_dm_search_cb.p_btm_inq_info == NULL )
2394 ||(bta_dm_search_cb.p_btm_inq_info && (!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name))))
2395 {
2396 if( bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr) == TRUE )
2397 {
2398 return;
2399 }
2400 else
2401 {
2402 /* starting name discovery failed */
2403 bta_dm_search_cb.name_discover_done = TRUE;
2404 }
2405 }
2406
2407 /* if application wants to discover service */
2408 if ( bta_dm_search_cb.services )
2409 {
2410 /* initialize variables */
2411 bta_dm_search_cb.service_index = 0;
2412 bta_dm_search_cb.services_found = 0;
2413 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
2414 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2415 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
2416 #endif
2417 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
2418 if ((bta_dm_search_cb.p_btm_inq_info != NULL) &&
2419 bta_dm_search_cb.services != BTA_USER_SERVICE_MASK
2420 &&(bta_dm_search_cb.sdp_search == FALSE))
2421 {
2422 /* check if EIR provides the information of supported services */
2423 bta_dm_eir_search_services( &bta_dm_search_cb.p_btm_inq_info->results,
2424 &bta_dm_search_cb.services_to_search,
2425 &bta_dm_search_cb.services_found );
2426 }
2427
2428 /* if seaching with EIR is not completed */
2429 if(bta_dm_search_cb.services_to_search)
2430 #endif
2431 {
2432 /* check whether connection already exists to the device
2433 if connection exists, we don't have to wait for ACL
2434 link to go down to start search on next device */
2435 if(BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr))
2436 bta_dm_search_cb.wait_disc = FALSE;
2437 else
2438 bta_dm_search_cb.wait_disc = TRUE;
2439
2440 #if (BLE_INCLUDED == TRUE && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
2441 if ( bta_dm_search_cb.p_btm_inq_info )
2442 {
2443 APPL_TRACE_DEBUG3("bta_dm_discover_device p_btm_inq_info 0x%x results.device_type 0x%x services_to_search 0x%x",
2444 bta_dm_search_cb.p_btm_inq_info,
2445 bta_dm_search_cb.p_btm_inq_info->results.device_type,
2446 bta_dm_search_cb.services_to_search
2447 );
2448 }
2449 if (BTM_UseLeLink(bta_dm_search_cb.peer_bdaddr))
2450 /*
2451 if ( bta_dm_search_cb.p_btm_inq_info != NULL &&
2452 bta_dm_search_cb.p_btm_inq_info->results.device_type == BT_DEVICE_TYPE_BLE &&
2453 (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK))*/
2454 {
2455 if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK)
2456 {
2457 //set the raw data buffer here
2458 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2459 bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf;
2460
2461 bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF;
2462 bta_dm_search_cb.ble_raw_used = 0;
2463
2464 /* start GATT for service discovery */
2465 btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2466 return;
2467 }
2468 }
2469 else
2470 #endif
2471 {
2472 bta_dm_search_cb.sdp_results = FALSE;
2473 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
2474
2475 return;
2476 }
2477 }
2478 }
2479
2480 /* name discovery and service discovery are done for this device */
2481 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2482 {
2483 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2484 /* initialize the data structure - includes p_raw_data and raw_data_size */
2485 memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES));
2486 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
2487 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2488 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2489 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2490 (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1));
2491
2492 /* make sure the string is terminated */
2493 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2494
2495 bta_sys_sendmsg(p_msg);
2496 }
2497 }
2498
2499 /*******************************************************************************
2500 **
2501 ** Function bta_dm_sdp_callback
2502 **
2503 ** Description Callback from sdp with discovery status
2504 **
2505 ** Returns void
2506 **
2507 *******************************************************************************/
bta_dm_sdp_callback(UINT16 sdp_status)2508 static void bta_dm_sdp_callback (UINT16 sdp_status)
2509 {
2510
2511 tBTA_DM_SDP_RESULT * p_msg;
2512
2513 if ((p_msg = (tBTA_DM_SDP_RESULT *) GKI_getbuf(sizeof(tBTA_DM_SDP_RESULT))) != NULL)
2514 {
2515 p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT;
2516 p_msg->sdp_result = sdp_status;
2517 bta_sys_sendmsg(p_msg);
2518
2519 }
2520 }
2521
2522 /*******************************************************************************
2523 **
2524 ** Function bta_dm_inq_results_cb
2525 **
2526 ** Description Inquiry results callback from BTM
2527 **
2528 ** Returns void
2529 **
2530 *******************************************************************************/
bta_dm_inq_results_cb(tBTM_INQ_RESULTS * p_inq,UINT8 * p_eir)2531 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
2532 {
2533
2534 tBTA_DM_SEARCH result;
2535 tBTM_INQ_INFO *p_inq_info;
2536 UINT16 service_class;
2537
2538 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
2539 memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN);
2540 BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class);
2541 result.inq_res.is_limited = (service_class & BTM_COD_SERVICE_LMTD_DISCOVER)?TRUE:FALSE;
2542 result.inq_res.rssi = p_inq->rssi;
2543
2544 #if (BLE_INCLUDED == TRUE)
2545 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
2546 result.inq_res.inq_result_type = p_inq->inq_result_type;
2547 result.inq_res.device_type = p_inq->device_type;
2548
2549 #endif
2550
2551 /* application will parse EIR to find out remote device name */
2552 result.inq_res.p_eir = p_eir;
2553
2554 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
2555 {
2556 /* initialize remt_name_not_required to FALSE so that we get the name by default */
2557 result.inq_res.remt_name_not_required = FALSE;
2558
2559 }
2560
2561 if(bta_dm_search_cb.p_search_cback)
2562 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result);
2563
2564 if(p_inq_info)
2565 {
2566 /* application indicates if it knows the remote name, inside the callback
2567 copy that to the inquiry data base*/
2568 if(result.inq_res.remt_name_not_required)
2569 p_inq_info->appl_knows_rem_name = TRUE;
2570
2571 }
2572
2573
2574 }
2575
2576
2577 /*******************************************************************************
2578 **
2579 ** Function bta_dm_inq_cmpl_cb
2580 **
2581 ** Description Inquiry complete callback from BTM
2582 **
2583 ** Returns void
2584 **
2585 *******************************************************************************/
bta_dm_inq_cmpl_cb(void * p_result)2586 static void bta_dm_inq_cmpl_cb (void * p_result)
2587 {
2588
2589 tBTA_DM_MSG * p_msg;
2590
2591 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl_cb");
2592 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2593 {
2594 p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
2595 p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
2596 bta_sys_sendmsg(p_msg);
2597
2598 }
2599
2600
2601 }
2602
2603 /*******************************************************************************
2604 **
2605 ** Function bta_dm_service_search_remname_cback
2606 **
2607 ** Description Remote name call back from BTM during service discovery
2608 **
2609 ** Returns void
2610 **
2611 *******************************************************************************/
bta_dm_service_search_remname_cback(BD_ADDR bd_addr,DEV_CLASS dc,BD_NAME bd_name)2612 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name)
2613 {
2614 tBTM_REMOTE_DEV_NAME rem_name;
2615 tBTM_STATUS btm_status;
2616
2617 APPL_TRACE_DEBUG1("bta_dm_service_search_remname_cback name=<%s>", bd_name);
2618
2619 /* if this is what we are looking for */
2620 if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr))
2621 {
2622 rem_name.length = strlen((char*)bd_name);
2623 if (rem_name.length > (BD_NAME_LEN-1))
2624 {
2625 rem_name.length = (BD_NAME_LEN-1);
2626 rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0;
2627 }
2628 BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2629 rem_name.status = BTM_SUCCESS;
2630
2631 bta_dm_remname_cback(&rem_name);
2632 }
2633 else
2634 {
2635 /* get name of device */
2636 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
2637 (tBTM_CMPL_CB *) bta_dm_remname_cback);
2638 if ( btm_status == BTM_BUSY )
2639 {
2640 /* wait for next chance(notification of remote name discovery done) */
2641 APPL_TRACE_DEBUG0("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName is busy");
2642 }
2643 else if ( btm_status != BTM_CMD_STARTED )
2644 {
2645 /* if failed to start getting remote name then continue */
2646 APPL_TRACE_WARNING1("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
2647
2648 rem_name.length = 0;
2649 rem_name.remote_bd_name[0] = 0;
2650 rem_name.status = btm_status;
2651 bta_dm_remname_cback(&rem_name);
2652 }
2653 }
2654 }
2655
2656
2657 /*******************************************************************************
2658 **
2659 ** Function bta_dm_remname_cback
2660 **
2661 ** Description Remote name complete call back from BTM
2662 **
2663 ** Returns void
2664 **
2665 *******************************************************************************/
bta_dm_remname_cback(tBTM_REMOTE_DEV_NAME * p_remote_name)2666 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name)
2667 {
2668 tBTA_DM_REM_NAME * p_msg;
2669
2670 APPL_TRACE_DEBUG2("bta_dm_remname_cback len = %d name=<%s>", p_remote_name->length,
2671 p_remote_name->remote_bd_name);
2672
2673 /* remote name discovery is done but it could be failed */
2674 bta_dm_search_cb.name_discover_done = TRUE;
2675 BCM_STRNCPY_S((char*)bta_dm_search_cb.peer_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN));
2676 bta_dm_search_cb.peer_name[BD_NAME_LEN]=0;
2677
2678 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
2679 #if BLE_INCLUDED == TRUE
2680 if (BTM_UseLeLink(bta_dm_search_cb.peer_bdaddr))
2681 GAP_BleReadPeerPrefConnParams (bta_dm_search_cb.peer_bdaddr);
2682 #endif
2683 if ((p_msg = (tBTA_DM_REM_NAME *) GKI_getbuf(sizeof(tBTA_DM_REM_NAME))) != NULL)
2684 {
2685 bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2686 BCM_STRNCPY_S((char*)p_msg->result.disc_res.bd_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN));
2687
2688 /* make sure the string is null terminated */
2689 p_msg->result.disc_res.bd_name[BD_NAME_LEN] = 0;
2690
2691 p_msg->hdr.event = BTA_DM_REMT_NAME_EVT;
2692 bta_sys_sendmsg(p_msg);
2693
2694 }
2695 }
2696
2697 /*******************************************************************************
2698 **
2699 ** Function bta_dm_authorize_cback
2700 **
2701 ** Description cback requesting authorization
2702 **
2703 ** Returns void
2704 **
2705 *******************************************************************************/
bta_dm_authorize_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,UINT8 * service_name,UINT8 service_id,BOOLEAN is_originator)2706 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
2707 UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator)
2708 {
2709 tBTA_DM_SEC sec_event;
2710 UINT8 index = 1;
2711
2712 bdcpy(sec_event.authorize.bd_addr, bd_addr);
2713 memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
2714
2715 BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2716
2717 /* make sure the string is null terminated */
2718 sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0;
2719
2720 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2721 sec_event.authorize.service = service_id;
2722 #endif
2723
2724 while(index < BTA_MAX_SERVICE_ID)
2725 {
2726 /* get the BTA service id corresponding to BTM id */
2727 if(bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id)
2728 {
2729 sec_event.authorize.service = index;
2730 break;
2731 }
2732 index++;
2733 }
2734
2735
2736 /* if supported service callback otherwise not authorized */
2737 if(bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID
2738 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2739 /* pass through JV service ID */
2740 || (service_id >= BTA_FIRST_JV_SERVICE_ID && service_id <= BTA_LAST_JV_SERVICE_ID)
2741 #endif
2742 ))
2743 {
2744 bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event);
2745 return BTM_CMD_STARTED;
2746 }
2747 else
2748 {
2749 return BTM_NOT_AUTHORIZED;
2750 }
2751 }
2752
2753
2754
2755
2756
2757 /*******************************************************************************
2758 **
2759 ** Function bta_dm_pinname_cback
2760 **
2761 ** Description Callback requesting pin_key
2762 **
2763 ** Returns void
2764 **
2765 *******************************************************************************/
bta_dm_pinname_cback(void * p_data)2766 static void bta_dm_pinname_cback (void *p_data)
2767 {
2768 tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data;
2769 tBTA_DM_SEC sec_event;
2770 UINT32 bytes_to_copy;
2771 tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt;
2772
2773 if (BTA_DM_SP_CFM_REQ_EVT == event)
2774 {
2775 /* Retrieved saved device class and bd_addr */
2776 bdcpy(sec_event.cfm_req.bd_addr, bta_dm_cb.pin_bd_addr);
2777 BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class);
2778
2779 if (p_result && p_result->status == BTM_SUCCESS)
2780 {
2781 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2782 ? p_result->length : (BD_NAME_LEN-1);
2783 memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2784 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2785 }
2786 else /* No name found */
2787 sec_event.cfm_req.bd_name[0] = 0;
2788
2789 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2790
2791 /* 1 additional event data fields for this event */
2792 sec_event.cfm_req.just_works = bta_dm_cb.just_works;
2793 }
2794 else
2795 {
2796 /* Retrieved saved device class and bd_addr */
2797 bdcpy(sec_event.pin_req.bd_addr, bta_dm_cb.pin_bd_addr);
2798 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class);
2799
2800 if (p_result && p_result->status == BTM_SUCCESS)
2801 {
2802 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2803 ? p_result->length : (BD_NAME_LEN-1);
