1 /******************************************************************************
2 *
3 * Copyright 2008-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for BLE GAP.
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_btm_ble"
26
27 #include <base/bind.h>
28 #include <base/strings/string_number_conversions.h>
29 #include <cstdint>
30 #include <list>
31 #include <memory>
32 #include <vector>
33
34 #include "common/time_util.h"
35 #include "device/include/controller.h"
36 #include "main/shim/acl_api.h"
37 #include "main/shim/btm_api.h"
38 #include "main/shim/shim.h"
39 #include "osi/include/log.h"
40 #include "stack/btm/btm_ble_int.h"
41 #include "stack/btm/btm_ble_int_types.h"
42 #include "stack/btm/btm_dev.h"
43 #include "stack/btm/btm_int_types.h"
44 #include "stack/gatt/gatt_int.h"
45 #include "stack/include/acl_api.h"
46 #include "stack/include/advertise_data_parser.h"
47 #include "stack/include/bt_types.h"
48 #include "stack/include/btm_api_types.h"
49 #include "stack/include/gap_api.h"
50 #include "stack/include/hci_error_code.h"
51 #include "stack/include/hcimsgs.h"
52 #include "stack/include/inq_hci_link_interface.h"
53 #include "types/raw_address.h"
54
55 extern tBTM_CB btm_cb;
56
57 extern void btm_inq_remote_name_timer_timeout(void* data);
58 extern bool btm_ble_init_pseudo_addr(tBTM_SEC_DEV_REC* p_dev_rec,
59 const RawAddress& new_pseudo_addr);
60 extern bool btm_identity_addr_to_random_pseudo(RawAddress* bd_addr,
61 uint8_t* p_addr_type,
62 bool refresh);
63 extern void btm_ble_batchscan_init(void);
64 extern void btm_ble_adv_filter_init(void);
65 extern void btm_clear_all_pending_le_entry(void);
66 extern const tBLE_BD_ADDR convert_to_address_with_type(
67 const RawAddress& bd_addr, const tBTM_SEC_DEV_REC* p_dev_rec);
68
69 #define BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS (30 * 1000)
70 #define MIN_ADV_LENGTH 2
71 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN 9
72 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE \
73 BTM_VSC_CHIP_CAPABILITY_RSP_LEN
74 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_M_RELEASE 15
75 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_S_RELEASE 25
76
77 namespace {
78
79 class AdvertisingCache {
80 public:
81 /* Set the data to |data| for device |addr_type, addr| */
Set(uint8_t addr_type,const RawAddress & addr,std::vector<uint8_t> data)82 const std::vector<uint8_t>& Set(uint8_t addr_type, const RawAddress& addr,
83 std::vector<uint8_t> data) {
84 auto it = Find(addr_type, addr);
85 if (it != items.end()) {
86 it->data = std::move(data);
87 return it->data;
88 }
89
90 if (items.size() > cache_max) {
91 items.pop_back();
92 }
93
94 items.emplace_front(addr_type, addr, std::move(data));
95 return items.front().data;
96 }
97
Exist(uint8_t addr_type,const RawAddress & addr)98 bool Exist(uint8_t addr_type, const RawAddress& addr) {
99 auto it = Find(addr_type, addr);
100 if (it != items.end()) {
101 return true;
102 }
103 return false;
104 }
105
106 /* Append |data| for device |addr_type, addr| */
Append(uint8_t addr_type,const RawAddress & addr,std::vector<uint8_t> data)107 const std::vector<uint8_t>& Append(uint8_t addr_type, const RawAddress& addr,
108 std::vector<uint8_t> data) {
109 auto it = Find(addr_type, addr);
110 if (it != items.end()) {
111 it->data.insert(it->data.end(), data.begin(), data.end());
112 return it->data;
113 }
114
115 if (items.size() > cache_max) {
116 items.pop_back();
117 }
118
119 items.emplace_front(addr_type, addr, std::move(data));
120 return items.front().data;
121 }
122
123 /* Clear data for device |addr_type, addr| */
Clear(uint8_t addr_type,const RawAddress & addr)124 void Clear(uint8_t addr_type, const RawAddress& addr) {
125 auto it = Find(addr_type, addr);
126 if (it != items.end()) {
127 items.erase(it);
128 }
129 }
130
ClearAll()131 void ClearAll() {
132 items.clear();
133 }
134
135 private:
136 struct Item {
137 uint8_t addr_type;
138 RawAddress addr;
139 std::vector<uint8_t> data;
140
Item__anonfefdf81b0110::AdvertisingCache::Item141 Item(uint8_t addr_type, const RawAddress& addr, std::vector<uint8_t> data)
142 : addr_type(addr_type), addr(addr), data(data) {}
143 };
144
Find(uint8_t addr_type,const RawAddress & addr)145 std::list<Item>::iterator Find(uint8_t addr_type, const RawAddress& addr) {
146 for (auto it = items.begin(); it != items.end(); it++) {
147 if (it->addr_type == addr_type && it->addr == addr) {
148 return it;
149 }
150 }
151 return items.end();
152 }
153
154 /* we keep maximum 7 devices in the cache */
155 const size_t cache_max = 7;
156 std::list<Item> items;
157 };
158
159 /* Devices in this cache are waiting for eiter scan response, or chained packets
160 * on secondary channel */
161 AdvertisingCache cache;
162
163 } // namespace
164
165 #if (BLE_VND_INCLUDED == TRUE)
166 static tBTM_BLE_CTRL_FEATURES_CBACK* p_ctrl_le_feature_rd_cmpl_cback = NULL;
167 #endif
168
169 /*******************************************************************************
170 * Local functions
171 ******************************************************************************/
172 static void btm_ble_update_adv_flag(uint8_t flag);
173 void btm_ble_process_adv_pkt_cont(uint16_t evt_type, uint8_t addr_type,
174 const RawAddress& bda, uint8_t primary_phy,
175 uint8_t secondary_phy,
176 uint8_t advertising_sid, int8_t tx_power,
177 int8_t rssi, uint16_t periodic_adv_int,
178 uint8_t data_len, uint8_t* data,
179 const RawAddress& original_bda);
180 static uint8_t btm_set_conn_mode_adv_init_addr(RawAddress& p_peer_addr_ptr,
181 tBLE_ADDR_TYPE* p_peer_addr_type,
182 tBLE_ADDR_TYPE* p_own_addr_type);
183 static void btm_ble_stop_observe(void);
184 static void btm_ble_fast_adv_timer_timeout(void* data);
185 static void btm_ble_start_slow_adv(void);
186 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(void* data);
187 static void btm_ble_inquiry_timer_timeout(void* data);
188 static void btm_ble_observer_timer_timeout(void* data);
189
190 enum : uint8_t {
191 BTM_BLE_NOT_SCANNING = 0x00,
192 BTM_BLE_INQ_RESULT = 0x01,
193 BTM_BLE_OBS_RESULT = 0x02,
194 };
195
ble_evt_type_is_connectable(uint16_t evt_type)196 static bool ble_evt_type_is_connectable(uint16_t evt_type) {
197 return evt_type & (1 << BLE_EVT_CONNECTABLE_BIT);
198 }
199
ble_evt_type_is_scannable(uint16_t evt_type)200 static bool ble_evt_type_is_scannable(uint16_t evt_type) {
201 return evt_type & (1 << BLE_EVT_SCANNABLE_BIT);
202 }
203
ble_evt_type_is_directed(uint16_t evt_type)204 static bool ble_evt_type_is_directed(uint16_t evt_type) {
205 return evt_type & (1 << BLE_EVT_DIRECTED_BIT);
206 }
207
ble_evt_type_is_scan_resp(uint16_t evt_type)208 static bool ble_evt_type_is_scan_resp(uint16_t evt_type) {
209 return evt_type & (1 << BLE_EVT_SCAN_RESPONSE_BIT);
210 }
211
ble_evt_type_is_legacy(uint16_t evt_type)212 static bool ble_evt_type_is_legacy(uint16_t evt_type) {
213 return evt_type & (1 << BLE_EVT_LEGACY_BIT);
214 }
215
ble_evt_type_data_status(uint16_t evt_type)216 static uint8_t ble_evt_type_data_status(uint16_t evt_type) {
217 return (evt_type >> 5) & 3;
218 }
219
220 constexpr uint8_t UNSUPPORTED = 255;
221
222 /* LE states combo bit to check */
223 const uint8_t btm_le_state_combo_tbl[BTM_BLE_STATE_MAX][BTM_BLE_STATE_MAX] = {
224 {
225 /* single state support */
226 HCI_LE_STATES_CONN_ADV_BIT, /* conn_adv */
227 HCI_LE_STATES_INIT_BIT, /* init */
228 HCI_LE_STATES_INIT_BIT, /* central */
229 HCI_LE_STATES_PERIPHERAL_BIT, /* peripheral */
230 UNSUPPORTED, /* todo: lo du dir adv, not covered ? */
231 HCI_LE_STATES_HI_DUTY_DIR_ADV_BIT, /* hi duty dir adv */
232 HCI_LE_STATES_NON_CONN_ADV_BIT, /* non connectable adv */
233 HCI_LE_STATES_PASS_SCAN_BIT, /* passive scan */
234 HCI_LE_STATES_ACTIVE_SCAN_BIT, /* active scan */
235 HCI_LE_STATES_SCAN_ADV_BIT /* scanable adv */
236 },
237 {
238 /* conn_adv =0 */
239 UNSUPPORTED, /* conn_adv */
240 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* init: 32 */
241 HCI_LE_STATES_CONN_ADV_CENTRAL_BIT, /* central: 35 */
242 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* peripheral: 38,*/
243 UNSUPPORTED, /* lo du dir adv */
244 UNSUPPORTED, /* hi duty dir adv */
245 UNSUPPORTED, /* non connectable adv */
246 HCI_LE_STATES_CONN_ADV_PASS_SCAN_BIT, /* passive scan */
247 HCI_LE_STATES_CONN_ADV_ACTIVE_SCAN_BIT, /* active scan */
248 UNSUPPORTED /* scanable adv */
249 },
250 {
251 /* init */
252 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* conn_adv: 32 */
253 UNSUPPORTED, /* init */
254 HCI_LE_STATES_INIT_CENTRAL_BIT, /* central 28 */
255 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* peripheral 41 */
256 HCI_LE_STATES_LO_DUTY_DIR_ADV_INIT_BIT, /* lo du dir adv 34 */
257 HCI_LE_STATES_HI_DUTY_DIR_ADV_INIT_BIT, /* hi duty dir adv 33 */
258 HCI_LE_STATES_NON_CONN_INIT_BIT, /* non connectable adv */
259 HCI_LE_STATES_PASS_SCAN_INIT_BIT, /* passive scan */
260 HCI_LE_STATES_ACTIVE_SCAN_INIT_BIT, /* active scan */
261 HCI_LE_STATES_SCAN_ADV_INIT_BIT /* scanable adv */
262
263 },
264 {
265 /* central */
266 HCI_LE_STATES_CONN_ADV_CENTRAL_BIT, /* conn_adv: 35 */
267 HCI_LE_STATES_INIT_CENTRAL_BIT, /* init 28 */
268 HCI_LE_STATES_INIT_CENTRAL_BIT, /* central 28 */
269 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* peripheral: 32 */
270 HCI_LE_STATES_LO_DUTY_DIR_ADV_CENTRAL_BIT, /* lo duty cycle adv 37 */
271 HCI_LE_STATES_HI_DUTY_DIR_ADV_CENTRAL_BIT, /* hi duty cycle adv 36 */
272 HCI_LE_STATES_NON_CONN_ADV_CENTRAL_BIT, /* non connectable adv*/
273 HCI_LE_STATES_PASS_SCAN_CENTRAL_BIT, /* passive scan */
274 HCI_LE_STATES_ACTIVE_SCAN_CENTRAL_BIT, /* active scan */
275 HCI_LE_STATES_SCAN_ADV_CENTRAL_BIT /* scanable adv */
276
277 },
278 {
279 /* peripheral */
280 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* conn_adv: 38,*/
281 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* init 41 */
282 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* central 41 */
283 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* peripheral: 38,*/
284 HCI_LE_STATES_LO_DUTY_DIR_ADV_PERIPHERAL_BIT, /* lo duty cycle adv 40 */
285 HCI_LE_STATES_HI_DUTY_DIR_ADV_PERIPHERAL_BIT, /* hi duty cycle adv 39 */
286 HCI_LE_STATES_NON_CONN_ADV_PERIPHERAL_BIT, /* non connectable adv */
287 HCI_LE_STATES_PASS_SCAN_PERIPHERAL_BIT, /* passive scan */
288 HCI_LE_STATES_ACTIVE_SCAN_PERIPHERAL_BIT, /* active scan */
289 HCI_LE_STATES_SCAN_ADV_PERIPHERAL_BIT /* scanable adv */
290
291 },
292 {
293 /* lo duty cycle adv */
294 UNSUPPORTED, /* conn_adv: 38,*/
295 HCI_LE_STATES_LO_DUTY_DIR_ADV_INIT_BIT, /* init 34 */
296 HCI_LE_STATES_LO_DUTY_DIR_ADV_CENTRAL_BIT, /* central 37 */
297 HCI_LE_STATES_LO_DUTY_DIR_ADV_PERIPHERAL_BIT, /* peripheral: 40 */
298 UNSUPPORTED, /* lo duty cycle adv 40 */
299 UNSUPPORTED, /* hi duty cycle adv 39 */
300 UNSUPPORTED, /* non connectable adv */
301 UNSUPPORTED, /* TODO: passive scan, not covered? */
302 UNSUPPORTED, /* TODO: active scan, not covered? */
303 UNSUPPORTED /* scanable adv */
304 },
305 {
306 /* hi duty cycle adv */
307 UNSUPPORTED, /* conn_adv: 38,*/
308 HCI_LE_STATES_HI_DUTY_DIR_ADV_INIT_BIT, /* init 33 */
309 HCI_LE_STATES_HI_DUTY_DIR_ADV_CENTRAL_BIT, /* central 36 */
310 HCI_LE_STATES_HI_DUTY_DIR_ADV_PERIPHERAL_BIT, /* peripheral: 39*/
311 UNSUPPORTED, /* lo duty cycle adv 40 */
312 UNSUPPORTED, /* hi duty cycle adv 39 */
313 UNSUPPORTED, /* non connectable adv */
314 HCI_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_BIT, /* passive scan */
315 HCI_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_BIT, /* active scan */
316 UNSUPPORTED /* scanable adv */
317 },
318 {
319 /* non connectable adv */
320 UNSUPPORTED, /* conn_adv: */
321 HCI_LE_STATES_NON_CONN_INIT_BIT, /* init */
322 HCI_LE_STATES_NON_CONN_ADV_CENTRAL_BIT, /* central */
323 HCI_LE_STATES_NON_CONN_ADV_PERIPHERAL_BIT, /* peripheral: */
324 UNSUPPORTED, /* lo duty cycle adv */
325 UNSUPPORTED, /* hi duty cycle adv */
326 UNSUPPORTED, /* non connectable adv */
327 HCI_LE_STATES_NON_CONN_ADV_PASS_SCAN_BIT, /* passive scan */
328 HCI_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_BIT, /* active scan */
329 UNSUPPORTED /* scanable adv */
330 },
331 {
332 /* passive scan */
333 HCI_LE_STATES_CONN_ADV_PASS_SCAN_BIT, /* conn_adv: */
334 HCI_LE_STATES_PASS_SCAN_INIT_BIT, /* init */
335 HCI_LE_STATES_PASS_SCAN_CENTRAL_BIT, /* central */
336 HCI_LE_STATES_PASS_SCAN_PERIPHERAL_BIT, /* peripheral: */
337 UNSUPPORTED, /* lo duty cycle adv */
338 HCI_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_BIT, /* hi duty cycle adv */
339 HCI_LE_STATES_NON_CONN_ADV_PASS_SCAN_BIT, /* non connectable adv */
340 UNSUPPORTED, /* passive scan */
341 UNSUPPORTED, /* active scan */
342 HCI_LE_STATES_SCAN_ADV_PASS_SCAN_BIT /* scanable adv */
343 },
344 {
345 /* active scan */
346 HCI_LE_STATES_CONN_ADV_ACTIVE_SCAN_BIT, /* conn_adv: */
347 HCI_LE_STATES_ACTIVE_SCAN_INIT_BIT, /* init */
348 HCI_LE_STATES_ACTIVE_SCAN_CENTRAL_BIT, /* central */
349 HCI_LE_STATES_ACTIVE_SCAN_PERIPHERAL_BIT, /* peripheral: */
350 UNSUPPORTED, /* lo duty cycle adv */
351 HCI_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_BIT, /* hi duty cycle adv */
352 HCI_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_BIT, /* non connectable adv */
353 UNSUPPORTED, /* TODO: passive scan */
354 UNSUPPORTED, /* TODO: active scan */
355 HCI_LE_STATES_SCAN_ADV_ACTIVE_SCAN_BIT /* scanable adv */
356 },
357 {
358 /* scanable adv */
359 UNSUPPORTED, /* conn_adv: */
360 HCI_LE_STATES_SCAN_ADV_INIT_BIT, /* init */
361 HCI_LE_STATES_SCAN_ADV_CENTRAL_BIT, /* central */
362 HCI_LE_STATES_SCAN_ADV_PERIPHERAL_BIT, /* peripheral: */
363 UNSUPPORTED, /* lo duty cycle adv */
364 UNSUPPORTED, /* hi duty cycle adv */
365 UNSUPPORTED, /* non connectable adv */
366 HCI_LE_STATES_SCAN_ADV_PASS_SCAN_BIT, /* passive scan */
367 HCI_LE_STATES_SCAN_ADV_ACTIVE_SCAN_BIT, /* active scan */
368 UNSUPPORTED /* scanable adv */
369 }};
370
371 /* check LE combo state supported */
BTM_LE_STATES_SUPPORTED(const uint8_t * x,uint8_t bit_num)372 inline bool BTM_LE_STATES_SUPPORTED(const uint8_t* x, uint8_t bit_num) {
373 uint8_t mask = 1 << (bit_num % 8);
374 uint8_t offset = bit_num / 8;
375 return ((x)[offset] & mask);
376 }
377
378 /*******************************************************************************
379 *
380 * Function BTM_BleObserve
381 *
382 * Description This procedure keep the device listening for advertising
383 * events from a broadcast device.
