1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions that handle BTM interface functions for the
22 * Bluetooth device including Rest, HCI buffer size and others
23 *
24 ******************************************************************************/
25
26 #include <base/logging.h>
27 #include <stddef.h>
28 #include <stdlib.h>
29 #include <string.h>
30
31 #include "bt_types.h"
32 #include "bta/dm/bta_dm_int.h"
33 #include "bta/sys/bta_sys.h"
34 #include "btcore/include/module.h"
35 #include "btif/include/btif_bqr.h"
36 #include "btm_int.h"
37 #include "btu.h"
38 #include "common/message_loop_thread.h"
39 #include "device/include/controller.h"
40 #include "hci/include/hci_layer.h"
41 #include "hcimsgs.h"
42 #include "main/shim/btm_api.h"
43 #include "main/shim/controller.h"
44 #include "main/shim/shim.h"
45 #include "osi/include/osi.h"
46 #include "stack/btm/btm_ble_int.h"
47 #include "stack/gatt/connection_manager.h"
48 #include "stack/include/acl_api.h"
49 #include "stack/include/l2cap_controller_interface.h"
50
51 extern tBTM_CB btm_cb;
52
53 extern void btm_inq_db_reset(void);
54 extern void btm_pm_reset(void);
55 /******************************************************************************/
56 /* L O C A L D A T A D E F I N I T I O N S */
57 /******************************************************************************/
58
59 #ifndef BTM_DEV_RESET_TIMEOUT
60 #define BTM_DEV_RESET_TIMEOUT 4
61 #endif
62
63 // TODO: Reevaluate this value in the context of timers with ms granularity
64 #define BTM_DEV_NAME_REPLY_TIMEOUT_MS \
65 (2 * 1000) /* 2 seconds for name reply \
66 */
67
68 #define BTM_INFO_TIMEOUT 5 /* 5 seconds for info response */
69
70 /******************************************************************************/
71 /* L O C A L F U N C T I O N P R O T O T Y P E S */
72 /******************************************************************************/
73
74 static void decode_controller_support();
75 static void BTM_BT_Quality_Report_VSE_CBack(uint8_t length, uint8_t* p_stream);
76
77 /*******************************************************************************
78 *
79 * Function btm_dev_init
80 *
81 * Description This function is on the BTM startup
82 *
83 * Returns void
84 *
85 ******************************************************************************/
btm_dev_init()86 void btm_dev_init() {
87 /* Initialize nonzero defaults */
88 memset(btm_cb.cfg.bd_name, 0, sizeof(tBTM_LOC_BD_NAME));
89
90 btm_cb.devcb.read_local_name_timer = alarm_new("btm.read_local_name_timer");
91 btm_cb.devcb.read_rssi_timer = alarm_new("btm.read_rssi_timer");
92 btm_cb.devcb.read_failed_contact_counter_timer =
93 alarm_new("btm.read_failed_contact_counter_timer");
94 btm_cb.devcb.read_automatic_flush_timeout_timer =
95 alarm_new("btm.read_automatic_flush_timeout_timer");
96 btm_cb.devcb.read_link_quality_timer =
97 alarm_new("btm.read_link_quality_timer");
98 btm_cb.devcb.read_tx_power_timer = alarm_new("btm.read_tx_power_timer");
99 }
100
btm_dev_free()101 void btm_dev_free() {
102 alarm_free(btm_cb.devcb.read_local_name_timer);
103 alarm_free(btm_cb.devcb.read_rssi_timer);
104 alarm_free(btm_cb.devcb.read_failed_contact_counter_timer);
105 alarm_free(btm_cb.devcb.read_automatic_flush_timeout_timer);
106 alarm_free(btm_cb.devcb.read_link_quality_timer);
107 alarm_free(btm_cb.devcb.read_tx_power_timer);
108 }
109
110 /*******************************************************************************
111 *
112 * Function btm_db_reset
113 *
114 * Returns void
115 *
116 ******************************************************************************/