2804 memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2805 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2806 }
2807 else /* No name found */
2808 sec_event.pin_req.bd_name[0] = 0;
2809
2810 event = bta_dm_cb.pin_evt;
2811 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2812 }
2813
2814 if( bta_dm_cb.p_sec_cback )
2815 bta_dm_cb.p_sec_cback(event, &sec_event);
2816 }
2817
2818
2819
2820 /*******************************************************************************
2821 **
2822 ** Function bta_dm_pin_cback
2823 **
2824 ** Description Callback requesting pin_key
2825 **
2826 ** Returns void
2827 **
2828 *******************************************************************************/
bta_dm_pin_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name)2829 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name)
2830 {
2831 tBTA_DM_SEC sec_event;
2832
2833 if (!bta_dm_cb.p_sec_cback)
2834 return BTM_NOT_AUTHORIZED;
2835
2836 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
2837 if (bd_name[0] == 0)
2838 {
2839 bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT;
2840 bdcpy(bta_dm_cb.pin_bd_addr, bd_addr);
2841 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class);
2842 if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
2843 return BTM_CMD_STARTED;
2844
2845 APPL_TRACE_WARNING0(" bta_dm_pin_cback() -> Failed to start Remote Name Request ");
2846 }
2847
2848 bdcpy(sec_event.pin_req.bd_addr, bd_addr);
2849 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
2850 BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2851 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2852
2853 bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
2854 return BTM_CMD_STARTED;
2855 }
2856
2857
2858
2859 /*******************************************************************************
2860 **
2861 ** Function bta_dm_link_key_request_cback
2862 **
2863 ** Description Callback requesting linkkey
2864 **
2865 ** Returns void
2866 **
2867 *******************************************************************************/
bta_dm_link_key_request_cback(BD_ADDR bd_addr,LINK_KEY key)2868 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key)
2869 {
2870 /* Application passes all link key to
2871 BTM during initialization using add_device
2872 API. If BTM doesn't have the link key in it's
2873 data base, that's because application doesn't
2874 it */
2875
2876 return BTM_NOT_AUTHORIZED;
2877 }
2878
2879
2880
2881
2882
2883 /*******************************************************************************
2884 **
2885 ** Function bta_dm_new_link_key_cback
2886 **
2887 ** Description Callback from BTM to notify new link key
2888 **
2889 ** Returns void
2890 **
2891 *******************************************************************************/
bta_dm_new_link_key_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,LINK_KEY key,UINT8 key_type)2892 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,
2893 BD_NAME bd_name, LINK_KEY key, UINT8 key_type)
2894 {
2895 tBTA_DM_SEC sec_event;
2896 tBTA_DM_AUTH_CMPL *p_auth_cmpl;
2897 UINT8 event;
2898
2899 memset (&sec_event, 0, sizeof(tBTA_DM_SEC));
2900
2901 /* Not AMP Key type */
2902 if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB)
2903 {
2904 event = BTA_DM_AUTH_CMPL_EVT;
2905 p_auth_cmpl = &sec_event.auth_cmpl;
2906
2907 bdcpy(p_auth_cmpl->bd_addr, bd_addr);
2908
2909 memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1));
2910 p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0;
2911
2912 p_auth_cmpl->key_present = TRUE;
2913 p_auth_cmpl->key_type = key_type;
2914 p_auth_cmpl->success = TRUE;
2915
2916 memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN);
2917 sec_event.auth_cmpl.fail_reason = HCI_SUCCESS;
2918
2919 if(bta_dm_cb.p_sec_cback)
2920 {
2921 bta_dm_cb.p_sec_cback(event, &sec_event);
2922 }
2923 }
2924 else
2925 {
2926 APPL_TRACE_WARNING0(" bta_dm_new_link_key_cback() Received AMP Key?? ");
2927 }
2928
2929 return BTM_CMD_STARTED;
2930 }
2931
2932
2933 /*******************************************************************************
2934 **
2935 ** Function bta_dm_authentication_complete_cback
2936 **
2937 ** Description Authentication complete callback from BTM
2938 **
2939 ** Returns void
2940 **
2941 *******************************************************************************/
bta_dm_authentication_complete_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,int result)2942 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result)
2943 {
2944
2945 tBTA_DM_SEC sec_event;
2946
2947 if(result != BTM_SUCCESS)
2948 {
2949 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
2950 bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr);
2951
2952 memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1));
2953 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
2954
2955 /* taken care of by memset [above]
2956 sec_event.auth_cmpl.key_present = FALSE;
2957 sec_event.auth_cmpl.success = FALSE;
2958 */
2959 sec_event.auth_cmpl.fail_reason = (UINT8)result;
2960 if(bta_dm_cb.p_sec_cback)
2961 {
2962 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
2963 }
2964 /* delete this device entry from Sec Dev DB */
2965 bta_dm_remove_sec_dev_entry(bd_addr);
2966
2967 }
2968
2969 return BTM_SUCCESS;
2970 }
2971
2972 /*******************************************************************************
2973 **
2974 ** Function bta_dm_sp_cback
2975 **
2976 ** Description simple pairing callback from BTM
2977 **
2978 ** Returns void
2979 **
2980 *******************************************************************************/
bta_dm_sp_cback(tBTM_SP_EVT event,tBTM_SP_EVT_DATA * p_data)2981 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
2982 {
2983 tBTM_STATUS status = BTM_CMD_STARTED;
2984 tBTA_DM_SEC sec_event;
2985 tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT;
2986
2987 APPL_TRACE_EVENT1("bta_dm_sp_cback: %d", event);
2988 if (!bta_dm_cb.p_sec_cback)
2989 return BTM_NOT_AUTHORIZED;
2990
2991 /* TODO_SP */
2992 switch(event)
2993 {
2994 case BTM_SP_IO_REQ_EVT:
2995 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2996 /* translate auth_req */
2997 bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap,
2998 &p_data->io_req.oob_data, &p_data->io_req.auth_req, p_data->io_req.is_orig);
2999 #endif
3000 #if BTM_OOB_INCLUDED == FALSE
3001 status = BTM_SUCCESS;
3002 #endif
3003
3004 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
3005 break;
3006 case BTM_SP_IO_RSP_EVT:
3007 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
3008 bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap,
3009 p_data->io_rsp.oob_data, p_data->io_rsp.auth_req );
3010 #endif
3011 break;
3012
3013 case BTM_SP_CFM_REQ_EVT:
3014 pin_evt = BTA_DM_SP_CFM_REQ_EVT;
3015 bta_dm_cb.just_works = sec_event.cfm_req.just_works = p_data->cfm_req.just_works;
3016 sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req;
3017 sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req;
3018 sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps;
3019 sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps;
3020 /* continue to next case */
3021 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
3022 /* Passkey entry mode, mobile device with output capability is very
3023 unlikely to receive key request, so skip this event */
3024 /*case BTM_SP_KEY_REQ_EVT: */
3025 case BTM_SP_KEY_NOTIF_EVT:
3026 #endif
3027 bta_dm_cb.num_val = sec_event.key_notif.passkey = p_data->key_notif.passkey;
3028 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
3029 if (p_data->key_notif.bd_name[0] == 0)
3030 {
3031 bta_dm_cb.pin_evt = pin_evt;
3032 bdcpy(bta_dm_cb.pin_bd_addr, p_data->key_notif.bd_addr);
3033 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->key_notif.dev_class);
3034 if ((BTM_ReadRemoteDeviceName(p_data->key_notif.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
3035 return BTM_CMD_STARTED;
3036
3037 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
3038 }
3039 bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr);
3040 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class);
3041 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), (char*)p_data->key_notif.bd_name, (BD_NAME_LEN-1));
3042 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0;
3043
3044 bta_dm_cb.p_sec_cback(pin_evt, &sec_event);
3045
3046 break;
3047
3048 #if BTM_OOB_INCLUDED == TRUE
3049 case BTM_SP_LOC_OOB_EVT:
3050 bta_dm_co_loc_oob((BOOLEAN)(p_data->loc_oob.status == BTM_SUCCESS),
3051 p_data->loc_oob.c, p_data->loc_oob.r);
3052 break;
3053
3054 case BTM_SP_RMT_OOB_EVT:
3055 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
3056 if (p_data->rmt_oob.bd_name[0] == 0)
3057 {
3058 bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT;
3059 bdcpy(bta_dm_cb.pin_bd_addr, p_data->rmt_oob.bd_addr);
3060 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->rmt_oob.dev_class);
3061 if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED)
3062 return BTM_CMD_STARTED;
3063
3064 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
3065 }
3066 bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr);
3067 BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class);
3068 BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1));
3069 sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0;
3070
3071 bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
3072
3073 bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr);
3074 break;
3075 #endif
3076 case BTM_SP_COMPLT_EVT:
3077 /* do not report this event - handled by link_key_callback or auth_complete_callback */
3078 break;
3079
3080 case BTM_SP_KEYPRESS_EVT:
3081 memcpy(&sec_event.key_press, &p_data->key_press, sizeof(tBTM_SP_KEYPRESS));
3082 bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event);
3083 break;
3084
3085 case BTM_SP_UPGRADE_EVT:
3086 bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade );
3087 break;
3088
3089 default:
3090 status = BTM_NOT_AUTHORIZED;
3091 break;
3092 }
3093 APPL_TRACE_EVENT1("dm status: %d", status);
3094 return status;
3095 }
3096
3097 /*******************************************************************************
3098 **
3099 ** Function bta_dm_local_name_cback
3100 **
3101 ** Description Callback from btm after local name is read
3102 **
3103 **
3104 ** Returns void
3105 **
3106 *******************************************************************************/
bta_dm_local_name_cback(UINT8 * p_name)3107 static void bta_dm_local_name_cback(UINT8 *p_name)
3108 {
3109 tBTA_DM_SEC sec_event;
3110
3111 BTM_GetLocalDeviceAddr(sec_event.enable.bd_addr);
3112 sec_event.enable.status = BTA_SUCCESS;
3113
3114 if(bta_dm_cb.p_sec_cback)
3115 bta_dm_cb.p_sec_cback(BTA_DM_ENABLE_EVT, &sec_event);
3116 }
3117
3118 /*******************************************************************************
3119 **
3120 ** Function bta_dm_signal_strength
3121 **
3122 ** Description Callback from btm after local bdaddr is read
3123 **
3124 **
3125 ** Returns void
3126 **
3127 *******************************************************************************/
bta_dm_signal_strength(tBTA_DM_MSG * p_data)3128 void bta_dm_signal_strength(tBTA_DM_MSG *p_data)
3129 {
3130
3131 if(p_data->sig_strength.start)
3132 {
3133 bta_dm_cb.signal_strength_mask = p_data->sig_strength.mask;
3134 bta_dm_cb.signal_strength_period = p_data->sig_strength.period;
3135 bta_dm_signal_strength_timer_cback(NULL);
3136 }
3137 else
3138 {
3139 bta_sys_stop_timer(&bta_dm_cb.signal_strength_timer);
3140 }
3141
3142 }
3143 /*******************************************************************************
3144 **
3145 ** Function bta_dm_signal_strength_timer_cback
3146 **
3147 ** Description Periodic timer callback to read signal strength
3148 **
3149 **
3150 ** Returns void
3151 **
3152 *******************************************************************************/
bta_dm_signal_strength_timer_cback(TIMER_LIST_ENT * p_tle)3153 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle)
3154 {
3155
3156 UINT8 i;
3157
3158 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_RSSI_MASK)
3159 {
3160 for(i=0; i<bta_dm_cb.device_list.count; i++)
3161 {
3162 BTM_ReadRSSI (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_rssi_cback);
3163
3164 }
3165 }
3166 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_LINK_QUALITY_MASK)
3167 {
3168
3169 for(i=0; i<bta_dm_cb.device_list.count; i++)
3170 {
3171 BTM_ReadLinkQuality (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_link_quality_cback);
3172 }
3173
3174 }
3175
3176 if(bta_dm_cb.signal_strength_period)
3177 {
3178 bta_dm_cb.signal_strength_timer.p_cback = (TIMER_CBACK*)&bta_dm_signal_strength_timer_cback;
3179 bta_sys_start_timer(&bta_dm_cb.signal_strength_timer, 0, (UINT32)1000*bta_dm_cb.signal_strength_period);
3180 }
3181 }
3182
3183
3184 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3185 /*******************************************************************************
3186 **
3187 ** Function bta_dm_bl_change_cback
3188 **
3189 ** Description Callback from btm when acl connection goes up or down
3190 **
3191 **
3192 ** Returns void
3193 **
3194 *******************************************************************************/
bta_dm_bl_change_cback(tBTM_BL_EVENT_DATA * p_data)3195 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data)
3196 {
3197 tBTA_DM_ACL_CHANGE * p_msg;
3198
3199 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3200 {
3201 p_msg->event = p_data->event;
3202 p_msg->is_new = FALSE;
3203
3204 switch(p_msg->event)
3205 {
3206 case BTM_BL_CONN_EVT:
3207 p_msg->is_new = TRUE;
3208 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3209 break;
3210 case BTM_BL_DISCN_EVT:
3211 bdcpy(p_msg->bd_addr, p_data->discn.p_bda);
3212 break;
3213 case BTM_BL_UPDATE_EVT:
3214 p_msg->busy_level = p_data->update.busy_level;
3215 p_msg->busy_level_flags = p_data->update.busy_level_flags;
3216 break;
3217 case BTM_BL_ROLE_CHG_EVT:
3218 p_msg->new_role = p_data->role_chg.new_role;
3219 p_msg->hci_status = p_data->role_chg.hci_status;
3220 bdcpy(p_msg->bd_addr, p_data->role_chg.p_bda);