384 *
385 * Parameters start: start or stop observe.
386 * acceptlist: use acceptlist in observer mode or not.
387 *
388 * Returns void
389 *
390 ******************************************************************************/
BTM_BleObserve(bool start,uint8_t duration,tBTM_INQ_RESULTS_CB * p_results_cb,tBTM_CMPL_CB * p_cmpl_cb)391 tBTM_STATUS BTM_BleObserve(bool start, uint8_t duration,
392 tBTM_INQ_RESULTS_CB* p_results_cb,
393 tBTM_CMPL_CB* p_cmpl_cb) {
394 if (bluetooth::shim::is_gd_shim_enabled()) {
395 return bluetooth::shim::BTM_BleObserve(start, duration, p_results_cb,
396 p_cmpl_cb);
397 }
398
399 tBTM_BLE_INQ_CB* p_inq = &btm_cb.ble_ctr_cb.inq_var;
400 tBTM_STATUS status = BTM_WRONG_MODE;
401
402 uint32_t scan_interval =
403 !p_inq->scan_interval ? BTM_BLE_GAP_DISC_SCAN_INT : p_inq->scan_interval;
404 uint32_t scan_window =
405 !p_inq->scan_window ? BTM_BLE_GAP_DISC_SCAN_WIN : p_inq->scan_window;
406
407 BTM_TRACE_EVENT("%s : scan_type:%d, %d, %d", __func__, p_inq->scan_type,
408 p_inq->scan_interval, p_inq->scan_window);
409
410 if (!controller_get_interface()->supports_ble()) return BTM_ILLEGAL_VALUE;
411
412 if (start) {
413 /* shared inquiry database, do not allow observe if any inquiry is active */
414 if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
415 BTM_TRACE_ERROR("%s Observe Already Active", __func__);
416 return status;
417 }
418
419 btm_cb.ble_ctr_cb.p_obs_results_cb = p_results_cb;
420 btm_cb.ble_ctr_cb.p_obs_cmpl_cb = p_cmpl_cb;
421 status = BTM_CMD_STARTED;
422
423 /* scan is not started */
424 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) {
425 /* allow config of scan type */
426 cache.ClearAll();
427 p_inq->scan_type = (p_inq->scan_type == BTM_BLE_SCAN_MODE_NONE)
428 ? BTM_BLE_SCAN_MODE_ACTI
429 : p_inq->scan_type;
430 /* assume observe always not using acceptlist */
431 /* enable resolving list */
432 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
433
434 btm_send_hci_set_scan_params(
435 p_inq->scan_type, (uint16_t)scan_interval, (uint16_t)scan_window,
436 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, BTM_BLE_DEFAULT_SFP);
437
438 btm_ble_start_scan();
439 }
440
441 if (status == BTM_CMD_STARTED) {
442 btm_cb.ble_ctr_cb.set_ble_observe_active();
443 if (duration != 0) {
444 /* start observer timer */
445 uint64_t duration_ms = duration * 1000;
446 alarm_set_on_mloop(btm_cb.ble_ctr_cb.observer_timer, duration_ms,
447 btm_ble_observer_timer_timeout, NULL);
448 }
449 }
450 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
451 status = BTM_CMD_STARTED;
452 btm_ble_stop_observe();
453 } else {
454 BTM_TRACE_ERROR("%s Observe not active", __func__);
455 }
456
457 return status;
458 }
459
460 #if (BLE_VND_INCLUDED == TRUE)
461
btm_get_dynamic_audio_buffer_vsc_cmpl_cback(tBTM_VSC_CMPL * p_vsc_cmpl_params)462 static void btm_get_dynamic_audio_buffer_vsc_cmpl_cback(
463 tBTM_VSC_CMPL* p_vsc_cmpl_params) {
464 LOG(INFO) << __func__;
465
466 if (p_vsc_cmpl_params->param_len < 1) {
467 LOG(ERROR) << __func__
468 << ": The length of returned parameters is less than 1";
469 return;
470 }
471 uint8_t* p_event_param_buf = p_vsc_cmpl_params->p_param_buf;
472 uint8_t status = 0xff;
473 uint8_t opcode = 0xff;
474 uint32_t codec_mask = 0xffffffff;
475
476 // [Return Parameter] | [Size] | [Purpose]
477 // Status | 1 octet | Command complete status
478 // Dynamic_Audio_Buffer_opcode| 1 octet | 0x01 - Get buffer time
479 // Audio_Codedc_Type_Supported| 4 octet | Bit masks for selected codec types
480 // Audio_Codec_Buffer_Time | 192 octet| Default/Max/Min buffer time
481 STREAM_TO_UINT8(status, p_event_param_buf);
482 if (status != HCI_SUCCESS) {
483 LOG(ERROR) << __func__
484 << ": Fail to configure DFTB. status: " << loghex(status);
485 return;
486 }
487
488 if (p_vsc_cmpl_params->param_len != 198) {
489 LOG(FATAL) << __func__
490 << ": The length of returned parameters is not equal to 198: "
491 << std::to_string(p_vsc_cmpl_params->param_len);
492 return;
493 }
494
495 STREAM_TO_UINT8(opcode, p_event_param_buf);
496 LOG(INFO) << __func__ << ": opcode = " << loghex(opcode);
497
498 if (opcode == 0x01) {
499 STREAM_TO_UINT32(codec_mask, p_event_param_buf);
500 LOG(INFO) << __func__ << ": codec_mask = " << loghex(codec_mask);
501
502 for (int i = 0; i < BTM_CODEC_TYPE_MAX_RECORDS; i++) {
503 STREAM_TO_UINT16(btm_cb.dynamic_audio_buffer_cb[i].default_buffer_time,
504 p_event_param_buf);
505 STREAM_TO_UINT16(btm_cb.dynamic_audio_buffer_cb[i].maximum_buffer_time,
506 p_event_param_buf);
507 STREAM_TO_UINT16(btm_cb.dynamic_audio_buffer_cb[i].minimum_buffer_time,
508 p_event_param_buf);
509 }
510
511 LOG(INFO) << __func__ << ": Succeed to receive Media Tx Buffer.";
512 }
513 }
514
515 /*******************************************************************************
516 *
517 * Function btm_vsc_brcm_features_complete
518 *
519 * Description Command Complete callback for HCI_BLE_VENDOR_CAP
520 *
521 * Returns void
522 *
523 ******************************************************************************/
btm_ble_vendor_capability_vsc_cmpl_cback(tBTM_VSC_CMPL * p_vcs_cplt_params)524 static void btm_ble_vendor_capability_vsc_cmpl_cback(
525 tBTM_VSC_CMPL* p_vcs_cplt_params) {
526
527 BTM_TRACE_DEBUG("%s", __func__);
528
529 /* Check status of command complete event */
530 CHECK(p_vcs_cplt_params->opcode == HCI_BLE_VENDOR_CAP);
531 CHECK(p_vcs_cplt_params->param_len > 0);
532
533 const uint8_t* p = p_vcs_cplt_params->p_param_buf;
534 uint8_t raw_status;
535 STREAM_TO_UINT8(raw_status, p);
536 tHCI_STATUS status = to_hci_status_code(raw_status);
537
538 if (status != HCI_SUCCESS) {
539 BTM_TRACE_DEBUG("%s: Status = 0x%02x (0 is success)", __func__, status);
540 return;
541 }
542 CHECK(p_vcs_cplt_params->param_len >= BTM_VSC_CHIP_CAPABILITY_RSP_LEN);
543 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.adv_inst_max, p);
544 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.rpa_offloading, p);
545 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg, p);
546 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz, p);
547 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.filter_support, p);
548 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_filter, p);
549 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.energy_support, p);
550
551 if (p_vcs_cplt_params->param_len >
552 BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE) {
553 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.version_supported, p);
554 } else {
555 btm_cb.cmn_ble_vsc_cb.version_supported = BTM_VSC_CHIP_CAPABILITY_L_VERSION;
556 }
557
558 if (btm_cb.cmn_ble_vsc_cb.version_supported >=
559 BTM_VSC_CHIP_CAPABILITY_M_VERSION) {
560 CHECK(p_vcs_cplt_params->param_len >= BTM_VSC_CHIP_CAPABILITY_RSP_LEN_M_RELEASE);
561 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.total_trackable_advertisers, p);
562 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.extended_scan_support, p);
563 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.debug_logging_supported, p);
564 }
565
566 if (btm_cb.cmn_ble_vsc_cb.version_supported >=
567 BTM_VSC_CHIP_CAPABILITY_S_VERSION) {
568 if (p_vcs_cplt_params->param_len >=
569 BTM_VSC_CHIP_CAPABILITY_RSP_LEN_S_RELEASE) {
570 STREAM_TO_UINT8(
571 btm_cb.cmn_ble_vsc_cb.le_address_generation_offloading_support, p);
572 STREAM_TO_UINT32(
573 btm_cb.cmn_ble_vsc_cb.a2dp_source_offload_capability_mask, p);
574 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.quality_report_support, p);
575 STREAM_TO_UINT32(btm_cb.cmn_ble_vsc_cb.dynamic_audio_buffer_support, p);
576
577 if (btm_cb.cmn_ble_vsc_cb.dynamic_audio_buffer_support != 0) {
578 uint8_t param[3] = {0};
579 uint8_t* p_param = param;
580
581 UINT8_TO_STREAM(p_param, HCI_CONTROLLER_DAB_GET_BUFFER_TIME);
582 BTM_VendorSpecificCommand(HCI_CONTROLLER_DAB, p_param - param, param,
583 btm_get_dynamic_audio_buffer_vsc_cmpl_cback);
584 }
585 }
586 }
587 btm_cb.cmn_ble_vsc_cb.values_read = true;
588
589 BTM_TRACE_DEBUG(
590 "%s: stat=%d, irk=%d, ADV ins:%d, rpa=%d, ener=%d, ext_scan=%d", __func__,
591 status, btm_cb.cmn_ble_vsc_cb.max_irk_list_sz,
592 btm_cb.cmn_ble_vsc_cb.adv_inst_max, btm_cb.cmn_ble_vsc_cb.rpa_offloading,
593 btm_cb.cmn_ble_vsc_cb.energy_support,
594 btm_cb.cmn_ble_vsc_cb.extended_scan_support);
595
596 btm_ble_adv_init();
597
598 if (btm_cb.cmn_ble_vsc_cb.max_filter > 0) btm_ble_adv_filter_init();
599
600 /* VS capability included and non-4.2 device */
601 if (btm_cb.cmn_ble_vsc_cb.max_irk_list_sz > 0 &&
602 controller_get_interface()->get_ble_resolving_list_max_size() == 0)
603 btm_ble_resolving_list_init(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz);
604
605 if (btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg > 0) btm_ble_batchscan_init();
606
607 if (p_ctrl_le_feature_rd_cmpl_cback != NULL)
608 p_ctrl_le_feature_rd_cmpl_cback(static_cast<tHCI_STATUS>(status));
609 }
610 #endif /* (BLE_VND_INCLUDED == TRUE) */
611
612 /*******************************************************************************
613 *
614 * Function BTM_BleGetVendorCapabilities
615 *
616 * Description This function reads local LE features
617 *
618 * Parameters p_cmn_vsc_cb : Locala LE capability structure
619 *
620 * Returns void
621 *
622 ******************************************************************************/
BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB * p_cmn_vsc_cb)623 void BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB* p_cmn_vsc_cb) {
624 if (NULL != p_cmn_vsc_cb) {
625 *p_cmn_vsc_cb = btm_cb.cmn_ble_vsc_cb;
626 }
627 }
628
BTM_BleGetDynamicAudioBuffer(tBTM_BT_DYNAMIC_AUDIO_BUFFER_CB p_dynamic_audio_buffer_cb[])629 void BTM_BleGetDynamicAudioBuffer(
630 tBTM_BT_DYNAMIC_AUDIO_BUFFER_CB p_dynamic_audio_buffer_cb[]) {
631 BTM_TRACE_DEBUG("BTM_BleGetDynamicAudioBuffer");
632
633 if (NULL != p_dynamic_audio_buffer_cb) {
634 for (int i = 0; i < 32; i++) {
635 p_dynamic_audio_buffer_cb[i] = btm_cb.dynamic_audio_buffer_cb[i];
636 }
637 }
638 }
639
640 /******************************************************************************
641 *
642 * Function BTM_BleReadControllerFeatures
643 *
644 * Description Reads BLE specific controller features
645 *
646 * Parameters: tBTM_BLE_CTRL_FEATURES_CBACK : Callback to notify when
647 * features are read
648 *
649 * Returns void
650 *
651 ******************************************************************************/
652 #if (BLE_VND_INCLUDED == TRUE)
BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)653 void BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK* p_vsc_cback) {
654 if (btm_cb.cmn_ble_vsc_cb.values_read) return;
655
656 BTM_TRACE_DEBUG("BTM_BleReadControllerFeatures");
657
658 p_ctrl_le_feature_rd_cmpl_cback = p_vsc_cback;
659 BTM_VendorSpecificCommand(HCI_BLE_VENDOR_CAP, 0, NULL,
660 btm_ble_vendor_capability_vsc_cmpl_cback);
661 }
662 #else
BTM_BleReadControllerFeatures(UNUSED_ATTR tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)663 void BTM_BleReadControllerFeatures(
664 UNUSED_ATTR tBTM_BLE_CTRL_FEATURES_CBACK* p_vsc_cback) {}
665 #endif
666
667 /*******************************************************************************
668 *
669 * Function BTM_BleConfigPrivacy
670 *
671 * Description This function is called to enable or disable the privacy in
672 * LE channel of the local device.