BTM_db_reset(void)117 void BTM_db_reset(void) {
118 tBTM_CMPL_CB* p_cb;
119
120 btm_inq_db_reset();
121
122 if (btm_cb.devcb.p_rln_cmpl_cb) {
123 p_cb = btm_cb.devcb.p_rln_cmpl_cb;
124 btm_cb.devcb.p_rln_cmpl_cb = NULL;
125
126 if (p_cb) (*p_cb)((void*)NULL);
127 }
128
129 if (btm_cb.devcb.p_rssi_cmpl_cb) {
130 p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
131 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
132
133 if (p_cb) {
134 tBTM_RSSI_RESULT btm_rssi_result;
135 btm_rssi_result.status = BTM_DEV_RESET;
136 (*p_cb)(&btm_rssi_result);
137 }
138 }
139
140 if (btm_cb.devcb.p_failed_contact_counter_cmpl_cb) {
141 p_cb = btm_cb.devcb.p_failed_contact_counter_cmpl_cb;
142 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = NULL;
143
144 if (p_cb) {
145 tBTM_FAILED_CONTACT_COUNTER_RESULT btm_failed_contact_counter_result;
146 btm_failed_contact_counter_result.status = BTM_DEV_RESET;
147 (*p_cb)(&btm_failed_contact_counter_result);
148 }
149 }
150
151 if (btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb) {
152 p_cb = btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb;
153 btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb = NULL;
154
155 if (p_cb) {
156 tBTM_AUTOMATIC_FLUSH_TIMEOUT_RESULT btm_automatic_flush_timeout_result;
157 btm_automatic_flush_timeout_result.status = BTM_DEV_RESET;
158 (*p_cb)(&btm_automatic_flush_timeout_result);
159 }
160 }
161 }
162
set_sec_state_idle(void * data,void * context)163 static bool set_sec_state_idle(void* data, void* context) {
164 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
165 p_dev_rec->sec_state = BTM_SEC_STATE_IDLE;
166 return true;
167 }
168
BTM_reset_complete()169 void BTM_reset_complete() {
170 const controller_t* controller = controller_get_interface();
171
172 /* Tell L2CAP that all connections are gone */
173 l2cu_device_reset();
174
175 /* Clear current security state */
176 list_foreach(btm_cb.sec_dev_rec, set_sec_state_idle, NULL);
177
178 /* After the reset controller should restore all parameters to defaults. */
179 btm_cb.btm_inq_vars.inq_counter = 1;
180 btm_cb.btm_inq_vars.inq_scan_window = HCI_DEF_INQUIRYSCAN_WINDOW;
181 btm_cb.btm_inq_vars.inq_scan_period = HCI_DEF_INQUIRYSCAN_INTERVAL;
182 btm_cb.btm_inq_vars.inq_scan_type = HCI_DEF_SCAN_TYPE;
183
184 btm_cb.btm_inq_vars.page_scan_window = HCI_DEF_PAGESCAN_WINDOW;
185 btm_cb.btm_inq_vars.page_scan_period = HCI_DEF_PAGESCAN_INTERVAL;
186 btm_cb.btm_inq_vars.page_scan_type = HCI_DEF_SCAN_TYPE;
187
188 btm_cb.ble_ctr_cb.set_connection_state_idle();
189 connection_manager::reset(true);
190
191 btm_pm_reset();
192
193 l2c_link_init();
194
195 // setup the random number generator
196 std::srand(std::time(nullptr));
197
198 /* Set up the BLE privacy settings */
199 if (controller->supports_ble() && controller->supports_ble_privacy() &&
200 controller->get_ble_resolving_list_max_size() > 0) {
201 btm_ble_resolving_list_init(controller->get_ble_resolving_list_max_size());
202 /* set the default random private address timeout */
203 btsnd_hcic_ble_set_rand_priv_addr_timeout(
204 btm_get_next_private_addrress_interval_ms() / 1000);
205 }
206
207 if (controller->supports_ble()) {
208 l2c_link_processs_ble_num_bufs(controller->get_acl_buffer_count_ble());
209 }
210
211 BTM_SetPinType(btm_cb.cfg.pin_type, btm_cb.cfg.pin_code,
212 btm_cb.cfg.pin_code_len);
213
214 decode_controller_support();
215 }
216
217 /*******************************************************************************
218 *
219 * Function BTM_IsDeviceUp
220 *
221 * Description This function is called to check if the device is up.