3221 break;
3222 case BTM_BL_COLLISION_EVT:
3223 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3224 break;;
3225 }
3226
3227 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3228 bta_sys_sendmsg(p_msg);
3229
3230 }
3231
3232 }
3233 #else
3234
3235 /*******************************************************************************
3236 **
3237 ** Function bta_dm_acl_change_cback
3238 **
3239 ** Description Callback from btm when acl connection goes up or down
3240 **
3241 **
3242 ** Returns void
3243 **
3244 *******************************************************************************/
bta_dm_acl_change_cback(BD_ADDR p_bda,DEV_CLASS p_dc,BD_NAME p_bdn,UINT8 * features,BOOLEAN is_new)3245 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn,
3246 UINT8 *features, BOOLEAN is_new)
3247 {
3248
3249 tBTA_DM_ACL_CHANGE * p_msg;
3250
3251 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3252 {
3253 bdcpy (p_msg->bd_addr, p_bda);
3254 p_msg->is_new = is_new;
3255
3256 /* This is collision case */
3257 if (features != NULL)
3258 {
3259 if ((features[0] == 0xFF) && !is_new)
3260 p_msg->event = BTM_BL_COLLISION_EVT;
3261 }
3262
3263 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3264 bta_sys_sendmsg(p_msg);
3265
3266 }
3267
3268 }
3269 #endif
3270 /*******************************************************************************
3271 **
3272 ** Function bta_dm_rs_cback
3273 **
3274 ** Description Receives the role switch complete event
3275 **
3276 ** Returns
3277 **
3278 *******************************************************************************/
bta_dm_rs_cback(tBTM_ROLE_SWITCH_CMPL * p1)3279 static void bta_dm_rs_cback (tBTM_ROLE_SWITCH_CMPL *p1)
3280 {
3281 APPL_TRACE_WARNING1("bta_dm_rs_cback:%d", bta_dm_cb.rs_event);
3282 if(bta_dm_cb.rs_event == BTA_DM_API_SEARCH_EVT)
3283 {
3284 bta_dm_cb.search_msg.rs_res = BTA_DM_RS_OK; /* do not care about the result for now */
3285 bta_dm_cb.rs_event = 0;
3286 bta_dm_search_start((tBTA_DM_MSG *)&bta_dm_cb.search_msg);
3287 }
3288 }
3289
3290 /*******************************************************************************
3291 **
3292 ** Function bta_dm_check_av
3293 **
3294 ** Description This function checks if AV is active
3295 ** if yes, make sure the AV link is master
3296 **
3297 ** Returns BOOLEAN - TRUE, if switch is in progress
3298 **
3299 *******************************************************************************/
bta_dm_check_av(UINT16 event)3300 static BOOLEAN bta_dm_check_av(UINT16 event)
3301 {
3302 BOOLEAN avoid_roleswitch = FALSE;
3303 BOOLEAN switching = FALSE;
3304 UINT8 i;
3305 tBTA_DM_PEER_DEVICE *p_dev;
3306
3307 #if defined(BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY) && (BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY == TRUE)
3308
3309 /* avoid role switch upon inquiry if a2dp is actively streaming as it
3310 introduces an audioglitch due to FW scheduling delays (unavoidable) */
3311 if (event == BTA_DM_API_SEARCH_EVT)
3312 {
3313 avoid_roleswitch = TRUE;
3314 }
3315 #endif
3316
3317 APPL_TRACE_WARNING1("bta_dm_check_av:%d", bta_dm_cb.cur_av_count);
3318 if(bta_dm_cb.cur_av_count)
3319 {
3320 for(i=0; i<bta_dm_cb.device_list.count; i++)
3321 {
3322 p_dev = &bta_dm_cb.device_list.peer_device[i];
3323 APPL_TRACE_WARNING4("[%d]: state:%d, info:x%x, avoid_rs %d",
3324 i, p_dev->conn_state, p_dev->info, avoid_roleswitch);
3325 if((p_dev->conn_state == BTA_DM_CONNECTED) && (p_dev->info & BTA_DM_DI_AV_ACTIVE) &&
3326 (avoid_roleswitch == FALSE))
3327 {
3328 /* make master and take away the role switch policy */
3329 if(BTM_CMD_STARTED == BTM_SwitchRole (p_dev->peer_bdaddr, HCI_ROLE_MASTER, (tBTM_CMPL_CB *)bta_dm_rs_cback))
3330 {
3331 /* the role switch command is actually sent */
3332 bta_dm_cb.rs_event = event;
3333 switching = TRUE;
3334 }
3335 /* else either already master or can not switch for some reasons */
3336 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3337 break;
3338 }
3339 }
3340 }
3341 return switching;
3342 }
3343
3344 /*******************************************************************************
3345 **
3346 ** Function bta_dm_acl_change
3347 **
3348 ** Description Process BTA_DM_ACL_CHANGE_EVT
3349 **
3350 **
3351 ** Returns void
3352 **
3353 *******************************************************************************/
bta_dm_acl_change(tBTA_DM_MSG * p_data)3354 void bta_dm_acl_change(tBTA_DM_MSG *p_data)
3355 {
3356
3357 UINT8 i;
3358 UINT8 *p;
3359 tBTA_DM_SEC conn;
3360 BOOLEAN is_new = p_data->acl_change.is_new;
3361 BD_ADDR_PTR p_bda = p_data->acl_change.bd_addr;
3362 BOOLEAN need_policy_change = FALSE;
3363 BOOLEAN issue_unpair_cb = FALSE;
3364
3365 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE)
3366 tBTA_DM_PEER_DEVICE *p_dev;
3367
3368 switch(p_data->acl_change.event)
3369 {
3370 case BTM_BL_UPDATE_EVT: /* busy level update */
3371 if( bta_dm_cb.p_sec_cback )
3372 {
3373 conn.busy_level.level = p_data->acl_change.busy_level;
3374 conn.busy_level.level_flags = p_data->acl_change.busy_level_flags;
3375 bta_dm_cb.p_sec_cback(BTA_DM_BUSY_LEVEL_EVT, &conn);
3376 }
3377 return;
3378
3379 case BTM_BL_ROLE_CHG_EVT: /* role change event */
3380 p_dev = bta_dm_find_peer_device(p_bda);
3381 if(p_dev)
3382 {
3383 APPL_TRACE_DEBUG3("bta_dm_acl_change role chg info:x%x new_role:%d dev count:%d",
3384 p_dev->info, p_data->acl_change.new_role, bta_dm_cb.device_list.count);
3385 if(p_dev->info & BTA_DM_DI_AV_ACTIVE)
3386 {
3387 /* there's AV activity on this link */
3388 if(p_data->acl_change.new_role == HCI_ROLE_SLAVE && bta_dm_cb.device_list.count > 1
3389 && p_data->acl_change.hci_status == HCI_SUCCESS)
3390 {
3391 /* more than one connections and the AV connection is role switched to slave
3392 * switch it back to master and remove the switch policy */
3393 BTM_SwitchRole(p_bda, BTM_ROLE_MASTER, NULL);
3394 need_policy_change = TRUE;
3395 }
3396 else if (bta_dm_cfg.avoid_scatter && (p_data->acl_change.new_role == HCI_ROLE_MASTER))
3397 {
3398 /* if the link updated to be master include AV activities, remove the switch policy */
3399 need_policy_change = TRUE;
3400 }
3401
3402 if(need_policy_change)
3403 {
3404 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3405 }
3406 }
3407 else
3408 {
3409 /* there's AV no activity on this link and role switch happened
3410 * check if AV is active
3411 * if so, make sure the AV link is master */
3412 bta_dm_check_av(0);
3413 }
3414 bta_sys_notify_role_chg(p_data->acl_change.bd_addr, p_data->acl_change.new_role, p_data->acl_change.hci_status);
3415 bdcpy(conn.role_chg.bd_addr, p_bda);
3416 conn.role_chg.new_role = (UINT8) p_data->acl_change.new_role;
3417 if( bta_dm_cb.p_sec_cback )
3418 bta_dm_cb.p_sec_cback(BTA_DM_ROLE_CHG_EVT, &conn);
3419 }
3420 return;
3421 }
3422 #endif
3423
3424 /* Collision report from Stack: Notify profiles */
3425 if (p_data->acl_change.event == BTM_BL_COLLISION_EVT)
3426 {
3427 bta_sys_notify_collision (p_bda);
3428 return;
3429 }
3430
3431 if(is_new)
3432 {
3433 for(i=0; i<bta_dm_cb.device_list.count; i++)
3434 {
3435 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda))
3436 break;
3437
3438 }
3439
3440 if(i == bta_dm_cb.device_list.count)
3441 {
3442 bdcpy(bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].peer_bdaddr, p_bda);
3443 bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].link_policy = bta_dm_cb.cur_policy;
3444 bta_dm_cb.device_list.count++;
3445 }
3446
3447 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_CONNECTED;
3448 bta_dm_cb.device_list.peer_device[i].pref_role = BTA_ANY_ROLE;
3449 bdcpy(conn.link_up.bd_addr, p_bda);
3450 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_NONE;
3451 if( ((NULL != (p = BTM_ReadLocalFeatures ())) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) &&
3452 ((NULL != (p = BTM_ReadRemoteFeatures (p_bda))) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) )
3453 {
3454 /* both local and remote devices support SSR */
3455 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_USE_SSR;
3456 }
3457 APPL_TRACE_WARNING1("info:x%x", bta_dm_cb.device_list.peer_device[i].info);
3458 if( bta_dm_cb.p_sec_cback )
3459 bta_dm_cb.p_sec_cback(BTA_DM_LINK_UP_EVT, &conn);
3460
3461 }
3462 else
3463 {
3464 for(i=0; i<bta_dm_cb.device_list.count; i++)
3465 {
3466 if(bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda))
3467 continue;
3468
3469 if( bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_UNPAIRING )
3470 {
3471 BTM_SecDeleteDevice(bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
3472 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
3473 /* remove all cached GATT information */
3474 BTA_GATTC_Refresh(p_bda);
3475 #endif
3476 issue_unpair_cb = TRUE;
3477 }
3478
3479 conn.link_down.is_removed = bta_dm_cb.device_list.peer_device[i].remove_dev_pending;
3480
3481 for(; i<bta_dm_cb.device_list.count ; i++)
3482 {
3483 memcpy(&bta_dm_cb.device_list.peer_device[i], &bta_dm_cb.device_list.peer_device[i+1], sizeof(bta_dm_cb.device_list.peer_device[i]));
3484 }
3485 break;
3486 }
3487 if(bta_dm_cb.device_list.count)
3488 bta_dm_cb.device_list.count--;
3489
3490 if(bta_dm_search_cb.wait_disc && !bdcmp(bta_dm_search_cb.peer_bdaddr, p_bda))
3491 {
3492 bta_dm_search_cb.wait_disc = FALSE;
3493
3494 if(bta_dm_search_cb.sdp_results)
3495 {
3496 APPL_TRACE_EVENT0(" timer stopped ");
3497 bta_sys_stop_timer(&bta_dm_search_cb.search_timer);
3498 bta_dm_discover_next_device();
3499 }
3500
3501 }
3502
3503 if(bta_dm_cb.disabling)
3504 {
3505 if(!BTM_GetNumAclLinks())
3506 {
3507 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
3508 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
3509 /* start a timer to make sure that the profiles get the disconnect event */
3510 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1000);
3511 }
3512 }
3513 if (conn.link_down.is_removed)
3514 {
3515 BTM_SecDeleteDevice(p_bda);
3516 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
3517 /* need to remove all pending background connection */
3518 BTA_GATTC_CancelOpen(0, p_bda, FALSE);
3519 /* remove all cached GATT information */
3520 BTA_GATTC_Refresh(p_bda);
3521 #endif
3522 }
3523
3524 bdcpy(conn.link_down.bd_addr, p_bda);
3525 conn.link_down.status = (UINT8) btm_get_acl_disc_reason_code();
3526 if( bta_dm_cb.p_sec_cback )
3527 {
3528 bta_dm_cb.p_sec_cback(BTA_DM_LINK_DOWN_EVT, &conn);
3529 if( issue_unpair_cb )
3530 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &conn);
3531 }
3532 }
3533
3534 bta_dm_adjust_roles(TRUE);
3535 }
3536
3537 /*******************************************************************************
3538 **
3539 ** Function bta_dm_disable_conn_down_timer_cback
3540 **
3541 ** Description Sends disable event to application
3542 **
3543 **
3544 ** Returns void
3545 **
3546 *******************************************************************************/
bta_dm_disable_conn_down_timer_cback(TIMER_LIST_ENT * p_tle)3547 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle)
3548 {
3549 tBTA_SYS_HW_MSG *sys_enable_event;
3550
3551 /* disable the power managment module */
3552 bta_dm_disable_pm();
3553
3554 /* register our callback to SYS HW manager */
3555 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
3556
3557 /* send a message to BTA SYS */
3558 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
3559 {
3560 sys_enable_event->hdr.event = BTA_SYS_API_DISABLE_EVT;
3561 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
3562 bta_sys_sendmsg(sys_enable_event);
3563 }
3564
3565 bta_dm_cb.disabling = FALSE;
3566
3567 }
3568
3569 /*******************************************************************************
3570 **
3571 ** Function bta_dm_rssi_cback
3572 **
3573 ** Description Callback from btm with rssi values
3574 **
3575 **
3576 ** Returns void
3577 **
3578 *******************************************************************************/
bta_dm_rssi_cback(tBTM_RSSI_RESULTS * p_result)3579 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result)
3580 {
3581 tBTA_DM_SEC sec_event;
3582
3583 if(p_result->status == BTM_SUCCESS)
3584 {
3585
3586 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda);
3587 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_RSSI_MASK;
3588 sec_event.sig_strength.rssi_value = p_result->rssi;
3589 if( bta_dm_cb.p_sec_cback!= NULL )
3590 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event);
3591
3592 }
3593 }
3594
3595 /*******************************************************************************
3596 **
3597 ** Function bta_dm_link_quality_cback
3598 **
3599 ** Description Callback from btm with link quality value
3600 **
3601 **
3602 ** Returns void
3603 **
3604 *******************************************************************************/
bta_dm_link_quality_cback(tBTM_LINK_QUALITY_RESULTS * p_result)3605 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result)
3606 {
3607
3608 tBTA_DM_SEC sec_event;
3609
3610 if(p_result->status == BTM_SUCCESS)
3611 {
3612
3613 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda);
3614 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_LINK_QUALITY_MASK;
3615 sec_event.sig_strength.link_quality_value = p_result->link_quality;
3616 if( bta_dm_cb.p_sec_cback!= NULL )
3617 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event);
3618
3619 }
3620 }
3621
3622 /*******************************************************************************
3623 **
3624 ** Function bta_dm_rm_cback
3625 **
3626 ** Description Role management callback from sys
3627 **
3628 **
3629 ** Returns void
3630 **
3631 *******************************************************************************/
bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status,UINT8 id,UINT8 app_id,BD_ADDR peer_addr)3632 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
3633 {
3634
3635 UINT8 j;
3636 tBTA_PREF_ROLES role;
3637 tBTA_DM_PEER_DEVICE *p_dev;
3638
3639 p_dev = bta_dm_find_peer_device(peer_addr);
3640 if( status == BTA_SYS_CONN_OPEN)
3641 {
3642 if(p_dev)
3643 {
3644 /* Do not set to connected if we are in the middle of unpairing. When AV stream is
3645 * started it fakes out a SYS_CONN_OPEN to potentially trigger a role switch command.