673 *
674 * Parameters privacy_mode: privacy mode on or off.
675 *
676 * Returns bool privacy mode set success; otherwise failed.
677 *
678 ******************************************************************************/
BTM_BleConfigPrivacy(bool privacy_mode)679 bool BTM_BleConfigPrivacy(bool privacy_mode) {
680 tBTM_BLE_CB* p_cb = &btm_cb.ble_ctr_cb;
681
682 BTM_TRACE_EVENT("%s", __func__);
683
684 /* if LE is not supported, return error */
685 if (!controller_get_interface()->supports_ble()) return false;
686
687 tGAP_BLE_ATTR_VALUE gap_ble_attr_value;
688 gap_ble_attr_value.addr_resolution = 0;
689 if (!privacy_mode) /* if privacy disabled, always use public address */
690 {
691 p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
692 p_cb->privacy_mode = BTM_PRIVACY_NONE;
693 } else /* privacy is turned on*/
694 {
695 /* always set host random address, used when privacy 1.1 or priavcy 1.2 is
696 * disabled */
697 p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
698 btm_gen_resolvable_private_addr(base::Bind(&btm_gen_resolve_paddr_low));
699
700 /* 4.2 controller only allow privacy 1.2 or mixed mode, resolvable private
701 * address in controller */
702 if (controller_get_interface()->supports_ble_privacy()) {
703 gap_ble_attr_value.addr_resolution = 1;
704 p_cb->privacy_mode = BTM_PRIVACY_1_2;
705 } else /* 4.1/4.0 controller */
706 p_cb->privacy_mode = BTM_PRIVACY_1_1;
707 }
708
709 GAP_BleAttrDBUpdate(GATT_UUID_GAP_CENTRAL_ADDR_RESOL, &gap_ble_attr_value);
710
711 if (bluetooth::shim::is_gd_acl_enabled() ||
712 bluetooth::shim::is_gd_l2cap_enabled()) {
713 bluetooth::shim::ACL_ConfigureLePrivacy(privacy_mode);
714 }
715 return true;
716 }
717
718 /*******************************************************************************
719 *
720 * Function BTM_BleMaxMultiAdvInstanceCount
721 *
722 * Description Returns max number of multi adv instances supported by
723 * controller
724 *
725 * Returns Max multi adv instance count
726 *
727 ******************************************************************************/
BTM_BleMaxMultiAdvInstanceCount(void)728 uint8_t BTM_BleMaxMultiAdvInstanceCount(void) {
729 if (bluetooth::shim::is_gd_shim_enabled()) {
730 return bluetooth::shim::BTM_BleMaxMultiAdvInstanceCount();
731 }
732 return btm_cb.cmn_ble_vsc_cb.adv_inst_max < BTM_BLE_MULTI_ADV_MAX
733 ? btm_cb.cmn_ble_vsc_cb.adv_inst_max
734 : BTM_BLE_MULTI_ADV_MAX;
735 }
736
737 /*******************************************************************************
738 *
739 * Function BTM_BleLocalPrivacyEnabled
740 *
741 * Description Checks if local device supports private address
742 *
743 * Returns Return true if local privacy is enabled else false
744 *
745 ******************************************************************************/
BTM_BleLocalPrivacyEnabled(void)746 bool BTM_BleLocalPrivacyEnabled(void) {
747 if (bluetooth::shim::is_gd_shim_enabled()) {
748 return bluetooth::shim::BTM_BleLocalPrivacyEnabled();
749 }
750 return (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE);
751 }
752
is_resolving_list_bit_set(void * data,void * context)753 static bool is_resolving_list_bit_set(void* data, void* context) {
754 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
755
756 if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) != 0)
757 return false;
758
759 return true;
760 }
761
762 /*******************************************************************************
763 *
764 * Function btm_set_conn_mode_adv_init_addr
765 *
766 * Description set initator address type and local address type based on
767 * adv mode.
768 *
769 *
770 ******************************************************************************/
btm_set_conn_mode_adv_init_addr(RawAddress & p_peer_addr_ptr,tBLE_ADDR_TYPE * p_peer_addr_type,tBLE_ADDR_TYPE * p_own_addr_type)771 static uint8_t btm_set_conn_mode_adv_init_addr(
772 RawAddress& p_peer_addr_ptr, tBLE_ADDR_TYPE* p_peer_addr_type,
773 tBLE_ADDR_TYPE* p_own_addr_type) {
774 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
775 uint8_t evt_type;
776 tBTM_SEC_DEV_REC* p_dev_rec;
777
778 if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE) {
779 if (p_cb->scan_rsp) {
780 evt_type = BTM_BLE_DISCOVER_EVT;
781 } else {
782 evt_type = BTM_BLE_NON_CONNECT_EVT;
783 }
784 } else {
785 evt_type = BTM_BLE_CONNECT_EVT;
786 }
787
788 if (evt_type == BTM_BLE_CONNECT_EVT) {
789 evt_type = p_cb->directed_conn;
790
791 if (p_cb->directed_conn == BTM_BLE_CONNECT_DIR_EVT ||
792 p_cb->directed_conn == BTM_BLE_CONNECT_LO_DUTY_DIR_EVT) {
793 /* for privacy 1.2, convert peer address as static, own address set as ID
794 * addr */
795 if (btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 ||
796 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED) {
797 /* only do so for bonded device */
798 if ((p_dev_rec = btm_find_or_alloc_dev(p_cb->direct_bda.bda)) != NULL &&
799 p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) {
800 btm_ble_enable_resolving_list(BTM_BLE_RL_ADV);
801 p_peer_addr_ptr = p_dev_rec->ble.identity_address_with_type.bda;
802 *p_peer_addr_type = p_dev_rec->ble.identity_address_with_type.type;
803 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
804 return evt_type;
805 }
806 /* otherwise fall though as normal directed adv */
807 else {
808 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, true);
809 }
810 }
811 /* direct adv mode does not have privacy, if privacy is not enabled */
812 *p_peer_addr_type = p_cb->direct_bda.type;
813 p_peer_addr_ptr = p_cb->direct_bda.bda;
814 return evt_type;
815 }
816 }
817
818 /* undirect adv mode or non-connectable mode*/
819 /* when privacy 1.2 privacy only mode is used, or mixed mode */
820 if ((btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 &&
821 p_cb->afp != AP_SCAN_CONN_ALL) ||
822 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED) {
823 list_node_t* n =
824 list_foreach(btm_cb.sec_dev_rec, is_resolving_list_bit_set, NULL);
825 if (n) {
826 /* if enhanced privacy is required, set Identity address and matching IRK
827 * peer */
828 tBTM_SEC_DEV_REC* p_dev_rec =
829 static_cast<tBTM_SEC_DEV_REC*>(list_node(n));
830 p_peer_addr_ptr = p_dev_rec->ble.identity_address_with_type.bda;
831 *p_peer_addr_type = p_dev_rec->ble.identity_address_with_type.type;
832
833 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
834 } else {
835 /* resolving list is empty, not enabled */
836 *p_own_addr_type = BLE_ADDR_RANDOM;
837 }
838 }
839 /* privacy 1.1, or privacy 1.2, general discoverable/connectable mode, disable
840 privacy in */
841 /* controller fall back to host based privacy */
842 else if (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE) {
843 *p_own_addr_type = BLE_ADDR_RANDOM;
844 }
845
846 /* if no privacy,do not set any peer address,*/
847 /* local address type go by global privacy setting */
848 return evt_type;
849 }
850
851 /**
852 * This function is called to set scan parameters. |cb| is called with operation
853 * status
854 **/
BTM_BleSetScanParams(uint32_t scan_interval,uint32_t scan_window,tBLE_SCAN_MODE scan_mode,base::Callback<void (uint8_t)> cb)855 void BTM_BleSetScanParams(uint32_t scan_interval, uint32_t scan_window,
856 tBLE_SCAN_MODE scan_mode,
857 base::Callback<void(uint8_t)> cb) {
858 if (!controller_get_interface()->supports_ble()) {
859 LOG_INFO("Controller does not support ble");
860 return;
861 }
862
863 uint32_t max_scan_interval = BTM_BLE_EXT_SCAN_INT_MAX;
864 uint32_t max_scan_window = BTM_BLE_EXT_SCAN_WIN_MAX;
865 if (btm_cb.cmn_ble_vsc_cb.extended_scan_support == 0) {
866 max_scan_interval = BTM_BLE_SCAN_INT_MAX;
867 max_scan_window = BTM_BLE_SCAN_WIN_MAX;
868 }
869
870 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
871 if (BTM_BLE_ISVALID_PARAM(scan_interval, BTM_BLE_SCAN_INT_MIN,
872 max_scan_interval) &&
873 BTM_BLE_ISVALID_PARAM(scan_window, BTM_BLE_SCAN_WIN_MIN,
874 max_scan_window) &&
875 (scan_mode == BTM_BLE_SCAN_MODE_ACTI ||
876 scan_mode == BTM_BLE_SCAN_MODE_PASS)) {
877 p_cb->scan_type = scan_mode;
878 p_cb->scan_interval = scan_interval;
879 p_cb->scan_window = scan_window;
880
881 cb.Run(BTM_SUCCESS);
882 } else {
883 cb.Run(BTM_ILLEGAL_VALUE);
884 LOG_WARN("Illegal params: scan_interval = %d scan_window = %d",
885 scan_interval, scan_window);
886 }
887 }
888
889 /*******************************************************************************
890 *
891 * Function BTM__BLEReadDiscoverability
892 *
893 * Description This function is called to read the current LE
894 * discoverability mode of the device.
895 *
896 * Returns BTM_BLE_NON_DISCOVERABLE ,BTM_BLE_LIMITED_DISCOVERABLE or
897 * BTM_BLE_GENRAL_DISCOVERABLE
898 *
899 ******************************************************************************/
BTM_BleReadDiscoverability()900 uint16_t BTM_BleReadDiscoverability() {
901 BTM_TRACE_API("%s", __func__);
902
903 return (btm_cb.ble_ctr_cb.inq_var.discoverable_mode);
904 }
905
906 /*******************************************************************************
907 *
908 * Function BTM__BLEReadConnectability
909 *
910 * Description This function is called to read the current LE
911 * connectability mode of the device.
912 *
913 * Returns BTM_BLE_NON_CONNECTABLE or BTM_BLE_CONNECTABLE
914 *
915 ******************************************************************************/
BTM_BleReadConnectability()916 uint16_t BTM_BleReadConnectability() {
917 BTM_TRACE_API("%s", __func__);
918
919 return (btm_cb.ble_ctr_cb.inq_var.connectable_mode);
920 }
921
922 /*******************************************************************************
923 *
924 * Function btm_ble_select_adv_interval
925 *
926 * Description select adv interval based on device mode
927 *
928 * Returns void
929 *
930 ******************************************************************************/
btm_ble_select_adv_interval(uint8_t evt_type,uint16_t * p_adv_int_min,uint16_t * p_adv_int_max)931 static void btm_ble_select_adv_interval(uint8_t evt_type,
932 uint16_t* p_adv_int_min,
933 uint16_t* p_adv_int_max) {
934 switch (evt_type) {
935 case BTM_BLE_CONNECT_EVT:
936 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
937 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_1;
938 break;
939
940 case BTM_BLE_NON_CONNECT_EVT:
941 case BTM_BLE_DISCOVER_EVT:
942 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_2;
943 break;
944
945 /* connectable directed event */
946 case BTM_BLE_CONNECT_DIR_EVT:
947 *p_adv_int_min = BTM_BLE_GAP_ADV_DIR_MIN_INT;
948 *p_adv_int_max = BTM_BLE_GAP_ADV_DIR_MAX_INT;
949 break;
950
951 default:
952 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_SLOW_INT;
953 break;
954 }
955 }
956
957 /*******************************************************************************
958 *
959 * Function btm_ble_update_dmt_flag_bits
960 *
961 * Description Obtain updated adv flag value based on connect and
962 * discoverability mode. Also, setup DMT support value in the
963 * flag based on whether the controller supports both LE and
964 * BR/EDR.