222 *
223 * Returns true if device is up, else false
224 *
225 ******************************************************************************/
BTM_IsDeviceUp(void)226 bool BTM_IsDeviceUp(void) { return controller_get_interface()->get_is_ready(); }
227
228 /*******************************************************************************
229 *
230 * Function btm_read_local_name_timeout
231 *
232 * Description Callback when reading the local name times out.
233 *
234 * Returns void
235 *
236 ******************************************************************************/
btm_read_local_name_timeout(UNUSED_ATTR void * data)237 static void btm_read_local_name_timeout(UNUSED_ATTR void* data) {
238 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rln_cmpl_cb;
239 btm_cb.devcb.p_rln_cmpl_cb = NULL;
240 if (p_cb) (*p_cb)((void*)NULL);
241 }
242
decode_controller_support()243 static void decode_controller_support() {
244 const controller_t* controller = controller_get_interface();
245
246 /* Create (e)SCO supported packet types mask */
247 btm_cb.btm_sco_pkt_types_supported = 0;
248 btm_cb.sco_cb.esco_supported = false;
249 if (controller->supports_sco()) {
250 btm_cb.btm_sco_pkt_types_supported = ESCO_PKT_TYPES_MASK_HV1;
251
252 if (controller->supports_hv2_packets())
253 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_HV2;
254
255 if (controller->supports_hv3_packets())
256 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_HV3;
257 }
258
259 if (controller->supports_ev3_packets())
260 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_EV3;
261
262 if (controller->supports_ev4_packets())
263 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_EV4;
264
265 if (controller->supports_ev5_packets())
266 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_EV5;
267
268 if (btm_cb.btm_sco_pkt_types_supported & BTM_ESCO_LINK_ONLY_MASK) {
269 btm_cb.sco_cb.esco_supported = true;
270
271 /* Add in EDR related eSCO types */
272 if (controller->supports_esco_2m_phy()) {
273 if (!controller->supports_3_slot_edr_packets())
274 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_NO_2_EV5;
275 } else {
276 btm_cb.btm_sco_pkt_types_supported |=
277 (ESCO_PKT_TYPES_MASK_NO_2_EV3 + ESCO_PKT_TYPES_MASK_NO_2_EV5);
278 }
279
280 if (controller->supports_esco_3m_phy()) {
281 if (!controller->supports_3_slot_edr_packets())
282 btm_cb.btm_sco_pkt_types_supported |= ESCO_PKT_TYPES_MASK_NO_3_EV5;
283 } else {
284 btm_cb.btm_sco_pkt_types_supported |=
285 (ESCO_PKT_TYPES_MASK_NO_3_EV3 + ESCO_PKT_TYPES_MASK_NO_3_EV5);
286 }
287 }
288
289 BTM_TRACE_DEBUG("Local supported SCO packet types: 0x%04x",
290 btm_cb.btm_sco_pkt_types_supported);
291
292 BTM_acl_after_controller_started(controller_get_interface());
293 btm_sec_dev_reset();
294
295 if (controller->supports_rssi_with_inquiry_results()) {
296 if (controller->supports_extended_inquiry_response())
297 BTM_SetInquiryMode(BTM_INQ_RESULT_EXTENDED);
298 else
299 BTM_SetInquiryMode(BTM_INQ_RESULT_WITH_RSSI);
300 }
301
302 l2cu_set_non_flushable_pbf(controller->supports_non_flushable_pb());
303 BTM_EnableInterlacedPageScan();
304 BTM_EnableInterlacedInquiryScan();
305 }
306
307 /*******************************************************************************
308 *
309 * Function BTM_SetLocalDeviceName
310 *
311 * Description This function is called to set the local device name.