3646 * But this should not be done if we are in the middle of unpairing.
3647 */
3648 if (p_dev->conn_state != BTA_DM_UNPAIRING)
3649 p_dev->conn_state = BTA_DM_CONNECTED;
3650
3651 for(j=1; j<= p_bta_dm_rm_cfg[0].app_id; j++)
3652 {
3653 if(((p_bta_dm_rm_cfg[j].app_id == app_id) || (p_bta_dm_rm_cfg[j].app_id == BTA_ALL_APP_ID))
3654 && (p_bta_dm_rm_cfg[j].id == id))
3655 {
3656 role = p_bta_dm_rm_cfg[j].cfg;
3657
3658 if(role > p_dev->pref_role )
3659 p_dev->pref_role = role;
3660 break;
3661 }
3662 }
3663
3664 }
3665
3666 }
3667
3668 if((BTA_ID_AV == id)||(BTA_ID_AVK ==id))
3669 {
3670 if( status == BTA_SYS_CONN_BUSY)
3671 {
3672 if(p_dev)
3673 p_dev->info |= BTA_DM_DI_AV_ACTIVE;
3674 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3675 if(BTA_ID_AV == id)
3676 bta_dm_cb.cur_av_count = app_id;
3677 }
3678 else if( status == BTA_SYS_CONN_IDLE)
3679 {
3680 if(p_dev)
3681 p_dev->info &= ~BTA_DM_DI_AV_ACTIVE;
3682 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3683 if(BTA_ID_AV == id)
3684 bta_dm_cb.cur_av_count = app_id;
3685 }
3686 APPL_TRACE_WARNING2("bta_dm_rm_cback:%d, status:%d", bta_dm_cb.cur_av_count, status);
3687 }
3688 else if ((status == BTA_SYS_CONN_BUSY) || (status == BTA_SYS_CONN_IDLE))
3689 {
3690 /* Do not do role switch management for non-AV profiles when data flow starts/stops */
3691 return;
3692 }
3693
3694 bta_dm_adjust_roles(FALSE);
3695
3696 }
3697
3698 /*******************************************************************************
3699 **
3700 ** Function bta_dm_dev_blacklisted_for_switch
3701 **
3702 ** Description Checks if the device is blacklisted for immediate role switch after connection.
3703 **
3704 ** Returns TRUE if dev is blacklisted else FALSE
3705 **
3706 *******************************************************************************/
bta_dm_dev_blacklisted_for_switch(BD_ADDR remote_bd_addr)3707 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr)
3708 {
3709 UINT16 manufacturer = 0;
3710 UINT16 lmp_sub_version = 0;
3711 UINT8 lmp_version = 0;
3712 UINT8 i = 0;
3713
3714 if (BTM_ReadRemoteVersion(remote_bd_addr, &lmp_version,
3715 &manufacturer, &lmp_sub_version) == BTM_SUCCESS)
3716 {
3717 /* Check if this device version info matches with is
3718 blacklisted versions for role switch */
3719 for (i = 0; i < BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT; i++)
3720 {
3721 if ((bta_role_switch_blacklist[i].lmp_version == lmp_version) &&
3722 (bta_role_switch_blacklist[i].manufacturer == manufacturer)&&
3723 ((bta_role_switch_blacklist[i].lmp_sub_version & lmp_sub_version) ==
3724 bta_role_switch_blacklist[i].lmp_sub_version))
3725 {
3726 APPL_TRACE_EVENT0("Black list F/W version matches.. Delay Role Switch...");
3727 return TRUE;
3728 }
3729
3730 }
3731 }
3732 return FALSE;
3733 }
3734
3735 /*******************************************************************************
3736 **
3737 ** Function bta_dm_delay_role_switch_cback
3738 **
3739 ** Description Callback from btm to delay a role switch
3740 **
3741 ** Returns void
3742 **
3743 *******************************************************************************/
bta_dm_delay_role_switch_cback(TIMER_LIST_ENT * p_tle)3744 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle)
3745 {
3746 APPL_TRACE_EVENT0("bta_dm_delay_role_switch_cback: initiating Delayed RS");
3747 bta_dm_adjust_roles (FALSE);
3748 }
3749
3750 /*******************************************************************************
3751 **
3752 ** Function bta_dm_remove_sec_dev_entry
3753 **
3754 ** Description Removes device entry from Security device DB if ACL connection with
3755 ** remtoe device does not exist, else schedule for dev entry removal upon
3756 ACL close
3757 **
3758 ** Returns void
3759 **
3760 *******************************************************************************/
bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)3761 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
3762 {
3763 UINT16 index = 0;
3764 if (BTM_IsAclConnectionUp(remote_bd_addr))
3765 {
3766 APPL_TRACE_DEBUG1("%s ACL is not down. Schedule for Dev Removal when ACL closes",
3767 __FUNCTION__);
3768 for (index = 0; index < bta_dm_cb.device_list.count; index ++)
3769 {
3770 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, remote_bd_addr))
3771 break;
3772 }
3773 if (index != bta_dm_cb.device_list.count)
3774 {
3775 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE;
3776 }
3777 else
3778 {
3779 APPL_TRACE_ERROR1(" %s Device does not exist in DB", __FUNCTION__);
3780 }
3781 }
3782 else
3783 {
3784 BTM_SecDeleteDevice (remote_bd_addr);
3785 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
3786 /* need to remove all pending background connection */
3787 BTA_GATTC_CancelOpen(0, remote_bd_addr, FALSE);
3788 /* remove all cached GATT information */
3789 BTA_GATTC_Refresh(remote_bd_addr);
3790 #endif
3791 }
3792 }
3793
3794
3795 /*******************************************************************************
3796 **
3797 ** Function bta_dm_adjust_roles
3798 **
3799 ** Description Adjust roles
3800 **
3801 **
3802 ** Returns void
3803 **
3804 *******************************************************************************/
bta_dm_adjust_roles(BOOLEAN delay_role_switch)3805 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch)
3806 {
3807
3808 UINT8 i;
3809 BOOLEAN set_master_role = FALSE;
3810
3811 if(bta_dm_cb.device_list.count)
3812 {
3813
3814 /* the configuration is no scatternet
3815 * or AV connection exists and there are more than one ACL link */
3816 if( (p_bta_dm_rm_cfg[0].cfg == BTA_DM_NO_SCATTERNET) ||
3817 (bta_dm_cb.cur_av_count && bta_dm_cb.device_list.count > 1) )
3818 {
3819
3820 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3821 set_master_role = TRUE;
3822
3823 }
3824
3825 for(i=0; i<bta_dm_cb.device_list.count; i++)
3826 {
3827 if(bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED)
3828 {
3829 if(!set_master_role && (bta_dm_cb.device_list.peer_device[i].pref_role != BTA_ANY_ROLE)
3830 && (p_bta_dm_rm_cfg[0].cfg == BTA_DM_PARTIAL_SCATTERNET))
3831 {
3832 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3833 set_master_role = TRUE;
3834 }
3835
3836 if((bta_dm_cb.device_list.peer_device[i].pref_role == BTA_MASTER_ROLE_ONLY)
3837 || (bta_dm_cb.device_list.count > 1))
3838 {
3839
3840 /* Initiating immediate role switch with certain remote devices
3841 has caused issues due to role switch colliding with link encryption setup and
3842 causing encryption (and in turn the link) to fail . These device . Firmware
3843 versions are stored in a blacklist and role switch with these devices are
3844 delayed to avoid the collision with link encryption setup */
3845
3846 if ((delay_role_switch == FALSE) ||
3847 (bta_dm_dev_blacklisted_for_switch(
3848 bta_dm_cb.device_list.peer_device[i].peer_bdaddr) == FALSE))
3849 {
3850 BTM_SwitchRole (bta_dm_cb.device_list.peer_device[i].peer_bdaddr,
3851 HCI_ROLE_MASTER, NULL);
3852 }
3853 else
3854 {
3855 bta_dm_cb.switch_delay_timer.p_cback =
3856 (TIMER_CBACK*)&bta_dm_delay_role_switch_cback;
3857 bta_sys_start_timer(&bta_dm_cb.switch_delay_timer, 0, 500);
3858 }
3859 }
3860
3861 }
3862 }
3863
3864
3865 if(!set_master_role)
3866 {
3867
3868 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3869
3870 }
3871
3872 }
3873 else
3874 {
3875 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3876 }
3877
3878
3879 }
3880
3881 /*******************************************************************************
3882 **
3883 ** Function bta_dm_get_remname
3884 **
3885 ** Description Returns a pointer to the remote name stored in the DM control
3886 ** block if it exists, or from the BTM memory.