965 *
966 * Parameters: flag_value (Input / Output) - flag value
967 * connect_mode (Input) - Connect mode value
968 * disc_mode (Input) - discoverability mode
969 *
970 * Returns void
971 *
972 ******************************************************************************/
btm_ble_update_dmt_flag_bits(uint8_t * adv_flag_value,const uint16_t connect_mode,const uint16_t disc_mode)973 void btm_ble_update_dmt_flag_bits(uint8_t* adv_flag_value,
974 const uint16_t connect_mode,
975 const uint16_t disc_mode) {
976 /* BR/EDR non-discoverable , non-connectable */
977 if ((disc_mode & BTM_DISCOVERABLE_MASK) == 0 &&
978 (connect_mode & BTM_CONNECTABLE_MASK) == 0)
979 *adv_flag_value |= BTM_BLE_BREDR_NOT_SPT;
980 else
981 *adv_flag_value &= ~BTM_BLE_BREDR_NOT_SPT;
982
983 /* if local controller support, mark both controller and host support in flag
984 */
985 if (controller_get_interface()->supports_simultaneous_le_bredr())
986 *adv_flag_value |= (BTM_BLE_DMT_CONTROLLER_SPT | BTM_BLE_DMT_HOST_SPT);
987 else
988 *adv_flag_value &= ~(BTM_BLE_DMT_CONTROLLER_SPT | BTM_BLE_DMT_HOST_SPT);
989 }
990
991 /*******************************************************************************
992 *
993 * Function btm_ble_set_adv_flag
994 *
995 * Description Set adv flag in adv data.
996 *
997 * Parameters: connect_mode (Input)- Connect mode value
998 * disc_mode (Input) - discoverability mode
999 *
1000 * Returns void
1001 *
1002 ******************************************************************************/
btm_ble_set_adv_flag(uint16_t connect_mode,uint16_t disc_mode)1003 void btm_ble_set_adv_flag(uint16_t connect_mode, uint16_t disc_mode) {
1004 uint8_t flag = 0, old_flag = 0;
1005 tBTM_BLE_LOCAL_ADV_DATA* p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1006
1007 if (p_adv_data->p_flags != NULL) flag = old_flag = *(p_adv_data->p_flags);
1008
1009 btm_ble_update_dmt_flag_bits(&flag, connect_mode, disc_mode);
1010
1011 LOG_INFO("disc_mode %04x", disc_mode);
1012 /* update discoverable flag */
1013 if (disc_mode & BTM_BLE_LIMITED_DISCOVERABLE) {
1014 flag &= ~BTM_BLE_GEN_DISC_FLAG;
1015 flag |= BTM_BLE_LIMIT_DISC_FLAG;
1016 } else if (disc_mode & BTM_BLE_GENERAL_DISCOVERABLE) {
1017 flag |= BTM_BLE_GEN_DISC_FLAG;
1018 flag &= ~BTM_BLE_LIMIT_DISC_FLAG;
1019 } else /* remove all discoverable flags */
1020 {
1021 flag &= ~(BTM_BLE_LIMIT_DISC_FLAG | BTM_BLE_GEN_DISC_FLAG);
1022 }
1023
1024 if (flag != old_flag) {
1025 btm_ble_update_adv_flag(flag);
1026 }
1027 }
1028 /*******************************************************************************
1029 *
1030 * Function btm_ble_set_discoverability
1031 *
1032 * Description This function is called to set BLE discoverable mode.
1033 *
1034 * Parameters: combined_mode: discoverability mode.
1035 *
1036 * Returns BTM_SUCCESS is status set successfully; otherwise failure.
1037 *
1038 ******************************************************************************/
btm_ble_set_discoverability(uint16_t combined_mode)1039 tBTM_STATUS btm_ble_set_discoverability(uint16_t combined_mode) {
1040 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1041 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
1042 uint16_t mode = (combined_mode & BTM_BLE_DISCOVERABLE_MASK);
1043 uint8_t new_mode = BTM_BLE_ADV_ENABLE;
1044 uint8_t evt_type;
1045 tBTM_STATUS status = BTM_SUCCESS;
1046 RawAddress address = RawAddress::kEmpty;
1047 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC,
1048 own_addr_type = p_addr_cb->own_addr_type;
1049 uint16_t adv_int_min, adv_int_max;
1050
1051 BTM_TRACE_EVENT("%s mode=0x%0x combined_mode=0x%x", __func__, mode,
1052 combined_mode);
1053
1054 /*** Check mode parameter ***/
1055 if (mode > BTM_BLE_MAX_DISCOVERABLE) return (BTM_ILLEGAL_VALUE);
1056
1057 p_cb->discoverable_mode = mode;
1058
1059 evt_type =
1060 btm_set_conn_mode_adv_init_addr(address, &init_addr_type, &own_addr_type);
1061
1062 if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE &&
1063 mode == BTM_BLE_NON_DISCOVERABLE)
1064 new_mode = BTM_BLE_ADV_DISABLE;
1065
1066 btm_ble_select_adv_interval(evt_type, &adv_int_min, &adv_int_max);
1067
1068 alarm_cancel(p_cb->fast_adv_timer);
1069
1070 /* update adv params if start advertising */
1071 BTM_TRACE_EVENT("evt_type=0x%x p-cb->evt_type=0x%x ", evt_type,
1072 p_cb->evt_type);
1073
1074 if (new_mode == BTM_BLE_ADV_ENABLE) {
1075 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode, combined_mode);
1076
1077 if (evt_type != p_cb->evt_type || p_cb->adv_addr_type != own_addr_type ||
1078 !p_cb->fast_adv_on) {
1079 btm_ble_stop_adv();
1080
1081 /* update adv params */
1082 btsnd_hcic_ble_write_adv_params(adv_int_min, adv_int_max, evt_type,
1083 own_addr_type, init_addr_type, address,
1084 p_cb->adv_chnl_map, p_cb->afp);
1085 p_cb->evt_type = evt_type;
1086 p_cb->adv_addr_type = own_addr_type;
1087 }
1088 }
1089
1090 if (status == BTM_SUCCESS && p_cb->adv_mode != new_mode) {
1091 if (new_mode == BTM_BLE_ADV_ENABLE)
1092 status = btm_ble_start_adv();
1093 else
1094 status = btm_ble_stop_adv();
1095 }
1096
1097 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
1098 p_cb->fast_adv_on = true;
1099 /* start initial GAP mode adv timer */
1100 alarm_set_on_mloop(p_cb->fast_adv_timer, BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1101 btm_ble_fast_adv_timer_timeout, NULL);
1102 } else {
1103 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, true);
1104 }
1105
1106 /* set up stop advertising timer */
1107 if (status == BTM_SUCCESS && mode == BTM_BLE_LIMITED_DISCOVERABLE) {
1108 BTM_TRACE_EVENT("start timer for limited disc mode duration=%d ms",
1109 BTM_BLE_GAP_LIM_TIMEOUT_MS);
1110 /* start Tgap(lim_timeout) */
1111 alarm_set_on_mloop(p_cb->inquiry_timer, BTM_BLE_GAP_LIM_TIMEOUT_MS,
1112 btm_ble_inquiry_timer_gap_limited_discovery_timeout,
1113 NULL);
1114 }
1115 return status;
1116 }
1117
1118 /*******************************************************************************
1119 *
1120 * Function btm_ble_set_connectability
1121 *
1122 * Description This function is called to set BLE connectability mode.
1123 *
1124 * Parameters: combined_mode: connectability mode.
1125 *
1126 * Returns BTM_SUCCESS is status set successfully; otherwise failure.
1127 *
1128 ******************************************************************************/
btm_ble_set_connectability(uint16_t combined_mode)1129 tBTM_STATUS btm_ble_set_connectability(uint16_t combined_mode) {
1130 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1131 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
1132 uint16_t mode = (combined_mode & BTM_BLE_CONNECTABLE_MASK);
1133 uint8_t new_mode = BTM_BLE_ADV_ENABLE;
1134 uint8_t evt_type;
1135 tBTM_STATUS status = BTM_SUCCESS;
1136 RawAddress address = RawAddress::kEmpty;
1137 tBLE_ADDR_TYPE peer_addr_type = BLE_ADDR_PUBLIC,
1138 own_addr_type = p_addr_cb->own_addr_type;
1139 uint16_t adv_int_min, adv_int_max;
1140
1141 BTM_TRACE_EVENT("%s mode=0x%0x combined_mode=0x%x", __func__, mode,
1142 combined_mode);
1143
1144 /*** Check mode parameter ***/
1145 if (mode > BTM_BLE_MAX_CONNECTABLE) return (BTM_ILLEGAL_VALUE);
1146
1147 p_cb->connectable_mode = mode;
1148
1149 evt_type =
1150 btm_set_conn_mode_adv_init_addr(address, &peer_addr_type, &own_addr_type);
1151
1152 if (mode == BTM_BLE_NON_CONNECTABLE &&
1153 p_cb->discoverable_mode == BTM_BLE_NON_DISCOVERABLE)
1154 new_mode = BTM_BLE_ADV_DISABLE;
1155
1156 btm_ble_select_adv_interval(evt_type, &adv_int_min, &adv_int_max);
1157
1158 alarm_cancel(p_cb->fast_adv_timer);
1159 /* update adv params if needed */
1160 if (new_mode == BTM_BLE_ADV_ENABLE) {
1161 btm_ble_set_adv_flag(combined_mode, btm_cb.btm_inq_vars.discoverable_mode);
1162 if (p_cb->evt_type != evt_type ||
1163 p_cb->adv_addr_type != p_addr_cb->own_addr_type || !p_cb->fast_adv_on) {
1164 btm_ble_stop_adv();
1165
1166 btsnd_hcic_ble_write_adv_params(adv_int_min, adv_int_max, evt_type,
1167 own_addr_type, peer_addr_type, address,
1168 p_cb->adv_chnl_map, p_cb->afp);
1169 p_cb->evt_type = evt_type;
1170 p_cb->adv_addr_type = own_addr_type;
1171 }
1172 }
1173
1174 /* update advertising mode */
1175 if (status == BTM_SUCCESS && new_mode != p_cb->adv_mode) {
1176 if (new_mode == BTM_BLE_ADV_ENABLE)
1177 status = btm_ble_start_adv();
1178 else
1179 status = btm_ble_stop_adv();
1180 }
1181
1182 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
1183 p_cb->fast_adv_on = true;
1184 /* start initial GAP mode adv timer */
1185 alarm_set_on_mloop(p_cb->fast_adv_timer, BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1186 btm_ble_fast_adv_timer_timeout, NULL);
1187 } else {
1188 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, true);
1189 }
1190 return status;
1191 }
1192
btm_send_hci_scan_enable(uint8_t enable,uint8_t filter_duplicates)1193 static void btm_send_hci_scan_enable(uint8_t enable,
1194 uint8_t filter_duplicates) {
1195 if (controller_get_interface()->supports_ble_extended_advertising()) {
1196 btsnd_hcic_ble_set_extended_scan_enable(enable, filter_duplicates, 0x0000,
1197 0x0000);
1198 } else {
1199 btsnd_hcic_ble_set_scan_enable(enable, filter_duplicates);
1200 }
1201 }
1202
btm_send_hci_set_scan_params(uint8_t scan_type,uint16_t scan_int,uint16_t scan_win,uint8_t addr_type_own,uint8_t scan_filter_policy)1203 void btm_send_hci_set_scan_params(uint8_t scan_type, uint16_t scan_int,
1204 uint16_t scan_win, uint8_t addr_type_own,
1205 uint8_t scan_filter_policy) {
1206 if (controller_get_interface()->supports_ble_extended_advertising()) {
1207 scanning_phy_cfg phy_cfg;
1208 phy_cfg.scan_type = scan_type;
1209 phy_cfg.scan_int = scan_int;
1210 phy_cfg.scan_win = scan_win;
1211
1212 btsnd_hcic_ble_set_extended_scan_params(addr_type_own, scan_filter_policy,
1213 1, &phy_cfg);
1214 } else {
1215 btsnd_hcic_ble_set_scan_params(scan_type, scan_int, scan_win, addr_type_own,
1216 scan_filter_policy);
1217 }
1218 }
1219
1220 /*******************************************************************************
1221 *
1222 * Function btm_ble_start_inquiry
1223 *
1224 * Description This function is called to start BLE inquiry procedure.
1225 * If the duration is zero, the periodic inquiry mode is
1226 * cancelled.
1227 *
1228 * Parameters: mode - GENERAL or LIMITED inquiry
1229 * p_inq_params - pointer to the BLE inquiry parameter.
1230 * p_results_cb - callback returning pointer to results
1231 * (tBTM_INQ_RESULTS)
1232 * p_cmpl_cb - callback indicating the end of an inquiry
1233 *
1234 *
1235 *
1236 * Returns BTM_CMD_STARTED if successfully started
1237 * BTM_NO_RESOURCES if could not allocate a message buffer
1238 * BTM_BUSY - if an inquiry is already active
1239 *
1240 ******************************************************************************/
btm_ble_start_inquiry(uint8_t duration)1241 tBTM_STATUS btm_ble_start_inquiry(uint8_t duration) {
1242 tBTM_STATUS status = BTM_CMD_STARTED;
1243 tBTM_BLE_CB* p_ble_cb = &btm_cb.ble_ctr_cb;
1244 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1245
1246 BTM_TRACE_DEBUG("btm_ble_start_inquiry: inq_active = 0x%02x",
1247 btm_cb.btm_inq_vars.inq_active);
1248
1249 /* if selective connection is active, or inquiry is already active, reject it
1250 */
1251 if (p_ble_cb->is_ble_inquiry_active()) {
1252 BTM_TRACE_ERROR("LE Inquiry is active, can not start inquiry");
1253 return (BTM_BUSY);
1254 }
1255
1256 if (!p_ble_cb->is_ble_scan_active()) {
1257 cache.ClearAll();
1258 btm_send_hci_set_scan_params(
1259 BTM_BLE_SCAN_MODE_ACTI, BTM_BLE_LOW_LATENCY_SCAN_INT,
1260 BTM_BLE_LOW_LATENCY_SCAN_WIN,
1261 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, SP_ADV_ALL);
1262 /* enable IRK list */
1263 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
1264 p_ble_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_ACTI;
1265 btm_ble_start_scan();
1266 } else if ((p_ble_cb->inq_var.scan_interval !=
1267 BTM_BLE_LOW_LATENCY_SCAN_INT) ||
1268 (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
1269 BTM_TRACE_DEBUG("%s, restart LE scan with low latency scan params",
1270 __func__);
1271 btm_send_hci_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
1272 btm_send_hci_set_scan_params(
1273 BTM_BLE_SCAN_MODE_ACTI, BTM_BLE_LOW_LATENCY_SCAN_INT,
1274 BTM_BLE_LOW_LATENCY_SCAN_WIN,
1275 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, SP_ADV_ALL);
1276 btm_send_hci_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
1277 }
1278
1279 if (status == BTM_CMD_STARTED) {
1280 p_inq->inq_active |= BTM_BLE_GENERAL_INQUIRY;
1281 p_ble_cb->set_ble_inquiry_active();
1282
1283 BTM_TRACE_DEBUG("btm_ble_start_inquiry inq_active = 0x%02x",
1284 p_inq->inq_active);
1285
1286 if (duration != 0) {
1287 /* start inquiry timer */
1288 uint64_t duration_ms = duration * 1000;
1289 alarm_set_on_mloop(p_ble_cb->inq_var.inquiry_timer, duration_ms,
1290 btm_ble_inquiry_timer_timeout, NULL);
1291 }
1292 }
1293
1294 return status;
1295 }
1296
1297 /*******************************************************************************
1298 *
1299 * Function btm_ble_read_remote_name_cmpl
1300 *
1301 * Description This function is called when BLE remote name is received.