312 *
313 * Returns status of the operation
314 *
315 ******************************************************************************/
BTM_SetLocalDeviceName(char * p_name)316 tBTM_STATUS BTM_SetLocalDeviceName(char* p_name) {
317 uint8_t* p;
318
319 if (!p_name || !p_name[0] || (strlen((char*)p_name) > BD_NAME_LEN))
320 return (BTM_ILLEGAL_VALUE);
321
322 if (!controller_get_interface()->get_is_ready()) return (BTM_DEV_RESET);
323 /* Save the device name if local storage is enabled */
324 p = (uint8_t*)btm_cb.cfg.bd_name;
325 if (p != (uint8_t*)p_name)
326 strlcpy(btm_cb.cfg.bd_name, p_name, BTM_MAX_LOC_BD_NAME_LEN + 1);
327
328 btsnd_hcic_change_name(p);
329 return (BTM_CMD_STARTED);
330 }
331
332 /*******************************************************************************
333 *
334 * Function BTM_ReadLocalDeviceName
335 *
336 * Description This function is called to read the local device name.
337 *
338 * Returns status of the operation
339 * If success, BTM_SUCCESS is returned and p_name points stored
340 * local device name
341 * If BTM doesn't store local device name, BTM_NO_RESOURCES is
342 * is returned and p_name is set to NULL
343 *
344 ******************************************************************************/
BTM_ReadLocalDeviceName(char ** p_name)345 tBTM_STATUS BTM_ReadLocalDeviceName(char** p_name) {
346 *p_name = btm_cb.cfg.bd_name;
347 return (BTM_SUCCESS);
348 }
349
350 /*******************************************************************************
351 *
352 * Function BTM_ReadLocalDeviceNameFromController
353 *
354 * Description Get local device name from controller. Do not use cached
355 * name (used to get chip-id prior to btm reset complete).
356 *
357 * Returns BTM_CMD_STARTED if successful, otherwise an error
358 *
359 ******************************************************************************/
BTM_ReadLocalDeviceNameFromController(tBTM_CMPL_CB * p_rln_cmpl_cback)360 tBTM_STATUS BTM_ReadLocalDeviceNameFromController(
361 tBTM_CMPL_CB* p_rln_cmpl_cback) {
362 /* Check if rln already in progress */
363 if (btm_cb.devcb.p_rln_cmpl_cb) return (BTM_NO_RESOURCES);
364
365 /* Save callback */
366 btm_cb.devcb.p_rln_cmpl_cb = p_rln_cmpl_cback;
367
368 btsnd_hcic_read_name();
369 alarm_set_on_mloop(btm_cb.devcb.read_local_name_timer,
370 BTM_DEV_NAME_REPLY_TIMEOUT_MS, btm_read_local_name_timeout,
371 NULL);
372
373 return BTM_CMD_STARTED;
374 }
375
376 /*******************************************************************************
377 *
378 * Function btm_read_local_name_complete
379 *
380 * Description This function is called when local name read complete.
381 * message is received from the HCI.