3887 **
3888 ** Returns char * - Pointer to the remote device name
3889 *******************************************************************************/
bta_dm_get_remname(void)3890 static char *bta_dm_get_remname(void)
3891 {
3892 char *p_name = (char *)bta_dm_search_cb.peer_name;
3893 char *p_temp;
3894
3895 /* If the name isn't already stored, try retrieving from BTM */
3896 if (*p_name == '\0')
3897 if ((p_temp = BTM_SecReadDevName(bta_dm_search_cb.peer_bdaddr)) != NULL)
3898 p_name = p_temp;
3899
3900 return p_name;
3901 }
3902
3903 /*******************************************************************************
3904 **
3905 ** Function bta_dm_bond_cancel_complete_cback
3906 **
3907 ** Description Authentication complete callback from BTM
3908 **
3909 ** Returns void
3910 **
3911 *******************************************************************************/
bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)3912 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)
3913 {
3914
3915 tBTA_DM_SEC sec_event;
3916
3917 if (result == BTM_SUCCESS)
3918 sec_event.bond_cancel_cmpl.result = BTA_SUCCESS;
3919 else
3920 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
3921
3922 if(bta_dm_cb.p_sec_cback)
3923 {
3924 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
3925 }
3926 }
3927
3928 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )
3929 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3930 /*******************************************************************************
3931 **
3932 ** Function bta_dm_update_eir_uuid
3933 **
3934 ** Description
3935 **
3936 **
3937 *******************************************************************************/
bta_dm_update_eir_uuid(tBTA_DM_MSG * p_data)3938 void bta_dm_update_eir_uuid (tBTA_DM_MSG *p_data)
3939 {
3940 tBTA_DM_API_UPDATE_EIR_UUID *p_msg = (tBTA_DM_API_UPDATE_EIR_UUID *)p_data;
3941 UINT8 xx;
3942 UINT8 empty_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID;
3943 UINT8 match_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID;
3944
3945 for (xx = 0; xx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; xx++)
3946 {
3947 if (bta_dm_cb.custom_uuid[xx].len == 0)
3948 {
3949 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3950 empty_slot = xx;
3951 }
3952 else if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3953 {
3954 if (!memcmp (bta_dm_cb.custom_uuid[xx].uu.uuid128, p_msg->uuid.uu.uuid128, p_msg->uuid.len))
3955 {
3956 match_slot = xx;;
3957 }
3958 }
3959 }
3960
3961 if (p_msg->is_add)
3962 {
3963 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3964 {
3965 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3966 {
3967 APPL_TRACE_ERROR0("No space to add UUID for EIR");
3968 return;
3969 }
3970 else
3971 {
3972 memcpy (&(bta_dm_cb.custom_uuid[empty_slot]), &(p_msg->uuid), sizeof(tBT_UUID));
3973 }
3974 }
3975 else
3976 {
3977 APPL_TRACE_ERROR0("UUID is already added for EIR");
3978 return;
3979 }
3980 }
3981 else
3982 {
3983 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID)
3984 {
3985 APPL_TRACE_ERROR0("UUID is not found for EIR");
3986 return;
3987 }
3988 else
3989 {
3990 memset (&(bta_dm_cb.custom_uuid[match_slot]), 0, sizeof(tBT_UUID));
3991 }
3992 }
3993
3994 bta_dm_set_eir (NULL);
3995 }
3996 #endif
3997
3998 /*******************************************************************************
3999 **
4000 ** Function bta_dm_set_eir_config
4001 **
4002 ** Description
4003 **
4004 **
4005 *******************************************************************************/
bta_dm_set_eir_config(tBTA_DM_MSG * p_data)4006 void bta_dm_set_eir_config (tBTA_DM_MSG *p_data)
4007 {
4008 if (p_data->set_eir_cfg.p_eir_cfg)
4009 {
4010 /* User defined config */
4011 p_bta_dm_eir_cfg = p_data->set_eir_cfg.p_eir_cfg;
4012 }
4013 else
4014 {
4015 /* Back to default config */
4016 p_bta_dm_eir_cfg = (tBTA_DM_EIR_CONF*)&bta_dm_eir_cfg;
4017 }
4018
4019 bta_dm_set_eir (NULL);
4020 }
4021
4022 /*******************************************************************************
4023 **
4024 ** Function bta_dm_set_eir
4025 **
4026 ** Description This function creates EIR tagged data and writes it to controller.
4027 **
4028 ** Returns None
4029 **
4030 *******************************************************************************/
bta_dm_set_eir(char * local_name)4031 static void bta_dm_set_eir (char *local_name)
4032 {
4033 BT_HDR *p_buf;
4034 UINT8 *p;
4035 UINT8 *p_length;
4036 #if (BTA_EIR_CANNED_UUID_LIST != TRUE)
4037 UINT8 *p_type;
4038 UINT8 max_num_uuid;
4039 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
4040 UINT8 custom_uuid_idx;
4041 #endif
4042 #endif
4043 #if (BTM_EIR_DEFAULT_FEC_REQUIRED == FALSE)
4044 UINT8 free_eir_length = HCI_EXT_INQ_RESPONSE_LEN;
4045 #else
4046 UINT8 free_eir_length = HCI_DM5_PACKET_SIZE;
4047 #endif
4048 UINT8 num_uuid;
4049 UINT8 data_type;
4050 UINT8 local_name_len;
4051
4052 /* wait until complete to disable */
4053 if (bta_dm_cb.disable_timer.in_use)
4054 return;
4055
4056 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )
4057 /* wait until App is ready */
4058 if (bta_dm_cb.app_ready_timer.in_use)
4059 return;
4060
4061 /* if local name is not provided, get it from controller */
4062 if( local_name == NULL )
4063 {
4064 if( BTM_ReadLocalDeviceName( &local_name ) != BTM_SUCCESS )
4065 {
4066 APPL_TRACE_ERROR0("Fail to read local device name for EIR");
4067 }
4068 }
4069 #endif
4070
4071 /* Allocate a buffer to hold HCI command */
4072 if ((p_buf = (BT_HDR *)GKI_getpoolbuf(BTM_CMD_POOL_ID)) == NULL)
4073 {
4074 APPL_TRACE_ERROR0("bta_dm_set_eir couldn't allocate buffer");
4075 return;
4076 }
4077 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET;
4078
4079 memset(p, 0x00, HCI_EXT_INQ_RESPONSE_LEN );
4080
4081 APPL_TRACE_DEBUG0("BTA is generating EIR");
4082
4083 if( local_name )
4084 local_name_len = strlen( local_name );
4085 else
4086 local_name_len = 0;
4087
4088 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
4089 /* if local name is longer than minimum length of shortened name */
4090 /* check whether it needs to be shortened or not */
4091 if( local_name_len > p_bta_dm_eir_cfg->bta_dm_eir_min_name_len )
4092 {
4093 /* get number of UUID 16-bit list */
4094 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
4095 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len/LEN_UUID_16;
4096 #else
4097 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
4098 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p,
4099 max_num_uuid, &num_uuid );
4100 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; /* reset p */
4101 #endif
4102
4103 /* if UUID doesn't fit remaing space, shorten local name */
4104 if ( local_name_len > (free_eir_length - 4 - num_uuid*LEN_UUID_16))
4105 {
4106 APPL_TRACE_WARNING0("BTA EIR: local name is shortened");
4107 local_name_len = p_bta_dm_eir_cfg->bta_dm_eir_min_name_len;
4108 data_type = BTM_EIR_SHORTENED_LOCAL_NAME_TYPE;
4109 }
4110 else
4111 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
4112 }
4113
4114 UINT8_TO_STREAM(p, local_name_len + 1);
4115 UINT8_TO_STREAM(p, data_type);
4116
4117 if (local_name != NULL)
4118 {
4119 memcpy(p, local_name, local_name_len);
4120 p += local_name_len;
4121 }
4122 free_eir_length -= local_name_len + 2;
4123
4124 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
4125 /* if UUID list is provided as static data in configuration */
4126 if(( p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len > 0 )
4127 &&(p_bta_dm_eir_cfg->bta_dm_eir_uuid16))
4128 {
4129 if( free_eir_length > LEN_UUID_16 + 2)
4130 {
4131 free_eir_length -= 2;
4132
4133 if( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len)
4134 {
4135 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len / LEN_UUID_16;
4136 data_type = BTM_EIR_COMPLETE_16BITS_UUID_TYPE;
4137 }
4138 else /* not enough room for all UUIDs */
4139 {
4140 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
4141 num_uuid = free_eir_length / LEN_UUID_16;
4142 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
4143 }
4144 UINT8_TO_STREAM(p, num_uuid * LEN_UUID_16 + 1);
4145 UINT8_TO_STREAM(p, data_type);
4146 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_uuid16, num_uuid * LEN_UUID_16 );
4147 p += num_uuid * LEN_UUID_16;
4148 free_eir_length -= num_uuid * LEN_UUID_16;
4149 }
4150 }
4151 #else /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
4152 /* if UUID list is dynamic */
4153 if ( free_eir_length >= 2)
4154 {
4155 p_length = p++;
4156 p_type = p++;
4157 num_uuid = 0;
4158
4159 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
4160 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, max_num_uuid, &num_uuid );
4161
4162 if( data_type == BTM_EIR_MORE_16BITS_UUID_TYPE )
4163 {
4164 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
4165 }
4166 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
4167 else
4168 {
4169 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4170 {
4171 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_16)
4172 {
4173 if ( num_uuid < max_num_uuid )
4174 {
4175 UINT16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid16);
4176 num_uuid++;
4177 }
4178 else
4179 {
4180 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
4181 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated");
4182 break;
4183 }
4184 }
4185 }
4186 }
4187 #endif /* (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
4188
4189 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_16 + 1);
4190 UINT8_TO_STREAM(p_type, data_type);
4191 free_eir_length -= num_uuid * LEN_UUID_16 + 2;
4192 }
4193 #endif /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
4194
4195 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
4196 /* Adding 32-bit UUID list */
4197 if ( free_eir_length >= 2)
4198 {
4199 p_length = p++;
4200 p_type = p++;
4201 num_uuid = 0;
4202 data_type = BTM_EIR_COMPLETE_32BITS_UUID_TYPE;
4203
4204 max_num_uuid = (free_eir_length - 2)/LEN_UUID_32;
4205
4206 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4207 {
4208 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_32)
4209 {
4210 if ( num_uuid < max_num_uuid )
4211 {
4212 UINT32_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid32);
4213 num_uuid++;
4214 }
4215 else
4216 {
4217 data_type = BTM_EIR_MORE_32BITS_UUID_TYPE;
4218 APPL_TRACE_WARNING0("BTA EIR: UUID 32-bit list is truncated");
4219 break;
4220 }
4221 }
4222 }
4223
4224 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_32 + 1);
4225 UINT8_TO_STREAM(p_type, data_type);
4226 free_eir_length -= num_uuid * LEN_UUID_32 + 2;
4227 }
4228
4229 /* Adding 128-bit UUID list */
4230 if ( free_eir_length >= 2)
4231 {
4232 p_length = p++;
4233 p_type = p++;
4234 num_uuid = 0;
4235 data_type = BTM_EIR_COMPLETE_128BITS_UUID_TYPE;
4236
4237 max_num_uuid = (free_eir_length - 2)/LEN_UUID_128;
4238
4239 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
4240 {
4241 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_128)
4242 {
4243 if ( num_uuid < max_num_uuid )
4244 {
4245 ARRAY16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid128);
4246 num_uuid++;
4247 }
4248 else
4249 {
4250 data_type = BTM_EIR_MORE_128BITS_UUID_TYPE;
4251 APPL_TRACE_WARNING0("BTA EIR: UUID 128-bit list is truncated");
4252 break;
4253 }
4254 }
4255 }
4256
4257 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_128 + 1);
4258 UINT8_TO_STREAM(p_type, data_type);
4259 free_eir_length -= num_uuid * LEN_UUID_128 + 2;
4260 }
4261 #endif /* ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
4262
4263 /* if Flags are provided in configuration */
4264 if(( p_bta_dm_eir_cfg->bta_dm_eir_flag_len > 0 )
4265 &&( p_bta_dm_eir_cfg->bta_dm_eir_flags )
4266 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2 ))
4267 {
4268 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 1);
4269 UINT8_TO_STREAM(p, BTM_EIR_FLAGS_TYPE);
4270 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_flags,
4271 p_bta_dm_eir_cfg->bta_dm_eir_flag_len);
4272 p += p_bta_dm_eir_cfg->bta_dm_eir_flag_len;
4273 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2;
4274 }
4275
4276 /* if Manufacturer Specific are provided in configuration */
4277 if(( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len > 0 )
4278 &&( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec )
4279 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2 ))
4280 {
4281 p_length = p;
4282
4283 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 1);
4284 UINT8_TO_STREAM(p, BTM_EIR_MANUFACTURER_SPECIFIC_TYPE);
4285 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec,
4286 p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len);
4287 p += p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len;
4288 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2;
4289
4290 }
4291 else
4292 {
4293 p_length = NULL;
4294 }
4295
4296 /* if Inquiry Tx Resp Power compiled */
4297 if ((p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power) &&
4298 (free_eir_length >= 3))
4299 {
4300 UINT8_TO_STREAM(p, 2); /* Length field */
4301 UINT8_TO_STREAM(p, BTM_EIR_TX_POWER_LEVEL_TYPE);
4302 UINT8_TO_STREAM(p, *(p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power));
4303 free_eir_length -= 3;
4304 }
4305
4306 if( free_eir_length )
4307 UINT8_TO_STREAM(p, 0); /* terminator of significant part */
4308
4309 BTM_WriteEIR( p_buf );
4310
4311 }
4312 #endif
4313
4314 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE )
4315 /*******************************************************************************
4316 **
4317 ** Function bta_dm_eir_search_services
4318 **
4319 ** Description This function searches services in received EIR
4320 **
4321 ** Returns None
4322 **
4323 *******************************************************************************/
bta_dm_eir_search_services(tBTM_INQ_RESULTS * p_result,tBTA_SERVICE_MASK * p_services_to_search,tBTA_SERVICE_MASK * p_services_found)4324 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
4325 tBTA_SERVICE_MASK *p_services_to_search,
4326 tBTA_SERVICE_MASK *p_services_found)
4327 {
4328 tBTA_SERVICE_MASK service_index = 0;
4329 tBTM_EIR_SEARCH_RESULT result;
4330
4331 APPL_TRACE_DEBUG6("BTA searching services in EIR of BDA:0x%02X%02X%02X%02X%02X%02X",
4332 p_result->remote_bd_addr[0],p_result->remote_bd_addr[1],
4333 p_result->remote_bd_addr[2],p_result->remote_bd_addr[3],
4334 p_result->remote_bd_addr[4],p_result->remote_bd_addr[5]);
4335
4336 APPL_TRACE_DEBUG1(" with services_to_search=0x%08X", *p_services_to_search);
4337
4338 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
4339 /* always do GATT based service discovery by SDP instead of from EIR */
4340 /* if GATT based service is also to be put in EIR, need to modify this */
4341 while (service_index < (BTA_MAX_SERVICE_ID - 1))
4342 #else
4343 while(service_index < BTA_MAX_SERVICE_ID)
4344 #endif
4345 {
4346 if( *p_services_to_search
4347 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)))
4348 {
4349 result = BTM_HasInquiryEirService( p_result,
4350 bta_service_id_to_uuid_lkup_tbl[service_index] );
4351
4352 /* Searching for HSP v1.2 only device */
4353 if ((result != BTM_EIR_FOUND) &&
4354 (bta_service_id_to_uuid_lkup_tbl[service_index] == UUID_SERVCLASS_HEADSET))
4355 {
4356 result = BTM_HasInquiryEirService (p_result, UUID_SERVCLASS_HEADSET_HS);
4357 }
4358
4359 if( result == BTM_EIR_FOUND )
4360 {
4361 /* If Plug and Play service record, need to check to see if Broadcom stack */
4362 /* However, EIR data doesn't have EXT_BRCM_VERSION so just skip it */
4363 if( bta_service_id_to_uuid_lkup_tbl[service_index]
4364 != UUID_SERVCLASS_PNP_INFORMATION )
4365 {
4366
4367 *p_services_found |=
4368 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index));
4369 /* remove the service from services to be searched */
4370 *p_services_to_search &=
4371 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4372 }
4373 }
4374 else if( result == BTM_EIR_NOT_FOUND )
4375 {
4376 /* remove the service from services to be searched */
4377 *p_services_to_search &=
4378 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4379 }
4380 }
4381
4382 service_index++;
4383 }
4384
4385 APPL_TRACE_ERROR2("BTA EIR search result, services_to_search=0x%08X, services_found=0x%08X",
4386 *p_services_to_search, *p_services_found);
4387 }
4388 #endif
4389
4390 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE)
4391 /*******************************************************************************
4392 **
4393 ** Function bta_dm_eir_update_uuid
4394 **
4395 ** Description This function adds or removes service UUID in EIR database.