1302 *
1303 * Returns void
1304 *
1305 ******************************************************************************/
btm_ble_read_remote_name_cmpl(bool status,const RawAddress & bda,uint16_t length,char * p_name)1306 void btm_ble_read_remote_name_cmpl(bool status, const RawAddress& bda,
1307 uint16_t length, char* p_name) {
1308 tHCI_STATUS hci_status = HCI_SUCCESS;
1309 BD_NAME bd_name;
1310
1311 memset(bd_name, 0, (BD_NAME_LEN + 1));
1312 if (length > BD_NAME_LEN) {
1313 length = BD_NAME_LEN;
1314 }
1315 memcpy((uint8_t*)bd_name, p_name, length);
1316
1317 if ((!status) || (length == 0)) {
1318 hci_status = HCI_ERR_HOST_TIMEOUT;
1319 }
1320
1321 btm_process_remote_name(&bda, bd_name, length + 1, hci_status);
1322 btm_sec_rmt_name_request_complete(&bda, (uint8_t*)p_name, hci_status);
1323 }
1324
1325 /*******************************************************************************
1326 *
1327 * Function btm_ble_read_remote_name
1328 *
1329 * Description This function read remote LE device name using GATT read
1330 * procedure.
1331 *
1332 * Parameters: None.
1333 *
1334 * Returns void
1335 *
1336 ******************************************************************************/
btm_ble_read_remote_name(const RawAddress & remote_bda,tBTM_CMPL_CB * p_cb)1337 tBTM_STATUS btm_ble_read_remote_name(const RawAddress& remote_bda,
1338 tBTM_CMPL_CB* p_cb) {
1339 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1340
1341 if (!controller_get_interface()->supports_ble()) return BTM_ERR_PROCESSING;
1342
1343 tINQ_DB_ENT* p_i = btm_inq_db_find(remote_bda);
1344 if (p_i && !ble_evt_type_is_connectable(p_i->inq_info.results.ble_evt_type)) {
1345 BTM_TRACE_DEBUG("name request to non-connectable device failed.");
1346 return BTM_ERR_PROCESSING;
1347 }
1348
1349 /* read remote device name using GATT procedure */
1350 if (p_inq->remname_active) return BTM_BUSY;
1351
1352 if (!GAP_BleReadPeerDevName(remote_bda, btm_ble_read_remote_name_cmpl))
1353 return BTM_BUSY;
1354
1355 p_inq->p_remname_cmpl_cb = p_cb;
1356 p_inq->remname_active = true;
1357 p_inq->remname_bda = remote_bda;
1358
1359 alarm_set_on_mloop(p_inq->remote_name_timer, BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS,
1360 btm_inq_remote_name_timer_timeout, NULL);
1361
1362 return BTM_CMD_STARTED;
1363 }
1364
1365 /*******************************************************************************
1366 *
1367 * Function btm_ble_cancel_remote_name
1368 *
1369 * Description This function cancel read remote LE device name.
1370 *
1371 * Parameters: None.
1372 *
1373 * Returns void
1374 *
1375 ******************************************************************************/
btm_ble_cancel_remote_name(const RawAddress & remote_bda)1376 bool btm_ble_cancel_remote_name(const RawAddress& remote_bda) {
1377 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1378 bool status;
1379
1380 status = GAP_BleCancelReadPeerDevName(remote_bda);
1381
1382 p_inq->remname_active = false;
1383 p_inq->remname_bda = RawAddress::kEmpty;
1384 alarm_cancel(p_inq->remote_name_timer);
1385
1386 return status;
1387 }
1388
1389 /*******************************************************************************
1390 *
1391 * Function btm_ble_update_adv_flag
1392 *
1393 * Description This function update the limited discoverable flag in the
1394 * adv data.
1395 *
1396 * Parameters: None.
1397 *
1398 * Returns void
1399 *
1400 ******************************************************************************/
btm_ble_update_adv_flag(uint8_t flag)1401 static void btm_ble_update_adv_flag(uint8_t flag) {
1402 tBTM_BLE_LOCAL_ADV_DATA* p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1403 uint8_t* p;
1404
1405 BTM_TRACE_DEBUG("btm_ble_update_adv_flag new=0x%x", flag);
1406
1407 if (p_adv_data->p_flags != NULL) {
1408 BTM_TRACE_DEBUG("btm_ble_update_adv_flag old=0x%x", *p_adv_data->p_flags);
1409 *p_adv_data->p_flags = flag;
1410 } else /* no FLAGS in ADV data*/
1411 {
1412 p = (p_adv_data->p_pad == NULL) ? p_adv_data->ad_data : p_adv_data->p_pad;
1413 /* need 3 bytes space to stuff in the flags, if not */
1414 /* erase all written data, just for flags */
1415 if ((BTM_BLE_AD_DATA_LEN - (p - p_adv_data->ad_data)) < 3) {
1416 p = p_adv_data->p_pad = p_adv_data->ad_data;
1417 memset(p_adv_data->ad_data, 0, BTM_BLE_AD_DATA_LEN);
1418 }
1419
1420 *p++ = 2;
1421 *p++ = BTM_BLE_AD_TYPE_FLAG;
1422 p_adv_data->p_flags = p;
1423 *p++ = flag;
1424 p_adv_data->p_pad = p;
1425 }
1426
1427 btsnd_hcic_ble_set_adv_data(
1428 (uint8_t)(p_adv_data->p_pad - p_adv_data->ad_data), p_adv_data->ad_data);
1429 p_adv_data->data_mask |= BTM_BLE_AD_BIT_FLAGS;
1430 }
1431
1432 /**
1433 * Check ADV flag to make sure device is discoverable and match the search
1434 * condition
1435 */
btm_ble_is_discoverable(const RawAddress & bda,std::vector<uint8_t> const & adv_data)1436 static uint8_t btm_ble_is_discoverable(const RawAddress& bda,
1437 std::vector<uint8_t> const& adv_data) {
1438 uint8_t scan_state = BTM_BLE_NOT_SCANNING;
1439
1440 /* for observer, always "discoverable */
1441 if (btm_cb.ble_ctr_cb.is_ble_observe_active())
1442 scan_state |= BTM_BLE_OBS_RESULT;
1443
1444 if (!adv_data.empty()) {
1445 uint8_t flag = 0;
1446 uint8_t data_len;
1447 const uint8_t* p_flag = AdvertiseDataParser::GetFieldByType(
1448 adv_data, BTM_BLE_AD_TYPE_FLAG, &data_len);
1449 if (p_flag != NULL && data_len != 0) {
1450 flag = *p_flag;
1451
1452 if ((btm_cb.btm_inq_vars.inq_active & BTM_BLE_GENERAL_INQUIRY) &&
1453 (flag & (BTM_BLE_LIMIT_DISC_FLAG | BTM_BLE_GEN_DISC_FLAG)) != 0) {
1454 scan_state |= BTM_BLE_INQ_RESULT;
1455 }
1456 }
1457 }
1458 return scan_state;
1459 }
1460
btm_ble_appearance_to_cod(uint16_t appearance,uint8_t * dev_class)1461 static void btm_ble_appearance_to_cod(uint16_t appearance, uint8_t* dev_class) {
1462 dev_class[0] = 0;
1463
1464 switch (appearance) {
1465 case BTM_BLE_APPEARANCE_GENERIC_PHONE:
1466 dev_class[1] = BTM_COD_MAJOR_PHONE;
1467 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1468 break;
1469 case BTM_BLE_APPEARANCE_GENERIC_COMPUTER:
1470 dev_class[1] = BTM_COD_MAJOR_COMPUTER;
1471 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1472 break;
1473 case BTM_BLE_APPEARANCE_GENERIC_REMOTE:
1474 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1475 dev_class[2] = BTM_COD_MINOR_REMOTE_CONTROL;
1476 break;
1477 case BTM_BLE_APPEARANCE_GENERIC_THERMOMETER:
1478 case BTM_BLE_APPEARANCE_THERMOMETER_EAR:
1479 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1480 dev_class[2] = BTM_COD_MINOR_THERMOMETER;
1481 break;
1482 case BTM_BLE_APPEARANCE_GENERIC_HEART_RATE:
1483 case BTM_BLE_APPEARANCE_HEART_RATE_BELT:
1484 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1485 dev_class[2] = BTM_COD_MINOR_HEART_PULSE_MONITOR;
1486 break;
1487 case BTM_BLE_APPEARANCE_GENERIC_BLOOD_PRESSURE:
1488 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_ARM:
1489 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_WRIST:
1490 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1491 dev_class[2] = BTM_COD_MINOR_BLOOD_MONITOR;
1492 break;
1493 case BTM_BLE_APPEARANCE_GENERIC_PULSE_OXIMETER:
1494 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_FINGERTIP:
1495 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_WRIST:
1496 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1497 dev_class[2] = BTM_COD_MINOR_PULSE_OXIMETER;
1498 break;
1499 case BTM_BLE_APPEARANCE_GENERIC_GLUCOSE:
1500 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1501 dev_class[2] = BTM_COD_MINOR_GLUCOSE_METER;
1502 break;
1503 case BTM_BLE_APPEARANCE_GENERIC_WEIGHT:
1504 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1505 dev_class[2] = BTM_COD_MINOR_WEIGHING_SCALE;
1506 break;
1507 case BTM_BLE_APPEARANCE_GENERIC_WALKING:
1508 case BTM_BLE_APPEARANCE_WALKING_IN_SHOE:
1509 case BTM_BLE_APPEARANCE_WALKING_ON_SHOE:
1510 case BTM_BLE_APPEARANCE_WALKING_ON_HIP:
1511 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1512 dev_class[2] = BTM_COD_MINOR_STEP_COUNTER;
1513 break;
1514 case BTM_BLE_APPEARANCE_GENERIC_WATCH:
1515 case BTM_BLE_APPEARANCE_SPORTS_WATCH:
1516 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
1517 dev_class[2] = BTM_COD_MINOR_WRIST_WATCH;
1518 break;
1519 case BTM_BLE_APPEARANCE_GENERIC_EYEGLASSES:
1520 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
1521 dev_class[2] = BTM_COD_MINOR_GLASSES;
1522 break;
1523 case BTM_BLE_APPEARANCE_GENERIC_DISPLAY:
1524 dev_class[1] = BTM_COD_MAJOR_IMAGING;
1525 dev_class[2] = BTM_COD_MINOR_DISPLAY;
1526 break;
1527 case BTM_BLE_APPEARANCE_GENERIC_MEDIA_PLAYER:
1528 dev_class[1] = BTM_COD_MAJOR_AUDIO;
1529 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1530 break;
1531 case BTM_BLE_APPEARANCE_GENERIC_BARCODE_SCANNER:
1532 case BTM_BLE_APPEARANCE_HID_BARCODE_SCANNER:
1533 case BTM_BLE_APPEARANCE_GENERIC_HID:
1534 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1535 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1536 break;
1537 case BTM_BLE_APPEARANCE_HID_KEYBOARD:
1538 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1539 dev_class[2] = BTM_COD_MINOR_KEYBOARD;
1540 break;
1541 case BTM_BLE_APPEARANCE_HID_MOUSE:
1542 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1543 dev_class[2] = BTM_COD_MINOR_POINTING;
1544 break;
1545 case BTM_BLE_APPEARANCE_HID_JOYSTICK:
1546 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1547 dev_class[2] = BTM_COD_MINOR_JOYSTICK;
1548 break;
1549 case BTM_BLE_APPEARANCE_HID_GAMEPAD:
1550 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1551 dev_class[2] = BTM_COD_MINOR_GAMEPAD;
1552 break;
1553 case BTM_BLE_APPEARANCE_HID_DIGITIZER_TABLET:
1554 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1555 dev_class[2] = BTM_COD_MINOR_DIGITIZING_TABLET;
1556 break;
1557 case BTM_BLE_APPEARANCE_HID_CARD_READER:
1558 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1559 dev_class[2] = BTM_COD_MINOR_CARD_READER;
1560 break;
1561 case BTM_BLE_APPEARANCE_HID_DIGITAL_PEN:
1562 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1563 dev_class[2] = BTM_COD_MINOR_DIGITAL_PAN;
1564 break;
1565 case BTM_BLE_APPEARANCE_UKNOWN:
1566 case BTM_BLE_APPEARANCE_GENERIC_CLOCK:
1567 case BTM_BLE_APPEARANCE_GENERIC_TAG:
1568 case BTM_BLE_APPEARANCE_GENERIC_KEYRING:
1569 case BTM_BLE_APPEARANCE_GENERIC_CYCLING:
1570 case BTM_BLE_APPEARANCE_CYCLING_COMPUTER:
1571 case BTM_BLE_APPEARANCE_CYCLING_SPEED:
1572 case BTM_BLE_APPEARANCE_CYCLING_CADENCE:
1573 case BTM_BLE_APPEARANCE_CYCLING_POWER:
1574 case BTM_BLE_APPEARANCE_CYCLING_SPEED_CADENCE:
1575 case BTM_BLE_APPEARANCE_GENERIC_OUTDOOR_SPORTS:
1576 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION:
1577 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_AND_NAV:
1578 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD:
1579 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD_AND_NAV:
1580 default:
1581 dev_class[1] = BTM_COD_MAJOR_UNCLASSIFIED;
1582 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1583 };
1584 }
1585
1586 /**
1587 * Update adv packet information into inquiry result.