382 *
383 * Returns void
384 *
385 ******************************************************************************/
btm_read_local_name_complete(uint8_t * p,UNUSED_ATTR uint16_t evt_len)386 void btm_read_local_name_complete(uint8_t* p, UNUSED_ATTR uint16_t evt_len) {
387 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rln_cmpl_cb;
388 uint8_t status;
389
390 alarm_cancel(btm_cb.devcb.read_local_name_timer);
391
392 /* If there was a callback address for read local name, call it */
393 btm_cb.devcb.p_rln_cmpl_cb = NULL;
394
395 if (p_cb) {
396 STREAM_TO_UINT8(status, p);
397
398 if (status == HCI_SUCCESS)
399 (*p_cb)(p);
400 else
401 (*p_cb)(NULL);
402 }
403 }
404
405 /*******************************************************************************
406 *
407 * Function BTM_SetDeviceClass
408 *
409 * Description This function is called to set the local device class
410 *
411 * Returns status of the operation
412 *
413 ******************************************************************************/
BTM_SetDeviceClass(DEV_CLASS dev_class)414 tBTM_STATUS BTM_SetDeviceClass(DEV_CLASS dev_class) {
415 if (!memcmp(btm_cb.devcb.dev_class, dev_class, DEV_CLASS_LEN))
416 return (BTM_SUCCESS);
417
418 memcpy(btm_cb.devcb.dev_class, dev_class, DEV_CLASS_LEN);
419
420 if (!controller_get_interface()->get_is_ready()) return (BTM_DEV_RESET);
421
422 btsnd_hcic_write_dev_class(dev_class);
423
424 return (BTM_SUCCESS);
425 }
426
427 /*******************************************************************************
428 *
429 * Function BTM_ReadDeviceClass
430 *
431 * Description This function is called to read the local device class
432 *
433 * Returns pointer to the device class
434 *
435 ******************************************************************************/
BTM_ReadDeviceClass(void)436 uint8_t* BTM_ReadDeviceClass(void) {
437 return ((uint8_t*)btm_cb.devcb.dev_class);
438 }
439
440 /*******************************************************************************
441 *
442 * Function BTM_VendorSpecificCommand
443 *
444 * Description Send a vendor specific HCI command to the controller.
445 *
446 * Notes
447 * Opcode will be OR'd with HCI_GRP_VENDOR_SPECIFIC.
448 *
449 ******************************************************************************/
BTM_VendorSpecificCommand(uint16_t opcode,uint8_t param_len,uint8_t * p_param_buf,tBTM_VSC_CMPL_CB * p_cb)450 void BTM_VendorSpecificCommand(uint16_t opcode, uint8_t param_len,
451 uint8_t* p_param_buf, tBTM_VSC_CMPL_CB* p_cb) {
452 /* Allocate a buffer to hold HCI command plus the callback function */
453 void* p_buf = osi_malloc(sizeof(BT_HDR) + sizeof(tBTM_CMPL_CB*) + param_len +
454 HCIC_PREAMBLE_SIZE);
455
456 BTM_TRACE_EVENT("BTM: %s: Opcode: 0x%04X, ParamLen: %i.", __func__, opcode,
457 param_len);
458
459 /* Send the HCI command (opcode will be OR'd with HCI_GRP_VENDOR_SPECIFIC) */
460 btsnd_hcic_vendor_spec_cmd(p_buf, opcode, param_len, p_param_buf,
461 (void*)p_cb);
462 }
463
464 /*******************************************************************************
465 *
466 * Function btm_vsc_complete
467 *
468 * Description This function is called when local HCI Vendor Specific
469 * Command complete message is received from the HCI.
470 *
471 * Returns void
472 *
473 ******************************************************************************/
btm_vsc_complete(uint8_t * p,uint16_t opcode,uint16_t evt_len,tBTM_VSC_CMPL_CB * p_vsc_cplt_cback)474 void btm_vsc_complete(uint8_t* p, uint16_t opcode, uint16_t evt_len,
475 tBTM_VSC_CMPL_CB* p_vsc_cplt_cback) {
476 tBTM_VSC_CMPL vcs_cplt_params;
477
478 /* If there was a callback address for vcs complete, call it */
479 if (p_vsc_cplt_cback) {
480 /* Pass paramters to the callback function */
481 vcs_cplt_params.opcode = opcode; /* Number of bytes in return info */
482 vcs_cplt_params.param_len = evt_len; /* Number of bytes in return info */
483 vcs_cplt_params.p_param_buf = p;
484 (*p_vsc_cplt_cback)(
485 &vcs_cplt_params); /* Call the VSC complete callback function */
486 }
487 }
488
489 /*******************************************************************************
490 *
491 * Function BTM_RegisterForVSEvents
492 *
493 * Description This function is called to register/deregister for vendor
494 * specific HCI events.