4396 **
4397 ** Returns None
4398 **
4399 *******************************************************************************/
bta_dm_eir_update_uuid(UINT16 uuid16,BOOLEAN adding)4400 void bta_dm_eir_update_uuid(UINT16 uuid16, BOOLEAN adding)
4401 {
4402 /* if this UUID is not advertised in EIR */
4403 if( !BTM_HasEirService( p_bta_dm_eir_cfg->uuid_mask, uuid16 ))
4404 return;
4405
4406 if( adding )
4407 {
4408 APPL_TRACE_EVENT1("Adding UUID=0x%04X into EIR", uuid16);
4409
4410 BTM_AddEirService( bta_dm_cb.eir_uuid, uuid16 );
4411 }
4412 else
4413 {
4414 APPL_TRACE_EVENT1("Removing UUID=0x%04X from EIR", uuid16);
4415
4416 BTM_RemoveEirService( bta_dm_cb.eir_uuid, uuid16 );
4417 }
4418
4419 bta_dm_set_eir (NULL);
4420
4421 APPL_TRACE_EVENT2("bta_dm_eir_update_uuid UUID bit mask=0x%08X %08X",
4422 bta_dm_cb.eir_uuid[1], bta_dm_cb.eir_uuid[0] );
4423 }
4424 #endif
4425
4426 /*******************************************************************************
4427 **
4428 ** Function bta_dm_enable_test_mode
4429 **
4430 ** Description enable test mode
4431 **
4432 **
4433 ** Returns void
4434 **
4435 *******************************************************************************/
bta_dm_enable_test_mode(tBTA_DM_MSG * p_data)4436 void bta_dm_enable_test_mode(tBTA_DM_MSG *p_data)
4437 {
4438 BTM_EnableTestMode();
4439 }
4440
4441 /*******************************************************************************
4442 **
4443 ** Function bta_dm_disable_test_mode
4444 **
4445 ** Description disable test mode
4446 **
4447 **
4448 ** Returns void
4449 **
4450 *******************************************************************************/
bta_dm_disable_test_mode(tBTA_DM_MSG * p_data)4451 void bta_dm_disable_test_mode(tBTA_DM_MSG *p_data)
4452 {
4453 BTM_DeviceReset(NULL);
4454 }
4455
4456 /*******************************************************************************
4457 **
4458 ** Function bta_dm_execute_callback
4459 **
4460 ** Description Just execute a generic call back in the context of the BTU/BTA tack
4461 **
4462 **
4463 ** Returns void
4464 **
4465 *******************************************************************************/
bta_dm_execute_callback(tBTA_DM_MSG * p_data)4466 void bta_dm_execute_callback(tBTA_DM_MSG *p_data)
4467 {
4468 /* sanity check */
4469 if(p_data->exec_cback.p_exec_cback == NULL)
4470 {
4471 return;
4472 }
4473
4474 p_data->exec_cback.p_exec_cback(p_data->exec_cback.p_param);
4475 }
4476 /*******************************************************************************
4477 **
4478 ** Function bta_dm_encrypt_cback
4479 **
4480 ** Description link encryption complete callback.
4481 **
4482 ** Returns None
4483 **
4484 *******************************************************************************/
bta_dm_encrypt_cback(BD_ADDR bd_addr,void * p_ref_data,tBTM_STATUS result)4485 void bta_dm_encrypt_cback(BD_ADDR bd_addr, void *p_ref_data, tBTM_STATUS result)
4486 {
4487 tBTA_STATUS bta_status = BTA_SUCCESS;
4488 tBTA_DM_ENCRYPT_CBACK *p_callback = bta_dm_cb.p_encrypt_cback;
4489
4490 bta_dm_cb.p_encrypt_cback = NULL;
4491 switch (result)
4492 {
4493 case BTM_SUCCESS:
4494 break;
4495 case BTM_WRONG_MODE:
4496 bta_status = BTA_WRONG_MODE;
4497 break;
4498 case BTM_NO_RESOURCES:
4499 bta_status = BTA_NO_RESOURCES;
4500 break;
4501 case BTM_BUSY:
4502 bta_status = BTA_BUSY;
4503 break;
4504 default:
4505 bta_status = BTA_FAILURE;
4506 break;
4507 }
4508
4509 APPL_TRACE_DEBUG2("bta_dm_encrypt_cback status =%d p_callback=0x%x", bta_status, p_callback);
4510
4511 if (p_callback)
4512 {
4513 (*p_callback)(bd_addr, bta_status);
4514 }
4515 }
4516 /*******************************************************************************
4517 **
4518 ** Function bta_dm_set_encryption
4519 **
4520 ** Description This function to encrypt the link
4521 **
4522 ** Returns None
4523 **
4524 *******************************************************************************/
bta_dm_set_encryption(tBTA_DM_MSG * p_data)4525 void bta_dm_set_encryption (tBTA_DM_MSG *p_data)
4526 {
4527
4528 APPL_TRACE_DEBUG0("bta_dm_set_encryption"); //todo
4529 if (!p_data->set_encryption.p_callback)
4530 {
4531 APPL_TRACE_ERROR0("bta_dm_set_encryption callback is not provided");
4532 return;
4533 }
4534
4535 if (bta_dm_cb.p_encrypt_cback)
4536 {
4537 (*p_data->set_encryption.p_callback)(p_data->set_encryption.bd_addr, BTA_BUSY);
4538 return;
4539 }
4540
4541
4542 bta_dm_cb.p_encrypt_cback = p_data->set_encryption.p_callback;
4543 bta_dm_cb.sec_act = p_data->set_encryption.sec_act;
4544 BTM_SetEncryption(p_data->set_encryption.bd_addr, bta_dm_encrypt_cback, &bta_dm_cb.sec_act);
4545 }
4546
4547 /*******************************************************************************
4548 **
4549 ** Function bta_dm_set_afh_channels
4550 **
4551 ** Description set afh channels
4552 **
4553 **
4554 ** Returns void
4555 **
4556 *******************************************************************************/
bta_dm_set_afh_channels(tBTA_DM_MSG * p_data)4557 void bta_dm_set_afh_channels(tBTA_DM_MSG * p_data)
4558 {
4559
4560 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last);
4561 }
4562
4563 /*******************************************************************************
4564 **
4565 ** Function bta_dm_set_afh_channel_assesment
4566 **
4567 ** Description set afh channel assesment
4568 **
4569 **
4570 ** Returns void
4571 **
4572 *******************************************************************************/
4573
bta_dm_set_afh_channel_assesment(tBTA_DM_MSG * p_data)4574 void bta_dm_set_afh_channel_assesment (tBTA_DM_MSG * p_data)
4575 {
4576 BTM_SetAfhChannelAssessment(p_data->set_afh_channel_assessment.enable_or_disable);
4577 }
4578
4579 #if (BLE_INCLUDED == TRUE)
4580 /*******************************************************************************
4581 **
4582 ** Function bta_dm_observe_results_cb
4583 **
4584 ** Description Callback for BLE Observe result
4585 **
4586 **
4587 ** Returns void
4588 **
4589 *******************************************************************************/
bta_dm_observe_results_cb(tBTM_INQ_RESULTS * p_inq,UINT8 * p_eir)4590 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
4591 {
4592 ;
4593 tBTA_DM_SEARCH result;
4594 tBTM_INQ_INFO *p_inq_info;
4595 UINT16 service_class;
4596 APPL_TRACE_DEBUG0("bta_dm_observe_results_cb")
4597
4598 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
4599 result.inq_res.rssi = p_inq->rssi;
4600 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
4601 result.inq_res.inq_result_type = p_inq->inq_result_type;
4602 result.inq_res.device_type = p_inq->device_type;
4603
4604 /* application will parse EIR to find out remote device name */
4605 result.inq_res.p_eir = p_eir;
4606
4607 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
4608 {
4609 /* initialize remt_name_not_required to FALSE so that we get the name by default */
4610 result.inq_res.remt_name_not_required = FALSE;
4611 }
4612
4613 if(bta_dm_search_cb.p_scan_cback)
4614 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_RES_EVT, &result);
4615
4616 if(p_inq_info)
4617 {
4618 /* application indicates if it knows the remote name, inside the callback
4619 copy that to the inquiry data base*/
4620 if(result.inq_res.remt_name_not_required)
4621 p_inq_info->appl_knows_rem_name = TRUE;
4622 }
4623 }
4624
4625 /*******************************************************************************
4626 **
4627 ** Function bta_dm_observe_cmpl_cb
4628 **
4629 ** Description Callback for BLE Observe complete
4630 **
4631 **
4632 ** Returns void
4633 **
4634 *******************************************************************************/
bta_dm_observe_cmpl_cb(void * p_result)4635 static void bta_dm_observe_cmpl_cb (void * p_result)
4636 {
4637 tBTA_DM_SEARCH data;
4638
4639 APPL_TRACE_DEBUG0("bta_dm_observe_cmpl_cb");
4640
4641 data.inq_cmpl.num_resps = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
4642 if (bta_dm_search_cb.p_scan_cback)
4643 {
4644 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data);
4645 }
4646 }
4647
4648 #if (SMP_INCLUDED == TRUE)
4649 /*******************************************************************************
4650 **
4651 ** Function bta_dm_ble_smp_cback
4652 **
4653 ** Description Callback for BLE SMP
4654 **
4655 **
4656 ** Returns void
4657 **
4658 *******************************************************************************/
bta_dm_ble_smp_cback(tBTM_LE_EVT event,BD_ADDR bda,tBTM_LE_EVT_DATA * p_data)4659 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data)
4660 {
4661 tBTM_STATUS status = BTM_SUCCESS;
4662 tBTA_DM_SEC sec_event;
4663 char* p_name = NULL;
4664 UINT8 i;
4665
4666 APPL_TRACE_DEBUG0("bta_dm_ble_smp_cback");
4667
4668 if (!bta_dm_cb.p_sec_cback)
4669 return BTM_NOT_AUTHORIZED;
4670
4671 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
4672 switch (event)
4673 {
4674 case BTM_LE_IO_REQ_EVT:
4675 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
4676
4677 bta_dm_co_ble_io_req(bda,
4678 &p_data->io_req.io_cap,
4679 &p_data->io_req.oob_data,
4680 &p_data->io_req.auth_req,
4681 &p_data->io_req.max_key_size,
4682 &p_data->io_req.init_keys,
4683 &p_data->io_req.resp_keys);
4684 #endif
4685 #if BTM_OOB_INCLUDED == FALSE
4686 status = BTM_SUCCESS;
4687 #endif
4688 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
4689
4690 break;
4691
4692 case BTM_LE_SEC_REQUEST_EVT:
4693 bdcpy(sec_event.ble_req.bd_addr, bda);
4694 p_name = BTM_SecReadDevName(bda);
4695 if (p_name != NULL)
4696 {
4697 BCM_STRNCPY_S((char*)sec_event.ble_req.bd_name,
4698 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4699 }
4700 else
4701 {
4702 sec_event.ble_req.bd_name[0] = 0;
4703 }
4704 bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event);
4705 break;
4706
4707 case BTM_LE_KEY_NOTIF_EVT:
4708 bdcpy(sec_event.key_notif.bd_addr, bda);
4709 p_name = BTM_SecReadDevName(bda);
4710 if (p_name != NULL)
4711 {
4712 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name,
4713 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4714 }
4715 else
4716 {
4717 sec_event.key_notif.bd_name[0] = 0;
4718 }
4719 sec_event.key_notif.passkey = p_data->key_notif;
4720 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event);
4721 break;
4722
4723 case BTM_LE_KEY_REQ_EVT:
4724 bdcpy(sec_event.ble_req.bd_addr, bda);
4725 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_REQ_EVT, &sec_event);
4726 break;
4727
4728 case BTM_LE_OOB_REQ_EVT:
4729 bdcpy(sec_event.ble_req.bd_addr, bda);
4730 bta_dm_cb.p_sec_cback(BTA_DM_BLE_OOB_REQ_EVT, &sec_event);
4731 break;
4732
4733 case BTM_LE_KEY_EVT:
4734 bdcpy(sec_event.ble_key.bd_addr, bda);
4735 sec_event.ble_key.key_type = p_data->key.key_type;
4736
4737 if (p_data->key.key_type == BTM_LE_KEY_PID)
4738 {
4739 for (i=0; i<BT_OCTET16_LEN; i++ )
4740 {
4741 sec_event.ble_key.key_value.pid_key.irk[i] = p_data->key.p_key_value->pid_key.irk[i];
4742 }
4743 sec_event.ble_key.key_value.pid_key.addr_type = p_data->key.p_key_value->pid_key.addr_type;
4744 memcpy( &(sec_event.ble_key.key_value.pid_key.static_addr),
4745 &(p_data->key.p_key_value->pid_key.static_addr),
4746 sizeof (BD_ADDR));
4747 }
4748 else
4749 {
4750 memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE));
4751 }
4752 // memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE)); todo will crash
4753 bta_dm_cb.p_sec_cback(BTA_DM_BLE_KEY_EVT, &sec_event);