1588 */
btm_ble_update_inq_result(tINQ_DB_ENT * p_i,uint8_t addr_type,const RawAddress & bda,uint16_t evt_type,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,std::vector<uint8_t> const & data)1589 void btm_ble_update_inq_result(tINQ_DB_ENT* p_i, uint8_t addr_type,
1590 const RawAddress& bda, uint16_t evt_type,
1591 uint8_t primary_phy, uint8_t secondary_phy,
1592 uint8_t advertising_sid, int8_t tx_power,
1593 int8_t rssi, uint16_t periodic_adv_int,
1594 std::vector<uint8_t> const& data) {
1595 tBTM_INQ_RESULTS* p_cur = &p_i->inq_info.results;
1596 uint8_t len;
1597 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1598
1599 /* Save the info */
1600 p_cur->inq_result_type |= BTM_INQ_RESULT_BLE;
1601 p_cur->ble_addr_type = static_cast<tBLE_ADDR_TYPE>(addr_type);
1602 p_cur->rssi = rssi;
1603 p_cur->ble_primary_phy = primary_phy;
1604 p_cur->ble_secondary_phy = secondary_phy;
1605 p_cur->ble_advertising_sid = advertising_sid;
1606 p_cur->ble_tx_power = tx_power;
1607 p_cur->ble_periodic_adv_int = periodic_adv_int;
1608
1609 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI &&
1610 ble_evt_type_is_scannable(evt_type) &&
1611 !ble_evt_type_is_scan_resp(evt_type)) {
1612 p_i->scan_rsp = false;
1613 } else
1614 p_i->scan_rsp = true;
1615
1616 if (p_i->inq_count != p_inq->inq_counter)
1617 p_cur->device_type = BT_DEVICE_TYPE_BLE;
1618 else
1619 p_cur->device_type |= BT_DEVICE_TYPE_BLE;
1620
1621 if (evt_type != BTM_BLE_SCAN_RSP_EVT) p_cur->ble_evt_type = evt_type;
1622
1623 p_i->inq_count = p_inq->inq_counter; /* Mark entry for current inquiry */
1624
1625 if (!data.empty()) {
1626 const uint8_t* p_flag =
1627 AdvertiseDataParser::GetFieldByType(data, BTM_BLE_AD_TYPE_FLAG, &len);
1628 if (p_flag != NULL && len != 0) p_cur->flag = *p_flag;
1629 }
1630
1631 if (!data.empty()) {
1632 /* Check to see the BLE device has the Appearance UUID in the advertising
1633 * data. If it does
1634 * then try to convert the appearance value to a class of device value
1635 * Bluedroid can use.
1636 * Otherwise fall back to trying to infer if it is a HID device based on the
1637 * service class.
1638 */
1639 const uint8_t* p_uuid16 = AdvertiseDataParser::GetFieldByType(
1640 data, BTM_BLE_AD_TYPE_APPEARANCE, &len);
1641 if (p_uuid16 && len == 2) {
1642 btm_ble_appearance_to_cod((uint16_t)p_uuid16[0] | (p_uuid16[1] << 8),
1643 p_cur->dev_class);
1644 } else {
1645 p_uuid16 = AdvertiseDataParser::GetFieldByType(
1646 data, BTM_BLE_AD_TYPE_16SRV_CMPL, &len);
1647 if (p_uuid16 != NULL) {
1648 uint8_t i;
1649 for (i = 0; i + 2 <= len; i = i + 2) {
1650 /* if this BLE device support HID over LE, set HID Major in class of
1651 * device */
1652 if ((p_uuid16[i] | (p_uuid16[i + 1] << 8)) == UUID_SERVCLASS_LE_HID) {
1653 p_cur->dev_class[0] = 0;
1654 p_cur->dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1655 p_cur->dev_class[2] = 0;
1656 break;
1657 }
1658 }
1659 }
1660 }
1661 }
1662
1663 if ((p_cur->flag & BTM_BLE_BREDR_NOT_SPT) == 0 &&
1664 !ble_evt_type_is_directed(evt_type)) {
1665 if (p_cur->ble_addr_type != BLE_ADDR_RANDOM) {
1666 LOG_VERBOSE("NOT_BR_EDR support bit not set, treat device as DUMO");
1667 p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
1668 } else {
1669 LOG_VERBOSE("Random address, treat device as LE only");
1670 }
1671 } else {
1672 LOG_VERBOSE("NOT_BR/EDR support bit set, treat device as LE only");
1673 }
1674 }
1675
1676 /*******************************************************************************
1677 *
1678 * Function btm_clear_all_pending_le_entry
1679 *
1680 * Description This function is called to clear all LE pending entry in
1681 * inquiry database.
1682 *
1683 * Returns void
1684 *
1685 ******************************************************************************/
btm_clear_all_pending_le_entry(void)1686 void btm_clear_all_pending_le_entry(void) {
1687 uint16_t xx;
1688 tINQ_DB_ENT* p_ent = btm_cb.btm_inq_vars.inq_db;
1689
1690 for (xx = 0; xx < BTM_INQ_DB_SIZE; xx++, p_ent++) {
1691 /* mark all pending LE entry as unused if an LE only device has scan
1692 * response outstanding */
1693 if ((p_ent->in_use) &&
1694 (p_ent->inq_info.results.device_type == BT_DEVICE_TYPE_BLE) &&
1695 !p_ent->scan_rsp)
1696 p_ent->in_use = false;
1697 }
1698 }
1699
btm_ble_process_adv_addr(RawAddress & bda,uint8_t * addr_type)1700 void btm_ble_process_adv_addr(RawAddress& bda, uint8_t* addr_type) {
1701 /* map address to security record */
1702 bool match = btm_identity_addr_to_random_pseudo(&bda, addr_type, false);
1703
1704 VLOG(1) << __func__ << ": bda=" << bda;
1705 /* always do RRA resolution on host */
1706 if (!match && BTM_BLE_IS_RESOLVE_BDA(bda)) {
1707 tBTM_SEC_DEV_REC* match_rec = btm_ble_resolve_random_addr(bda);
1708 if (match_rec) {
1709 match_rec->ble.active_addr_type = tBTM_SEC_BLE::BTM_BLE_ADDR_RRA;
1710 match_rec->ble.cur_rand_addr = bda;
1711
1712 if (btm_ble_init_pseudo_addr(match_rec, bda)) {
1713 bda = match_rec->bd_addr;
1714 } else {
1715 // Assign the original address to be the current report address
1716 bda = match_rec->ble.pseudo_addr;
1717 *addr_type = match_rec->ble.ble_addr_type;
1718 }
1719 }
1720 }
1721 }
1722
1723 /**
1724 * This function is called when extended advertising report event is received .
1725 * It updates the inquiry database. If the inquiry database is full, the oldest
1726 * entry is discarded.
1727 */
btm_ble_process_ext_adv_pkt(uint8_t data_len,uint8_t * data)1728 void btm_ble_process_ext_adv_pkt(uint8_t data_len, uint8_t* data) {
1729 RawAddress bda, direct_address;
1730 uint8_t* p = data;
1731 uint8_t addr_type, num_reports, pkt_data_len, primary_phy, secondary_phy,
1732 advertising_sid;
1733 int8_t rssi, tx_power;
1734 uint16_t event_type, periodic_adv_int, direct_address_type;
1735
1736 /* Only process the results if the inquiry is still active */
1737 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) return;
1738
1739 /* Extract the number of reports in this event. */
1740 STREAM_TO_UINT8(num_reports, p);
1741
1742 constexpr int extended_report_header_size = 24;
1743 while (num_reports--) {
1744 if (p + extended_report_header_size > data + data_len) {
1745 // TODO(jpawlowski): we should crash the stack here
1746 BTM_TRACE_ERROR(
1747 "Malformed LE Extended Advertising Report Event from controller - "
1748 "can't loop the data");
1749 return;
1750 }
1751
1752 /* Extract inquiry results */
1753 STREAM_TO_UINT16(event_type, p);
1754 STREAM_TO_UINT8(addr_type, p);
1755 STREAM_TO_BDADDR(bda, p);
1756 STREAM_TO_UINT8(primary_phy, p);
1757 STREAM_TO_UINT8(secondary_phy, p);
1758 STREAM_TO_UINT8(advertising_sid, p);
1759 STREAM_TO_INT8(tx_power, p);
1760 STREAM_TO_INT8(rssi, p);
1761 STREAM_TO_UINT16(periodic_adv_int, p);
1762 STREAM_TO_UINT8(direct_address_type, p);
1763 STREAM_TO_BDADDR(direct_address, p);
1764 STREAM_TO_UINT8(pkt_data_len, p);
1765
1766 uint8_t* pkt_data = p;
1767 p += pkt_data_len; /* Advance to the the next packet*/
1768 if (p > data + data_len) {
1769 LOG(ERROR) << "Invalid pkt_data_len: " << +pkt_data_len;
1770 return;
1771 }
1772
1773 if (rssi >= 21 && rssi <= 126) {
1774 BTM_TRACE_ERROR("%s: bad rssi value in advertising report: %d", __func__,
1775 rssi);
1776 }
1777
1778 // Store this to pass up the callback chain to GattService#onScanResult for the check
1779 // in ScanFilter#matches
1780 RawAddress original_bda = bda;
1781
1782 if (addr_type != BLE_ADDR_ANONYMOUS) {
1783 btm_ble_process_adv_addr(bda, &addr_type);
1784 }
1785
1786 btm_ble_process_adv_pkt_cont(event_type, addr_type, bda, primary_phy,
1787 secondary_phy, advertising_sid, tx_power, rssi,
1788 periodic_adv_int, pkt_data_len, pkt_data, original_bda);
1789 }
1790 }
1791
1792 /**
1793 * This function is called when advertising report event is received. It updates
1794 * the inquiry database. If the inquiry database is full, the oldest entry is
1795 * discarded.
1796 */
btm_ble_process_adv_pkt(uint8_t data_len,uint8_t * data)1797 void btm_ble_process_adv_pkt(uint8_t data_len, uint8_t* data) {
1798 RawAddress bda;
1799 uint8_t* p = data;
1800 uint8_t legacy_evt_type, addr_type, num_reports, pkt_data_len;
1801 int8_t rssi;
1802
1803 /* Only process the results if the inquiry is still active */
1804 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) return;
1805
1806 /* Extract the number of reports in this event. */
1807 STREAM_TO_UINT8(num_reports, p);
1808
1809 constexpr int report_header_size = 10;
1810 while (num_reports--) {
1811 if (p + report_header_size > data + data_len) {
1812 // TODO(jpawlowski): we should crash the stack here
1813 BTM_TRACE_ERROR("Malformed LE Advertising Report Event from controller");
1814 return;
1815 }
1816
1817 /* Extract inquiry results */
1818 STREAM_TO_UINT8(legacy_evt_type, p);
1819 STREAM_TO_UINT8(addr_type, p);
1820 STREAM_TO_BDADDR(bda, p);
1821 STREAM_TO_UINT8(pkt_data_len, p);
1822
1823 uint8_t* pkt_data = p;
1824 p += pkt_data_len; /* Advance to the the rssi byte */
1825 if (p > data + data_len - sizeof(rssi)) {
1826 LOG(ERROR) << "Invalid pkt_data_len: " << +pkt_data_len;
1827 return;
1828 }
1829
1830 STREAM_TO_INT8(rssi, p);
1831
1832 if (rssi >= 21 && rssi <= 126) {
1833 BTM_TRACE_ERROR("%s: bad rssi value in advertising report: ", __func__,
1834 pkt_data_len, rssi);
1835 }
1836
1837 // Pass up the address to GattService#onScanResult to use in ScanFilter#matches
1838 RawAddress original_bda = bda;
1839
1840 btm_ble_process_adv_addr(bda, &addr_type);
1841
1842 uint16_t event_type;
1843 event_type = 1 << BLE_EVT_LEGACY_BIT;
1844 if (legacy_evt_type == BTM_BLE_ADV_IND_EVT) {
1845 event_type |= (1 << BLE_EVT_CONNECTABLE_BIT)|
1846 (1 << BLE_EVT_SCANNABLE_BIT);
1847 } else if (legacy_evt_type == BTM_BLE_ADV_DIRECT_IND_EVT) {
1848 event_type |= (1 << BLE_EVT_CONNECTABLE_BIT)|
1849 (1 << BLE_EVT_DIRECTED_BIT);
1850 } else if (legacy_evt_type == BTM_BLE_ADV_SCAN_IND_EVT) {
1851 event_type |= (1 << BLE_EVT_SCANNABLE_BIT);
1852 } else if (legacy_evt_type == BTM_BLE_ADV_NONCONN_IND_EVT) {
1853 event_type = (1 << BLE_EVT_LEGACY_BIT);//0x0010;
1854 } else if (legacy_evt_type == BTM_BLE_SCAN_RSP_EVT) { // SCAN_RSP;
1855 // We can't distinguish between "SCAN_RSP to an ADV_IND", and "SCAN_RSP to
1856 // an ADV_SCAN_IND", so always return "SCAN_RSP to an ADV_IND"
1857 event_type |= (1 << BLE_EVT_CONNECTABLE_BIT)|
1858 (1 << BLE_EVT_SCANNABLE_BIT)|
1859 (1 << BLE_EVT_SCAN_RESPONSE_BIT);
1860 } else {
1861 BTM_TRACE_ERROR(
1862 "Malformed LE Advertising Report Event - unsupported "
1863 "legacy_event_type 0x%02x",
1864 legacy_evt_type);
1865 return;
1866 }
1867
1868 btm_ble_process_adv_pkt_cont(
1869 event_type, addr_type, bda, PHY_LE_1M, PHY_LE_NO_PACKET, NO_ADI_PRESENT,
1870 TX_POWER_NOT_PRESENT, rssi, 0x00 /* no periodic adv */, pkt_data_len,
1871 pkt_data, original_bda);
1872 }
1873 }
1874
1875 /**
1876 * This function is called after random address resolution is done, and proceed
1877 * to process adv packet.
1878 */
btm_ble_process_adv_pkt_cont(uint16_t evt_type,uint8_t addr_type,const RawAddress & bda,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,uint8_t data_len,uint8_t * data,const RawAddress & original_bda)1879 void btm_ble_process_adv_pkt_cont(uint16_t evt_type, uint8_t addr_type,
1880 const RawAddress& bda, uint8_t primary_phy,
1881 uint8_t secondary_phy,
1882 uint8_t advertising_sid, int8_t tx_power,
1883 int8_t rssi, uint16_t periodic_adv_int,
1884 uint8_t data_len, uint8_t* data,
1885 const RawAddress& original_bda) {
1886 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
1887 bool update = true;
1888
1889 std::vector<uint8_t> tmp;
1890 if (data_len != 0) tmp.insert(tmp.begin(), data, data + data_len);
1891
1892 bool is_scannable = ble_evt_type_is_scannable(evt_type);
1893 bool is_scan_resp = ble_evt_type_is_scan_resp(evt_type);
1894 bool is_legacy = ble_evt_type_is_legacy(evt_type);
1895
1896 // We might receive a legacy scan response without receving a ADV_IND
1897 // or ADV_SCAN_IND before. Only parsing the scan response data which
1898 // has no ad flag, the device will be set to DUMO mode. The createbond
1899 // procedure will use the wrong device mode.