495 *
496 * If is_register=true, then the function will be registered;
497 * otherwise, the the function will be deregistered.
498 *
499 * Returns BTM_SUCCESS if successful,
500 * BTM_BUSY if maximum number of callbacks have already been
501 * registered.
502 *
503 ******************************************************************************/
BTM_RegisterForVSEvents(tBTM_VS_EVT_CB * p_cb,bool is_register)504 tBTM_STATUS BTM_RegisterForVSEvents(tBTM_VS_EVT_CB* p_cb, bool is_register) {
505 tBTM_STATUS retval = BTM_SUCCESS;
506 uint8_t i, free_idx = BTM_MAX_VSE_CALLBACKS;
507
508 /* See if callback is already registered */
509 for (i = 0; i < BTM_MAX_VSE_CALLBACKS; i++) {
510 if (btm_cb.devcb.p_vend_spec_cb[i] == NULL) {
511 /* Found a free slot. Store index */
512 free_idx = i;
513 } else if (btm_cb.devcb.p_vend_spec_cb[i] == p_cb) {
514 /* Found callback in lookup table. If deregistering, clear the entry. */
515 if (!is_register) {
516 btm_cb.devcb.p_vend_spec_cb[i] = NULL;
517 BTM_TRACE_EVENT("BTM Deregister For VSEvents is successfully");
518 }
519 return (BTM_SUCCESS);
520 }
521 }
522
523 /* Didn't find callback. Add callback to free slot if registering */
524 if (is_register) {
525 if (free_idx < BTM_MAX_VSE_CALLBACKS) {
526 btm_cb.devcb.p_vend_spec_cb[free_idx] = p_cb;
527 BTM_TRACE_EVENT("BTM Register For VSEvents is successfully");
528 } else {
529 /* No free entries available */
530 BTM_TRACE_ERROR("BTM_RegisterForVSEvents: too many callbacks registered");
531
532 retval = BTM_NO_RESOURCES;
533 }
534 }
535
536 return (retval);
537 }
538
539 /*******************************************************************************
540 *
541 * Function btm_vendor_specific_evt
542 *
543 * Description Process event HCI_VENDOR_SPECIFIC_EVT
544 *
545 * Returns void
546 *
547 ******************************************************************************/
btm_vendor_specific_evt(uint8_t * p,uint8_t evt_len)548 void btm_vendor_specific_evt(uint8_t* p, uint8_t evt_len) {
549 uint8_t i;
550
551 BTM_TRACE_DEBUG("BTM Event: Vendor Specific event from controller");
552
553 // Handle BQR events
554 uint8_t* bqr_ptr = p;
555 uint8_t event_code;
556 uint8_t len;
557 STREAM_TO_UINT8(event_code, bqr_ptr);
558 STREAM_TO_UINT8(len, bqr_ptr);
559 // Check if there's at least a subevent code
560 if (len > 1 && evt_len > 1 && event_code == HCI_VENDOR_SPECIFIC_EVT) {
561 uint8_t sub_event_code;
562 STREAM_TO_UINT8(sub_event_code, bqr_ptr);
563 if (sub_event_code == HCI_VSE_SUBCODE_BQR_SUB_EVT) {
564 // Excluding the HCI Event packet header and 1 octet sub-event code
565 int16_t bqr_parameter_length = evt_len - HCIE_PREAMBLE_SIZE - 1;
566 uint8_t* p_bqr_event = bqr_ptr;
567 // The stream currently points to the BQR sub-event parameters
568 switch (sub_event_code) {
569 case bluetooth::bqr::QUALITY_REPORT_ID_LMP_LL_MESSAGE_TRACE:
570 if (bqr_parameter_length >= bluetooth::bqr::kLogDumpParamTotalLen) {
571 bluetooth::bqr::DumpLmpLlMessage(bqr_parameter_length, p_bqr_event);
572 } else {
573 LOG_INFO("Malformed LMP event of length %hd", bqr_parameter_length);
574 }
575
576 break;
577