4754 break;
4755
4756 case BTM_LE_COMPLT_EVT:
4757 bdcpy(sec_event.auth_cmpl.bd_addr, bda);
4758 p_name = BTM_SecReadDevName(bda);
4759 if (p_name != NULL)
4760 {
4761 BCM_STRNCPY_S((char*)sec_event.auth_cmpl.bd_name,
4762 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4763 }
4764 else
4765 {
4766 sec_event.auth_cmpl.bd_name[0] = 0;
4767 }
4768 if (p_data->complt.reason != 0)
4769 {
4770 sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason));
4771 /* delete this device entry from Sec Dev DB */
4772 bta_dm_remove_sec_dev_entry (bda);
4773 }
4774 else
4775 {
4776 sec_event.auth_cmpl.success = TRUE;
4777 }
4778 sec_event.auth_cmpl.privacy_enabled = p_data->complt.privacy_supported;
4779 if (bta_dm_cb.p_sec_cback)
4780 {
4781 //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
4782 bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event);
4783 }
4784
4785 break;
4786
4787 default:
4788 status = BTM_NOT_AUTHORIZED;
4789 break;
4790 }
4791 return status;
4792 }
4793 #endif /* SMP_INCLUDED == TRUE */
4794
4795 /*******************************************************************************
4796 **
4797 ** Function bta_dm_ble_id_key_cback
4798 **
4799 ** Description Callback for BLE local ID keys
4800 **
4801 **
4802 ** Returns void
4803 **
4804 *******************************************************************************/
bta_dm_ble_id_key_cback(UINT8 key_type,tBTM_BLE_LOCAL_KEYS * p_key)4805 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key)
4806 {
4807 UINT8 evt;
4808 tBTA_DM_SEC dm_key;
4809
4810 switch (key_type)
4811 {
4812 case BTM_BLE_KEY_TYPE_ID:
4813 case BTM_BLE_KEY_TYPE_ER:
4814 if (bta_dm_cb.p_sec_cback)
4815 {
4816 memcpy(&dm_key.ble_id_keys, p_key, sizeof(tBTM_BLE_LOCAL_KEYS));
4817
4818 evt = (key_type == BTM_BLE_KEY_TYPE_ID) ? BTA_DM_BLE_LOCAL_IR_EVT :\
4819 BTA_DM_BLE_LOCAL_ER_EVT;
4820 bta_dm_cb.p_sec_cback(evt, &dm_key);
4821 }
4822 break;
4823
4824 default:
4825 APPL_TRACE_DEBUG1("Unknown key type %d", key_type);
4826 break;
4827 }
4828 return;
4829
4830 }
4831
4832 /*******************************************************************************
4833 **
4834 ** Function bta_dm_add_blekey
4835 **
4836 ** Description This function adds an BLE Key to an security database entry.
4837 ** This function shall only be called AFTER BTA_DmAddBleDevice has been called.
4838 ** It is normally called during host startup to restore all required information
4839 ** stored in the NVRAM.
4840 **
4841 ** Parameters:
4842 **
4843 *******************************************************************************/
bta_dm_add_blekey(tBTA_DM_MSG * p_data)4844 void bta_dm_add_blekey (tBTA_DM_MSG *p_data)
4845 {
4846 if (!BTM_SecAddBleKey (p_data->add_ble_key.bd_addr,
4847 (tBTM_LE_KEY_VALUE *)&p_data->add_ble_key.blekey,
4848 p_data->add_ble_key.key_type))
4849 {
4850 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Key for device %08x%04x",
4851 (p_data->add_ble_key.bd_addr[0]<<24)+(p_data->add_ble_key.bd_addr[1]<<16)+\
4852 (p_data->add_ble_key.bd_addr[2]<<8)+p_data->add_ble_key.bd_addr[3],
4853 (p_data->add_ble_key.bd_addr[4]<<8)+p_data->add_ble_key.bd_addr[5]);
4854 }
4855 }
4856
4857 /*******************************************************************************
4858 **
4859 ** Function bta_dm_add_ble_device
4860 **
4861 ** Description This function adds an BLE device to an security database entry.
4862 ** It is normally called during host startup to restore all required information
4863 ** stored in the NVRAM.
4864 **
4865 ** Parameters:
4866 **
4867 *******************************************************************************/
bta_dm_add_ble_device(tBTA_DM_MSG * p_data)4868 void bta_dm_add_ble_device (tBTA_DM_MSG *p_data)
4869 {
4870 if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL,
4871 p_data->add_ble_device.dev_type ,
4872 p_data->add_ble_device.addr_type))
4873 {
4874 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Device for device %08x%04x",
4875 (p_data->add_ble_device.bd_addr[0]<<24)+(p_data->add_ble_device.bd_addr[1]<<16)+ \
4876 (p_data->add_ble_device.bd_addr[2]<<8)+p_data->add_ble_device.bd_addr[3],
4877 (p_data->add_ble_device.bd_addr[4]<<8)+p_data->add_ble_device.bd_addr[5]);
4878 }
4879 }
4880
4881 /*******************************************************************************
4882 **
4883 ** Function bta_dm_add_ble_device
4884 **
4885 ** Description This function adds an BLE device to an security database entry.
4886 ** It is normally called during host startup to restore all required information
4887 ** stored in the NVRAM.
4888 **
4889 ** Parameters:
4890 **
4891 *******************************************************************************/
bta_dm_ble_passkey_reply(tBTA_DM_MSG * p_data)4892 void bta_dm_ble_passkey_reply (tBTA_DM_MSG *p_data)
4893 {
4894 if (p_data->pin_reply.accept)
4895 {
4896
4897 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_SUCCESS, p_data->ble_passkey_reply.passkey);
4898 }
4899 else
4900 {
4901 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED, p_data->ble_passkey_reply.passkey);
4902 }
4903
4904 }
4905
4906 /*******************************************************************************
4907 **
4908 ** Function bta_dm_security_grant
4909 **
4910 ** Description This function grant SMP security request access.
4911 **
4912 ** Parameters:
4913 **
4914 *******************************************************************************/
bta_dm_security_grant(tBTA_DM_MSG * p_data)4915 void bta_dm_security_grant (tBTA_DM_MSG *p_data)
4916 {
4917 BTM_SecurityGrant(p_data->ble_sec_grant.bd_addr, p_data->ble_sec_grant.res);
4918 }
4919
4920 /*******************************************************************************
4921 **
4922 ** Function bta_dm_ble_set_bg_conn_type
4923 **
4924 ** Description This function set the BLE background connection type
4925 **
4926 ** Parameters:
4927 **
4928 *******************************************************************************/
bta_dm_ble_set_bg_conn_type(tBTA_DM_MSG * p_data)4929 void bta_dm_ble_set_bg_conn_type (tBTA_DM_MSG *p_data)
4930 {
4931 BTM_BleSetBgConnType(p_data->ble_set_bd_conn_type.bg_conn_type,
4932 p_data->ble_set_bd_conn_type.p_select_cback);
4933 }
4934
4935 /*******************************************************************************
4936 **
4937 ** Function bta_dm_ble_set_conn_params
4938 **
4939 ** Description This function set the preferred connection parameters.
4940 **
4941 ** Parameters:
4942 **
4943 *******************************************************************************/
bta_dm_ble_set_conn_params(tBTA_DM_MSG * p_data)4944 void bta_dm_ble_set_conn_params (tBTA_DM_MSG *p_data)
4945 {
4946 BTM_BleSetPrefConnParams(p_data->ble_set_conn_params.peer_bda,
4947 p_data->ble_set_conn_params.conn_int_min,
4948 p_data->ble_set_conn_params.conn_int_max,
4949 p_data->ble_set_conn_params.slave_latency,
4950 p_data->ble_set_conn_params.supervision_tout);
4951 }
4952
4953 /*******************************************************************************
4954 **
4955 ** Function bta_dm_ble_set_scan_params
4956 **
4957 ** Description This function set the preferred connection scan parameters.
4958 **
4959 ** Parameters:
4960 **
4961 *******************************************************************************/
bta_dm_ble_set_scan_params(tBTA_DM_MSG * p_data)4962 void bta_dm_ble_set_scan_params (tBTA_DM_MSG *p_data)
4963 {
4964 BTM_BleSetConnScanParams(p_data->ble_set_scan_params.scan_int,
4965 p_data->ble_set_scan_params.scan_window);
4966 }
4967
4968
4969 /*******************************************************************************
4970 **
4971 ** Function bta_dm_ble_observe
4972 **
4973 ** Description This function set the preferred connection scan parameters.
4974 **
4975 ** Parameters:
4976 **
4977 *******************************************************************************/
bta_dm_ble_observe(tBTA_DM_MSG * p_data)4978 void bta_dm_ble_observe (tBTA_DM_MSG *p_data)
4979 {
4980
4981 tBTM_STATUS status;
4982 if (p_data->ble_observe.start)
4983 {
4984 /*Save the callback to be called when a scan results are available */
4985 bta_dm_search_cb.p_scan_cback = p_data->ble_observe.p_cback;
4986 if ((status = BTM_BleObserve(TRUE, p_data->ble_observe.duration,
4987 bta_dm_observe_results_cb, bta_dm_observe_cmpl_cb))!= BTM_SUCCESS)
4988 {
4989 tBTA_DM_SEARCH data;
4990 APPL_TRACE_WARNING2(" %s BTM_BleObserve failed. status %d",__FUNCTION__,status);
4991 data.inq_cmpl.num_resps = 0;
4992 if (bta_dm_search_cb.p_scan_cback)
4993 {
4994 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data);
4995 }
4996 }
4997 }
4998 else
4999 {
5000 bta_dm_search_cb.p_scan_cback = NULL;
5001 BTM_BleObserve(FALSE, 0, NULL,NULL );
5002 }
5003 }
5004 /*******************************************************************************
5005 **
5006 ** Function bta_dm_ble_set_scan_params
5007 **
5008 ** Description This function set the adv parameters.
5009 **
5010 ** Parameters:
5011 **
5012 *******************************************************************************/
bta_dm_ble_set_adv_params(tBTA_DM_MSG * p_data)5013 void bta_dm_ble_set_adv_params (tBTA_DM_MSG *p_data)
5014 {
5015 BTM_BleSetAdvParams(p_data->ble_set_adv_params.adv_int_min,
5016 p_data->ble_set_adv_params.adv_int_max,
5017 p_data->ble_set_adv_params.p_dir_bda,
5018 BTA_DM_BLE_ADV_CHNL_MAP);
5019 }
5020
5021 /*******************************************************************************
5022 **
5023 ** Function bta_dm_ble_set_adv_config
5024 **
5025 ** Description This function set the customized ADV data configuration
5026 **
5027 ** Parameters:
5028 **
5029 *******************************************************************************/
bta_dm_ble_set_adv_config(tBTA_DM_MSG * p_data)5030 void bta_dm_ble_set_adv_config (tBTA_DM_MSG *p_data)
5031 {
5032 BTM_BleWriteAdvData(p_data->ble_set_adv_data.data_mask,
5033 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg);
5034 }
5035
5036 /*******************************************************************************
5037 **
5038 ** Function bta_dm_ble_set_scan_rsp
5039 **
5040 ** Description This function set the customized ADV scan resp. configuration
5041 **
5042 ** Parameters:
5043 **
5044 *******************************************************************************/
bta_dm_ble_set_scan_rsp(tBTA_DM_MSG * p_data)5045 void bta_dm_ble_set_scan_rsp (tBTA_DM_MSG *p_data)
5046 {
5047 BTM_BleWriteScanRsp(p_data->ble_set_adv_data.data_mask,
5048 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg);
5049 }
5050
5051 /*******************************************************************************
5052 **
5053 ** Function bta_dm_ble_broadcast
5054 **
5055 ** Description Starts or stops LE broadcasts
5056 **
5057 ** Parameters:
5058 **
5059 *******************************************************************************/
bta_dm_ble_broadcast(tBTA_DM_MSG * p_data)5060 void bta_dm_ble_broadcast (tBTA_DM_MSG *p_data)
5061 {
5062 BTM_BleBroadcast(p_data->ble_observe.start);
5063 }
5064
5065 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
5066 #ifndef BTA_DM_GATT_CLOSE_DELAY_TOUT
5067 #define BTA_DM_GATT_CLOSE_DELAY_TOUT 1000
5068 #endif
5069
5070 /*******************************************************************************
5071 **
5072 ** Function bta_dm_gattc_register
5073 **
5074 ** Description Register with GATTC in DM if BLE is needed.