1900 // In such case no necessary to report scan response
1901 if(is_legacy && is_scan_resp && !cache.Exist(addr_type, bda))
1902 return;
1903
1904 bool is_start = is_legacy && is_scannable && !is_scan_resp;
1905
1906 if (is_legacy)
1907 AdvertiseDataParser::RemoveTrailingZeros(tmp);
1908
1909 // We might have send scan request to this device before, but didn't get the
1910 // response. In such case make sure data is put at start, not appended to
1911 // already existing data.
1912 std::vector<uint8_t> const& adv_data =
1913 is_start ? cache.Set(addr_type, bda, std::move(tmp))
1914 : cache.Append(addr_type, bda, std::move(tmp));
1915
1916 bool data_complete = (ble_evt_type_data_status(evt_type) != 0x01);
1917
1918 if (!data_complete) {
1919 // If we didn't receive whole adv data yet, don't report the device.
1920 DVLOG(1) << "Data not complete yet, waiting for more " << bda;
1921 return;
1922 }
1923
1924 bool is_active_scan =
1925 btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI;
1926 if (is_active_scan && is_scannable && !is_scan_resp) {
1927 // If we didn't receive scan response yet, don't report the device.
1928 DVLOG(1) << " Waiting for scan response " << bda;
1929 return;
1930 }
1931
1932 if (!AdvertiseDataParser::IsValid(adv_data)) {
1933 DVLOG(1) << __func__ << "Dropping bad advertisement packet: "
1934 << base::HexEncode(adv_data.data(), adv_data.size());
1935 cache.Clear(addr_type, bda);
1936 return;
1937 }
1938
1939 tINQ_DB_ENT* p_i = btm_inq_db_find(bda);
1940
1941 /* Check if this address has already been processed for this inquiry */
1942 if (btm_inq_find_bdaddr(bda)) {
1943 /* never been report as an LE device */
1944 if (p_i && (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
1945 /* scan response to be updated */
1946 (!p_i->scan_rsp))) {
1947 update = true;
1948 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
1949 update = false;
1950 } else {
1951 /* if yes, skip it */
1952 cache.Clear(addr_type, bda);
1953 return; /* assumption: one result per event */
1954 }
1955 }
1956 /* If existing entry, use that, else get a new one (possibly reusing the
1957 * oldest) */
1958 if (p_i == NULL) {
1959 p_i = btm_inq_db_new(bda);
1960 if (p_i != NULL) {
1961 p_inq->inq_cmpl_info.num_resp++;
1962 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
1963 } else
1964 return;
1965 } else if (p_i->inq_count !=
1966 p_inq->inq_counter) /* first time seen in this inquiry */
1967 {
1968 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
1969 p_inq->inq_cmpl_info.num_resp++;
1970 }
1971
1972 /* update the LE device information in inquiry database */
1973 btm_ble_update_inq_result(p_i, addr_type, bda, evt_type, primary_phy,
1974 secondary_phy, advertising_sid, tx_power, rssi,
1975 periodic_adv_int, adv_data);
1976
1977 uint8_t result = btm_ble_is_discoverable(bda, adv_data);
1978 if (result == 0) {
1979 // Device no longer discoverable so discard outstanding advertising packet
1980 cache.Clear(addr_type, bda);
1981 return;
1982 }
1983
1984 if (!update) result &= ~BTM_BLE_INQ_RESULT;
1985
1986 // Pass address up to GattService#onScanResult
1987 p_i->inq_info.results.original_bda = original_bda;
1988
1989 tBTM_INQ_RESULTS_CB* p_inq_results_cb = p_inq->p_inq_results_cb;
1990 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT)) {
1991 (p_inq_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
1992 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
1993 }
1994
1995 tBTM_INQ_RESULTS_CB* p_obs_results_cb = btm_cb.ble_ctr_cb.p_obs_results_cb;
1996 if (p_obs_results_cb && (result & BTM_BLE_OBS_RESULT)) {
1997 (p_obs_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
1998 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
1999 }
2000
2001 cache.Clear(addr_type, bda);
2002 }
2003
2004 /**
2005 * This function copy from btm_ble_process_adv_pkt_cont to process adv packet
2006 * from gd scanning module to handle inquiry result callback.
2007 */
btm_ble_process_adv_pkt_cont_for_inquiry(uint16_t evt_type,uint8_t addr_type,const RawAddress & bda,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,std::vector<uint8_t> advertising_data)2008 void btm_ble_process_adv_pkt_cont_for_inquiry(
2009 uint16_t evt_type, uint8_t addr_type, const RawAddress& bda,
2010 uint8_t primary_phy, uint8_t secondary_phy, uint8_t advertising_sid,
2011 int8_t tx_power, int8_t rssi, uint16_t periodic_adv_int,
2012 std::vector<uint8_t> advertising_data) {
2013 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
2014 bool update = true;
2015
2016 tINQ_DB_ENT* p_i = btm_inq_db_find(bda);
2017
2018 /* Check if this address has already been processed for this inquiry */
2019 if (btm_inq_find_bdaddr(bda)) {
2020 /* never been report as an LE device */
2021 if (p_i && (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2022 /* scan response to be updated */
2023 (!p_i->scan_rsp))) {
2024 update = true;
2025 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
2026 update = false;
2027 } else {
2028 /* if yes, skip it */
2029 return; /* assumption: one result per event */
2030 }
2031 }
2032
2033 /* If existing entry, use that, else get a new one (possibly reusing the
2034 * oldest) */
2035 if (p_i == NULL) {
2036 p_i = btm_inq_db_new(bda);
2037 if (p_i != NULL) {
2038 p_inq->inq_cmpl_info.num_resp++;
2039 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2040 } else
2041 return;
2042 } else if (p_i->inq_count !=
2043 p_inq->inq_counter) /* first time seen in this inquiry */
2044 {
2045 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2046 p_inq->inq_cmpl_info.num_resp++;
2047 }
2048
2049 /* update the LE device information in inquiry database */
2050 btm_ble_update_inq_result(p_i, addr_type, bda, evt_type, primary_phy,
2051 secondary_phy, advertising_sid, tx_power, rssi,
2052 periodic_adv_int, advertising_data);
2053
2054 uint8_t result = btm_ble_is_discoverable(bda, advertising_data);
2055 if (result == 0) {
2056 return;
2057 }
2058
2059 if (!update) result &= ~BTM_BLE_INQ_RESULT;
2060
2061 tBTM_INQ_RESULTS_CB* p_inq_results_cb = p_inq->p_inq_results_cb;
2062 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT)) {
2063 (p_inq_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2064 const_cast<uint8_t*>(advertising_data.data()),
2065 advertising_data.size());
2066 }
2067 }
2068
btm_ble_process_phy_update_pkt(uint8_t len,uint8_t * data)2069 void btm_ble_process_phy_update_pkt(uint8_t len, uint8_t* data) {
2070 uint8_t status, tx_phy, rx_phy;
2071 uint16_t handle;
2072
2073 LOG_ASSERT(len == 5);
2074 uint8_t* p = data;
2075 STREAM_TO_UINT8(status, p);
2076 STREAM_TO_UINT16(handle, p);
2077 handle = handle & 0x0FFF;
2078 STREAM_TO_UINT8(tx_phy, p);
2079 STREAM_TO_UINT8(rx_phy, p);
2080
2081 gatt_notify_phy_updated(static_cast<tGATT_STATUS>(status), handle, tx_phy,
2082 rx_phy);
2083 }
2084
2085 /*******************************************************************************
2086 *
2087 * Function btm_ble_start_scan
2088 *
2089 * Description Start the BLE scan.
2090 *
2091 * Returns void
2092 *
2093 ******************************************************************************/
btm_ble_start_scan()2094 void btm_ble_start_scan() {
2095 tBTM_BLE_INQ_CB* p_inq = &btm_cb.ble_ctr_cb.inq_var;
2096 /* start scan, disable duplicate filtering */
2097 btm_send_hci_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
2098
2099 if (p_inq->scan_type == BTM_BLE_SCAN_MODE_ACTI)
2100 btm_ble_set_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2101 else
2102 btm_ble_set_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2103 }
2104
2105 /*******************************************************************************
2106 *
2107 * Function btm_ble_stop_scan
2108 *
2109 * Description Stop the BLE scan.
2110 *
2111 * Returns void
2112 *
2113 ******************************************************************************/
btm_ble_stop_scan(void)2114 void btm_ble_stop_scan(void) {
2115 BTM_TRACE_EVENT("btm_ble_stop_scan ");
2116
2117 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI)
2118 btm_ble_clear_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2119 else
2120 btm_ble_clear_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2121
2122 /* Clear the inquiry callback if set */
2123 btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2124
2125 /* stop discovery now */
2126 btm_send_hci_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2127
2128 btm_update_scanner_filter_policy(SP_ADV_ALL);
2129 }
2130 /*******************************************************************************
2131 *
2132 * Function btm_ble_stop_inquiry
2133 *
2134 * Description Stop the BLE Inquiry.
2135 *
2136 * Returns void
2137 *
2138 ******************************************************************************/
btm_ble_stop_inquiry(void)2139 void btm_ble_stop_inquiry(void) {
2140 tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars;
2141 tBTM_BLE_CB* p_ble_cb = &btm_cb.ble_ctr_cb;
2142
2143 alarm_cancel(p_ble_cb->inq_var.inquiry_timer);
2144
2145 p_ble_cb->reset_ble_inquiry();
2146
2147 /* If no more scan activity, stop LE scan now */
2148 if (!p_ble_cb->is_ble_scan_active()) {
2149 btm_ble_stop_scan();
2150 } else if ((p_ble_cb->inq_var.scan_interval !=
2151 BTM_BLE_LOW_LATENCY_SCAN_INT) ||
2152 (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
2153 BTM_TRACE_DEBUG("%s: setting default params for ongoing observe", __func__);
2154 btm_ble_stop_scan();
2155 btm_ble_start_scan();
2156 }
2157
2158 /* If we have a callback registered for inquiry complete, call it */
2159 BTM_TRACE_DEBUG("BTM Inq Compl Callback: status 0x%02x, num results %d",
2160 p_inq->inq_cmpl_info.status, p_inq->inq_cmpl_info.num_resp);
2161
2162 btm_process_inq_complete(
2163 HCI_SUCCESS, (uint8_t)(p_inq->inqparms.mode & BTM_BLE_INQUIRY_MASK));
2164 }
2165
2166 /*******************************************************************************
2167 *
2168 * Function btm_ble_stop_observe
2169 *
2170 * Description Stop the BLE Observe.
2171 *
2172 * Returns void
2173 *
2174 ******************************************************************************/
btm_ble_stop_observe(void)2175 static void btm_ble_stop_observe(void) {
2176 tBTM_BLE_CB* p_ble_cb = &btm_cb.ble_ctr_cb;
2177 tBTM_CMPL_CB* p_obs_cb = p_ble_cb->p_obs_cmpl_cb;
2178
2179 alarm_cancel(p_ble_cb->observer_timer);
2180
2181 p_ble_cb->reset_ble_observe();
2182
2183 p_ble_cb->p_obs_results_cb = NULL;
2184 p_ble_cb->p_obs_cmpl_cb = NULL;
2185
2186 if (!p_ble_cb->is_ble_scan_active()) {
2187 btm_ble_stop_scan();
2188 }
2189
2190 if (p_obs_cb) (p_obs_cb)(&btm_cb.btm_inq_vars.inq_cmpl_info);
2191 }
2192 /*******************************************************************************
2193 *
2194 * Function btm_ble_adv_states_operation
2195 *
2196 * Description Set or clear adv states in topology mask
2197 *
2198 * Returns operation status. true if sucessful, false otherwise.
2199 *
2200 ******************************************************************************/
2201 typedef bool(BTM_TOPOLOGY_FUNC_PTR)(tBTM_BLE_STATE_MASK);
btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR * p_handler,uint8_t adv_evt)2202 static bool btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR* p_handler,
2203 uint8_t adv_evt) {
2204 bool rt = false;
2205
2206 switch (adv_evt) {
2207 case BTM_BLE_CONNECT_EVT:
2208 rt = (*p_handler)(BTM_BLE_STATE_CONN_ADV_BIT);
2209 break;
2210
2211 case BTM_BLE_NON_CONNECT_EVT:
2212 rt = (*p_handler)(BTM_BLE_STATE_NON_CONN_ADV_BIT);
2213 break;
2214 case BTM_BLE_CONNECT_DIR_EVT:
2215 rt = (*p_handler)(BTM_BLE_STATE_HI_DUTY_DIR_ADV_BIT);
2216 break;
2217
2218 case BTM_BLE_DISCOVER_EVT:
2219 rt = (*p_handler)(BTM_BLE_STATE_SCAN_ADV_BIT);
2220 break;
2221
2222 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
2223 rt = (*p_handler)(BTM_BLE_STATE_LO_DUTY_DIR_ADV_BIT);
2224 break;
2225
2226 default:
2227 BTM_TRACE_ERROR("unknown adv event : %d", adv_evt);
2228 break;
2229 }
2230
2231 return rt;
2232 }
2233
2234 /*******************************************************************************
2235 *
2236 * Function btm_ble_start_adv
2237 *
2238 * Description start the BLE advertising.
2239 *
2240 * Returns void
2241 *
2242 ******************************************************************************/
btm_ble_start_adv(void)2243 tBTM_STATUS btm_ble_start_adv(void) {
2244 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2245
2246 if (!btm_ble_adv_states_operation(btm_ble_topology_check, p_cb->evt_type))
2247 return BTM_WRONG_MODE;
2248
2249 /* To relax resolving list, always have resolving list enabled, unless
2250 * directed adv */
2251 if (p_cb->evt_type != BTM_BLE_CONNECT_LO_DUTY_DIR_EVT &&
2252 p_cb->evt_type != BTM_BLE_CONNECT_DIR_EVT)
2253 /* enable resolving list is desired */
2254 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_ADV);
2255
2256 btsnd_hcic_ble_set_adv_enable(BTM_BLE_ADV_ENABLE);
2257 p_cb->adv_mode = BTM_BLE_ADV_ENABLE;
2258 btm_ble_adv_states_operation(btm_ble_set_topology_mask, p_cb->evt_type);
2259 return BTM_SUCCESS;
2260 }
2261
2262 /*******************************************************************************
2263 *
2264 * Function btm_ble_stop_adv
2265 *
2266 * Description Stop the BLE advertising.
2267 *
2268 * Returns void
2269 *
2270 ******************************************************************************/
btm_ble_stop_adv(void)2271 tBTM_STATUS btm_ble_stop_adv(void) {
2272 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2273
2274 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
2275 btsnd_hcic_ble_set_adv_enable(BTM_BLE_ADV_DISABLE);
2276
2277 p_cb->fast_adv_on = false;
2278 p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
2279
2280 /* clear all adv states */
2281 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2282 }
2283 return BTM_SUCCESS;
2284 }
2285
btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void * data)2286 static void btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void* data) {
2287 /* fast adv is completed, fall back to slow adv interval */
2288 btm_ble_start_slow_adv();
2289 }
2290
2291 /*******************************************************************************
2292 *
2293 * Function btm_ble_start_slow_adv
2294 *
2295 * Description Restart adv with slow adv interval
2296 *
2297 * Returns void
2298 *
2299 ******************************************************************************/
btm_ble_start_slow_adv(void)2300 static void btm_ble_start_slow_adv(void) {
2301 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2302
2303 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE) {
2304 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
2305 RawAddress address = RawAddress::kEmpty;
2306 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
2307 tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
2308
2309 btm_ble_stop_adv();
2310
2311 p_cb->evt_type = btm_set_conn_mode_adv_init_addr(address, &init_addr_type,
2312 &own_addr_type);
2313
2314 /* slow adv mode never goes into directed adv */
2315 btsnd_hcic_ble_write_adv_params(
2316 BTM_BLE_GAP_ADV_SLOW_INT, BTM_BLE_GAP_ADV_SLOW_INT, p_cb->evt_type,
2317 own_addr_type, init_addr_type, address, p_cb->adv_chnl_map, p_cb->afp);
2318
2319 btm_ble_start_adv();
2320 }
2321 }
2322
btm_ble_inquiry_timer_gap_limited_discovery_timeout(UNUSED_ATTR void * data)2323 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(
2324 UNUSED_ATTR void* data) {
2325 /* lim_timeout expired, limited discovery should exit now */
2326 btm_cb.btm_inq_vars.discoverable_mode &= ~BTM_BLE_LIMITED_DISCOVERABLE;
2327 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode,
2328 btm_cb.btm_inq_vars.discoverable_mode);
2329 }
2330
btm_ble_inquiry_timer_timeout(UNUSED_ATTR void * data)2331 static void btm_ble_inquiry_timer_timeout(UNUSED_ATTR void* data) {
2332 btm_ble_stop_inquiry();
2333 }
2334
btm_ble_observer_timer_timeout(UNUSED_ATTR void * data)2335 static void btm_ble_observer_timer_timeout(UNUSED_ATTR void* data) {
2336 btm_ble_stop_observe();
2337 }
2338
2339 /*******************************************************************************
2340 *
2341 * Function btm_ble_read_remote_features_complete
2342 *
2343 * Description This function is called when the command complete message
2344 * is received from the HCI for the read LE remote feature
2345 * supported complete event.
2346 *
2347 * Returns void
2348 *
2349 ******************************************************************************/
btm_ble_read_remote_features_complete(uint8_t * p)2350 void btm_ble_read_remote_features_complete(uint8_t* p) {
2351 uint16_t handle;
2352 uint8_t status;
2353 STREAM_TO_UINT8(status, p);
2354 STREAM_TO_UINT16(handle, p);
2355 handle = handle & 0x0FFF; // only 12 bits meaningful
2356
2357 if (status != HCI_SUCCESS) {
2358 if (status != HCI_ERR_UNSUPPORTED_REM_FEATURE) {
2359 LOG_ERROR("Failed to read remote features status:%s",
2360 hci_error_code_text(static_cast<tHCI_STATUS>(status)).c_str());
2361 return;
2362 }
2363 LOG_WARN("Remote does not support reading remote feature");
2364 }
2365
2366 if (status == HCI_SUCCESS) {
2367 if (!acl_set_peer_le_features_from_handle(handle, p)) {
2368 LOG_ERROR(
2369 "Unable to find existing connection after read remote features");
2370 return;
2371 }
2372 }
2373
2374 btsnd_hcic_rmt_ver_req(handle);
2375 }
2376
2377 /*******************************************************************************
2378 *
2379 * Function btm_ble_write_adv_enable_complete
2380 *
2381 * Description This function process the write adv enable command complete.
2382 *
2383 * Returns void
2384 *
2385 ******************************************************************************/
btm_ble_write_adv_enable_complete(uint8_t * p)2386 void btm_ble_write_adv_enable_complete(uint8_t* p) {
2387 tBTM_BLE_INQ_CB* p_cb = &btm_cb.ble_ctr_cb.inq_var;
2388
2389 /* if write adv enable/disbale not succeed */
2390 if (*p != HCI_SUCCESS) {
2391 /* toggle back the adv mode */
2392 p_cb->adv_mode = !p_cb->adv_mode;
2393 }
2394 }
2395
2396 /*******************************************************************************
2397 *
2398 * Function btm_ble_dir_adv_tout
2399 *
2400 * Description when directed adv time out
2401 *
2402 * Returns void
2403 *
2404 ******************************************************************************/
btm_ble_dir_adv_tout(void)2405 void btm_ble_dir_adv_tout(void) {
2406 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2407
2408 /* make device fall back into undirected adv mode by default */
2409 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2410 }
2411
2412 /*******************************************************************************
2413 *
2414 * Function btm_ble_set_topology_mask
2415 *
2416 * Description set BLE topology mask
2417 *
2418 * Returns true is request is allowed, false otherwise.
2419 *
2420 ******************************************************************************/
btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)2421 bool btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask) {
2422 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
2423 btm_cb.ble_ctr_cb.cur_states |= (request_state_mask & BTM_BLE_STATE_ALL_MASK);
2424 return true;
2425 }
2426
2427 /*******************************************************************************
2428 *
2429 * Function btm_ble_clear_topology_mask
2430 *
2431 * Description Clear BLE topology bit mask
2432 *
2433 * Returns true is request is allowed, false otherwise.
2434 *
2435 ******************************************************************************/
btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)2436 bool btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask) {
2437 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
2438 btm_cb.ble_ctr_cb.cur_states &= ~request_state_mask;
2439 return true;
2440 }
2441
2442 /*******************************************************************************
2443 *
2444 * Function btm_ble_update_link_topology_mask
2445 *
2446 * Description This function update the link topology mask
2447 *
2448 * Returns void
2449 *
2450 ******************************************************************************/
btm_ble_update_link_topology_mask(uint8_t link_role,bool increase)2451 static void btm_ble_update_link_topology_mask(uint8_t link_role,
2452 bool increase) {
2453 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_CONN_MASK);
2454
2455 if (increase)
2456 btm_cb.ble_ctr_cb.link_count[link_role]++;
2457 else if (btm_cb.ble_ctr_cb.link_count[link_role] > 0)
2458 btm_cb.ble_ctr_cb.link_count[link_role]--;
2459
2460 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_CENTRAL])
2461 btm_ble_set_topology_mask(BTM_BLE_STATE_CENTRAL_BIT);
2462
2463 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_PERIPHERAL])
2464 btm_ble_set_topology_mask(BTM_BLE_STATE_PERIPHERAL_BIT);
2465
2466 if (link_role == HCI_ROLE_PERIPHERAL && increase) {
2467 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2468 /* make device fall back into undirected adv mode by default */
2469 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2470 /* clear all adv states */
2471 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2472 }
2473 }
2474
btm_ble_increment_link_topology_mask(uint8_t link_role)2475 void btm_ble_increment_link_topology_mask(uint8_t link_role) {
2476 btm_ble_update_link_topology_mask(link_role, true);
2477 }
2478
btm_ble_decrement_link_topology_mask(uint8_t link_role)2479 void btm_ble_decrement_link_topology_mask(uint8_t link_role) {
2480 btm_ble_update_link_topology_mask(link_role, false);
2481 }
2482
2483 /*******************************************************************************
2484 *
2485 * Function btm_ble_update_mode_operation
2486 *
2487 * Description This function update the GAP role operation when a link
2488 * status is updated.
2489 *
2490 * Returns void
2491 *
2492 ******************************************************************************/
btm_ble_update_mode_operation(uint8_t link_role,const RawAddress * bd_addr,tHCI_STATUS status)2493 void btm_ble_update_mode_operation(uint8_t link_role, const RawAddress* bd_addr,
2494 tHCI_STATUS status) {
2495 if (status == HCI_ERR_ADVERTISING_TIMEOUT) {
2496 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2497 /* make device fall back into undirected adv mode by default */
2498 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2499 /* clear all adv states */
2500 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2501 }
2502
2503 if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_CONNECTABLE) {
2504 btm_ble_set_connectability(btm_cb.btm_inq_vars.connectable_mode |
2505 btm_cb.ble_ctr_cb.inq_var.connectable_mode);
2506 }
2507
2508 /* in case of disconnected, we must cancel bgconn and restart
2509 in order to add back device to acceptlist in order to reconnect */
2510 if (bd_addr != nullptr) {
2511 const RawAddress bda(*bd_addr);
2512 if (bluetooth::shim::is_gd_acl_enabled()) {
2513 if (acl_check_and_clear_ignore_auto_connect_after_disconnect(bda)) {
2514 LOG_DEBUG(
2515 "Local disconnect initiated so skipping re-add to acceptlist "
2516 "device:%s",
2517 PRIVATE_ADDRESS(bda));
2518 } else {
2519 if (!bluetooth::shim::ACL_AcceptLeConnectionFrom(
2520 convert_to_address_with_type(bda, btm_find_dev(bda)),
2521 /* is_direct */ false)) {
2522 LOG_ERROR("Unable to add to acceptlist as it is full:%s",
2523 PRIVATE_ADDRESS(bda));
2524 }
2525 }
2526 } else {
2527 btm_ble_bgconn_cancel_if_disconnected(bda);
2528 }
2529 }
2530
2531 /* when no connection is attempted, and controller is not rejecting last
2532 request
2533 due to resource limitation, start next direct connection or background
2534 connection
2535 now in order */
2536 if (btm_cb.ble_ctr_cb.is_connection_state_idle() &&
2537 status != HCI_ERR_HOST_REJECT_RESOURCES &&
2538 status != HCI_ERR_MAX_NUM_OF_CONNECTIONS) {
2539 LOG_DEBUG("Resuming le background connections");
2540 btm_ble_resume_bg_conn();
2541 }
2542 }
2543
2544 /*******************************************************************************
2545 *
2546 * Function btm_ble_init
2547 *
2548 * Description Initialize the control block variable values.
2549 *
2550 * Returns void
2551 *
2552 ******************************************************************************/
btm_ble_init(void)2553 void btm_ble_init(void) {
2554 tBTM_BLE_CB* p_cb = &btm_cb.ble_ctr_cb;
2555
2556 BTM_TRACE_DEBUG("%s", __func__);
2557
2558 alarm_free(p_cb->observer_timer);
2559 alarm_free(p_cb->inq_var.fast_adv_timer);
2560 memset(p_cb, 0, sizeof(tBTM_BLE_CB));
2561 memset(&(btm_cb.cmn_ble_vsc_cb), 0, sizeof(tBTM_BLE_VSC_CB));
2562 btm_cb.cmn_ble_vsc_cb.values_read = false;
2563
2564 p_cb->observer_timer = alarm_new("btm_ble.observer_timer");
2565 p_cb->cur_states = 0;
2566
2567 p_cb->inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2568 p_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2569 p_cb->inq_var.adv_chnl_map = BTM_BLE_DEFAULT_ADV_CHNL_MAP;
2570 p_cb->inq_var.afp = BTM_BLE_DEFAULT_AFP;
2571 p_cb->inq_var.sfp = BTM_BLE_DEFAULT_SFP;
2572 p_cb->inq_var.connectable_mode = BTM_BLE_NON_CONNECTABLE;
2573 p_cb->inq_var.discoverable_mode = BTM_BLE_NON_DISCOVERABLE;
2574 p_cb->inq_var.fast_adv_timer = alarm_new("btm_ble_inq.fast_adv_timer");
2575 p_cb->inq_var.inquiry_timer = alarm_new("btm_ble_inq.inquiry_timer");
2576
2577 /* for background connection, reset connection params to be undefined */
2578 p_cb->scan_int = p_cb->scan_win = BTM_BLE_SCAN_PARAM_UNDEF;
2579
2580 p_cb->inq_var.evt_type = BTM_BLE_NON_CONNECT_EVT;
2581
2582 p_cb->addr_mgnt_cb.refresh_raddr_timer =
2583 alarm_new("btm_ble_addr.refresh_raddr_timer");
2584
2585 #if (BLE_VND_INCLUDED == FALSE)
2586 btm_ble_adv_filter_init();
2587 #endif
2588 }
2589
2590 // Clean up btm ble control block
btm_ble_free()2591 void btm_ble_free() {
2592 tBTM_BLE_CB* p_cb = &btm_cb.ble_ctr_cb;
2593 alarm_free(p_cb->addr_mgnt_cb.refresh_raddr_timer);
2594 }
2595
2596 /*******************************************************************************
2597 *
2598 * Function btm_ble_topology_check
2599 *
2600 * Description check to see requested state is supported. One state check
2601 * at a time is supported
2602 *
2603 * Returns true is request is allowed, false otherwise.
2604 *
2605 ******************************************************************************/
btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)2606 bool btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask) {
2607 bool rt = false;
2608
2609 uint8_t state_offset = 0;
2610 uint16_t cur_states = btm_cb.ble_ctr_cb.cur_states;
2611 uint8_t request_state = 0;
2612
2613 /* check only one bit is set and within valid range */
2614 if (request_state_mask == BTM_BLE_STATE_INVALID ||
2615 request_state_mask > BTM_BLE_STATE_SCAN_ADV_BIT ||
2616 (request_state_mask & (request_state_mask - 1)) != 0) {
2617 BTM_TRACE_ERROR("illegal state requested: %d", request_state_mask);
2618 return rt;
2619 }
2620
2621 while (request_state_mask) {
2622 request_state_mask >>= 1;
2623 request_state++;
2624 }
2625
2626 /* check if the requested state is supported or not */
2627 uint8_t bit_num = btm_le_state_combo_tbl[0][request_state - 1];
2628 const uint8_t* ble_supported_states =
2629 controller_get_interface()->get_ble_supported_states();
2630
2631 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, bit_num)) {
2632 BTM_TRACE_ERROR("state requested not supported: %d", request_state);
2633 return rt;
2634 }
2635
2636 rt = true;
2637 /* make sure currently active states are all supported in conjunction with the
2638 requested state. If the bit in table is UNSUPPORTED, the combination is not
2639 supported */
2640 while (cur_states != 0) {
2641 if (cur_states & 0x01) {
2642 uint8_t bit_num = btm_le_state_combo_tbl[request_state][state_offset];
2643 if (bit_num != UNSUPPORTED) {
2644 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, bit_num)) {
2645 rt = false;
2646 break;
2647 }
2648 }
2649 }
2650 cur_states >>= 1;
2651 state_offset++;
2652 }
2653 return rt;
2654 }
2655