5075 **
5076 **
5077 ** Returns void
5078 **
5079 *******************************************************************************/
bta_dm_gattc_register(void)5080 static void bta_dm_gattc_register(void)
5081 {
5082 tBT_UUID app_uuid = {LEN_UUID_128,{0}};
5083
5084 if (bta_dm_search_cb.client_if == BTA_GATTS_INVALID_IF)
5085 {
5086 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128);
5087 BTA_GATTC_AppRegister(&app_uuid, bta_dm_gattc_callback);
5088 }
5089 }
5090
5091 /*******************************************************************************
5092 **
5093 ** Function btm_dm_start_disc_gatt_services
5094 **
5095 ** Description This function starts a GATT service search request.
5096 **
5097 ** Parameters:
5098 **
5099 *******************************************************************************/
btm_dm_start_disc_gatt_services(UINT16 conn_id)5100 static void btm_dm_start_disc_gatt_services (UINT16 conn_id)
5101 {
5102 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid +
5103 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
5104
5105 p_uuid = bta_dm_search_cb.p_srvc_uuid +
5106 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
5107
5108 /* always search for all services */
5109 BTA_GATTC_ServiceSearchRequest(conn_id, p_uuid);
5110 }
5111
5112 /*******************************************************************************
5113 **
5114 ** Function bta_dm_gatt_disc_result
5115 **
5116 ** Description This function process the GATT service search result.
5117 **
5118 ** Parameters:
5119 **
5120 *******************************************************************************/
bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)5121 static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)
5122 {
5123 tBTA_DM_SEARCH result;
5124
5125 /*
5126 * This logic will not work for gatt case. We are checking against the bluetooth profiles here
5127 * just copy the GATTID in raw data field and send it across.
5128 */
5129
5130
5131 if ( bta_dm_search_cb.ble_raw_used + sizeof(tBTA_GATT_ID) < bta_dm_search_cb.ble_raw_size )
5132 {
5133 APPL_TRACE_DEBUG3("ADDING BLE SERVICE uuid=0x%x, ble_ptr = 0x%x, ble_raw_used = 0x%x", service_id.uuid.uu.uuid16,bta_dm_search_cb.p_ble_rawdata,bta_dm_search_cb.ble_raw_used);
5134
5135 if(bta_dm_search_cb.p_ble_rawdata)
5136 {
5137 memcpy((bta_dm_search_cb.p_ble_rawdata + bta_dm_search_cb.ble_raw_used), &service_id,
5138 sizeof(service_id) );
5139
5140 bta_dm_search_cb.ble_raw_used += sizeof(service_id);
5141 }
5142 else
5143 {
5144 APPL_TRACE_ERROR0("p_ble_rawdata is NULL");
5145 }
5146
5147 }
5148 else
5149 {
5150 APPL_TRACE_ERROR3("%s out of room to accomodate more service ids ble_raw_size = %d ble_raw_used = %d", __FUNCTION__,bta_dm_search_cb.ble_raw_size, bta_dm_search_cb.ble_raw_used );
5151 }
5152
5153 APPL_TRACE_ERROR1("bta_dm_gatt_disc_result serivce_id len=%d ", service_id.uuid.len);
5154 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
5155 {
5156
5157 /* send result back to app now, one by one */
5158 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
5159 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
5160 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
5161 memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID));
5162
5163 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
5164 }
5165 }
5166
5167 /*******************************************************************************
5168 **
5169 ** Function bta_dm_gatt_disc_complete
5170 **
5171 ** Description This function process the GATT service search complete.
5172 **
5173 ** Parameters:
5174 **
5175 *******************************************************************************/
bta_dm_gatt_disc_complete(UINT16 conn_id,tBTA_GATT_STATUS status)5176 static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status)
5177 {
5178 tBTA_DM_MSG *p_msg;
5179
5180 APPL_TRACE_DEBUG1("bta_dm_gatt_disc_complete conn_id = %d",conn_id);
5181
5182 if (bta_dm_search_cb.uuid_to_search > 0) bta_dm_search_cb.uuid_to_search --;
5183
5184 if (status == BTA_GATT_OK && bta_dm_search_cb.uuid_to_search > 0)
5185 {
5186 btm_dm_start_disc_gatt_services(conn_id);
5187 }
5188 else
5189 {
5190 bta_dm_search_cb.uuid_to_search = 0;
5191
5192 /* no more services to be discovered */
5193 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
5194 {
5195 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
5196 p_msg->disc_result.result.disc_res.result = (status == BTA_GATT_OK) ? BTA_SUCCESS :BTA_FAILURE;
5197 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
5198 p_msg->disc_result.result.disc_res.num_uuids = 0;
5199 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
5200 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
5201 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
5202 bta_dm_get_remname(), (BD_NAME_LEN-1));
5203
5204 /* make sure the string is terminated */
5205 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
5206
5207 p_msg->disc_result.result.disc_res.device_type = BT_DEVICE_TYPE_BLE;
5208 if ( bta_dm_search_cb.ble_raw_used > 0 )
5209 {
5210 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.ble_raw_used);
5211
5212 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
5213 bta_dm_search_cb.p_ble_rawdata,
5214 bta_dm_search_cb.ble_raw_used );
5215
5216 p_msg->disc_result.result.disc_res.raw_data_size = bta_dm_search_cb.ble_raw_used;
5217 }
5218 else
5219 {
5220 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
5221 bta_dm_search_cb.p_ble_rawdata = 0;
5222 }
5223
5224 bta_sys_sendmsg(p_msg);
5225 }
5226 if (conn_id != BTA_GATT_INVALID_CONN_ID)
5227 {
5228 if (BTA_DM_GATT_CLOSE_DELAY_TOUT != 0)
5229 {
5230 bta_sys_start_timer(&bta_dm_search_cb.gatt_close_timer, BTA_DM_DISC_CLOSE_TOUT_EVT,
5231 BTA_DM_GATT_CLOSE_DELAY_TOUT);
5232 }
5233 else
5234 {
5235 BTA_GATTC_Close(conn_id);
5236 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
5237 }
5238 }
5239
5240 bta_dm_search_cb.gatt_disc_active = FALSE;
5241 }
5242 }
5243
5244 /*******************************************************************************
5245 **
5246 ** Function bta_dm_close_gatt_conn
5247 **
5248 ** Description This function close the GATT connection after delay timeout.
5249 **
5250 ** Parameters:
5251 **
5252 *******************************************************************************/
bta_dm_close_gatt_conn(tBTA_DM_MSG * p_data)5253 void bta_dm_close_gatt_conn(tBTA_DM_MSG *p_data)
5254 {
5255 if (bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID)
5256 BTA_GATTC_Close(bta_dm_search_cb.conn_id);
5257
5258 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
5259 }
5260
5261 /*******************************************************************************
5262 **
5263 ** Function btm_dm_start_gatt_discovery
5264 **
5265 ** Description This is GATT initiate the service search by open a GATT connection
5266 ** first.
5267 **
5268 ** Parameters:
5269 **
5270 *******************************************************************************/
btm_dm_start_gatt_discovery(BD_ADDR bd_addr)5271 void btm_dm_start_gatt_discovery (BD_ADDR bd_addr)
5272 {
5273 bta_dm_search_cb.gatt_disc_active = TRUE;
5274
5275 /* connection is already open */
5276 if (bdcmp(bta_dm_search_cb.pending_close_bda, bd_addr) == 0 &&
5277 bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID)
5278 {
5279 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN);
5280 bta_sys_stop_timer(&bta_dm_search_cb.gatt_close_timer);
5281 btm_dm_start_disc_gatt_services(bta_dm_search_cb.conn_id);
5282 }
5283 else
5284 BTA_GATTC_Open(bta_dm_search_cb.client_if, bd_addr, TRUE);
5285 }
5286
5287 /*******************************************************************************
5288 **
5289 ** Function bta_dm_cancel_gatt_discovery
5290 **
5291 ** Description This is GATT cancel the GATT service search.
5292 **
5293 ** Parameters:
5294 **
5295 *******************************************************************************/
bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)5296 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)
5297 {
5298 if (bta_dm_search_cb.conn_id == BTA_GATT_INVALID_CONN_ID)
5299 {
5300 BTA_GATTC_CancelOpen(bta_dm_search_cb.client_if, bd_addr, TRUE);
5301 }
5302
5303 bta_dm_gatt_disc_complete(bta_dm_search_cb.conn_id, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
5304 }
5305
5306 /*******************************************************************************
5307 **
5308 ** Function bta_dm_proc_open_evt
5309 **
5310 ** Description process BTA_GATTC_OPEN_EVT in DM.
5311 **
5312 ** Parameters:
5313 **
5314 *******************************************************************************/
bta_dm_proc_open_evt(tBTA_GATTC_OPEN * p_data)5315 void bta_dm_proc_open_evt(tBTA_GATTC_OPEN *p_data)
5316 {
5317 UINT8 *p1;
5318 UINT8 *p2;
5319
5320 p1 = bta_dm_search_cb.peer_bdaddr;
5321 p2 = p_data->remote_bda;
5322
5323 APPL_TRACE_DEBUG5("DM Search state= %d search_cb.peer_dbaddr: [%08x%04x] connected_bda= [%08x%04x] ",
5324 bta_dm_search_cb.state,
5325 ((p1[0])<<24)+((p1[1])<<16)+((p1[2])<<8)+(p1[3]),
5326 ((p1[4])<<8)+ p1[5],
5327 ((p2[0])<<24)+((p2[1])<<16)+((p2[2])<<8)+(p2[3]),
5328 ((p2[4])<<8)+ p2[5]);
5329
5330 APPL_TRACE_DEBUG3("BTA_GATTC_OPEN_EVT conn_id = %d client_if=%d status = %d" ,
5331 p_data->conn_id,
5332 p_data->client_if,
5333 p_data->status);
5334
5335 bta_dm_search_cb.conn_id = p_data->conn_id;
5336
5337 if (p_data->status == BTA_GATT_OK)
5338 {
5339 btm_dm_start_disc_gatt_services(p_data->conn_id);
5340 }
5341 else
5342 {
5343 bta_dm_gatt_disc_complete(BTA_GATT_INVALID_CONN_ID, p_data->status);
5344 }
5345 }
5346
5347 /*******************************************************************************
5348 **
5349 ** Function bta_dm_gattc_callback
5350 **
5351 ** Description This is GATT client callback function used in DM.
5352 **
5353 ** Parameters:
5354 **
5355 *******************************************************************************/
bta_dm_gattc_callback(tBTA_GATTC_EVT event,tBTA_GATTC * p_data)5356 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data)
5357 {
5358 APPL_TRACE_DEBUG1("bta_dm_gattc_callback event = %d", event);
5359
5360 switch (event)
5361 {
5362 case BTA_GATTC_REG_EVT:
5363 APPL_TRACE_DEBUG1("BTA_GATTC_REG_EVT client_if = %d", p_data->reg_oper.client_if);
5364 if (p_data->reg_oper.status == BTA_GATT_OK)
5365 bta_dm_search_cb.client_if = p_data->reg_oper.client_if;
5366 else
5367 bta_dm_search_cb.client_if = BTA_GATTS_INVALID_IF;
5368 break;
5369
5370 case BTA_GATTC_OPEN_EVT:
5371 bta_dm_proc_open_evt(&p_data->open);
5372 break;
5373
5374 case BTA_GATTC_SEARCH_RES_EVT:
5375 bta_dm_gatt_disc_result(p_data->srvc_res.service_uuid.id);
5376 break;
5377
5378 case BTA_GATTC_SEARCH_CMPL_EVT:
5379 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
5380 bta_dm_gatt_disc_complete(p_data->search_cmpl.conn_id, p_data->search_cmpl.status);
5381 break;
5382
5383 case BTA_GATTC_CLOSE_EVT:
5384 APPL_TRACE_DEBUG1("BTA_GATTC_CLOSE_EVT reason = %d", p_data->close.reason);
5385 /* in case of disconnect before search is completed */
5386 if ( (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) &&
5387 !memcmp(p_data->close.remote_bda, bta_dm_search_cb.peer_bdaddr, BD_ADDR_LEN))
5388 {
5389 bta_dm_gatt_disc_complete((UINT16)BTA_GATT_INVALID_CONN_ID, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
5390 }
5391 break;
5392
5393 default:
5394 break;
5395 }
5396 }
5397
5398 #endif /* BTA_GATT_INCLUDED */
5399 #endif /* BLE_INCLUDED */
5400