578 case bluetooth::bqr::QUALITY_REPORT_ID_BT_SCHEDULING_TRACE:
579 if (bqr_parameter_length >= bluetooth::bqr::kLogDumpParamTotalLen) {
580 bluetooth::bqr::DumpBtScheduling(bqr_parameter_length, p_bqr_event);
581 } else {
582 LOG_INFO("Malformed TRACE event of length %hd",
583 bqr_parameter_length);
584 }
585 break;
586
587 default:
588 LOG_INFO("Unhandled BQR subevent 0x%02hxx", sub_event_code);
589 }
590 }
591 }
592
593 for (i = 0; i < BTM_MAX_VSE_CALLBACKS; i++) {
594 if (btm_cb.devcb.p_vend_spec_cb[i])
595 (*btm_cb.devcb.p_vend_spec_cb[i])(evt_len, p);
596 }
597 }
598
599 /*******************************************************************************
600 *
601 * Function BTM_WritePageTimeout
602 *
603 * Description Send HCI Write Page Timeout.
604 *
605 ******************************************************************************/
BTM_WritePageTimeout(uint16_t timeout)606 void BTM_WritePageTimeout(uint16_t timeout) {
607 BTM_TRACE_EVENT("BTM: BTM_WritePageTimeout: Timeout: %d.", timeout);
608
609 /* Send the HCI command */
610 btsnd_hcic_write_page_tout(timeout);
611 }
612
613 /*******************************************************************************
614 *
615 * Function BTM_WriteVoiceSettings
616 *
617 * Description Send HCI Write Voice Settings command.
618 * See hcidefs.h for settings bitmask values.
619 *
620 ******************************************************************************/
BTM_WriteVoiceSettings(uint16_t settings)621 void BTM_WriteVoiceSettings(uint16_t settings) {
622 BTM_TRACE_EVENT("BTM: BTM_WriteVoiceSettings: Settings: 0x%04x.", settings);
623
624 /* Send the HCI command */
625 btsnd_hcic_write_voice_settings((uint16_t)(settings & 0x03ff));
626 }
627
628 /*******************************************************************************
629 *
630 * Function BTM_EnableTestMode
631 *
632 * Description Send HCI the enable device under test command.
633 *
634 * Note: Controller can only be taken out of this mode by
635 * resetting the controller.
636 *
637 * Returns
638 * BTM_SUCCESS Command sent.
639 * BTM_NO_RESOURCES If out of resources to send the command.
640 *
641 *
642 ******************************************************************************/
BTM_EnableTestMode(void)643 tBTM_STATUS BTM_EnableTestMode(void) {
644 uint8_t cond;
645
646 BTM_TRACE_EVENT("BTM: BTM_EnableTestMode");
647
648 /* set auto accept connection as this is needed during test mode */
649 /* Allocate a buffer to hold HCI command */
650 cond = HCI_DO_AUTO_ACCEPT_CONNECT;
651 btsnd_hcic_set_event_filter(HCI_FILTER_CONNECTION_SETUP,
652 HCI_FILTER_COND_NEW_DEVICE, &cond, sizeof(cond));
653
654 /* put device to connectable mode */
655 if (BTM_SetConnectability(BTM_CONNECTABLE) != BTM_SUCCESS) {
656 return BTM_NO_RESOURCES;
657 }
658
659 /* put device to discoverable mode */
660 if (BTM_SetDiscoverability(BTM_GENERAL_DISCOVERABLE) != BTM_SUCCESS) {
661 return BTM_NO_RESOURCES;
662 }
663
664 /* mask off all of event from controller */
665 hci_layer_get_interface()->transmit_command(
666 hci_packet_factory_get_interface()->make_set_event_mask(
667 (const bt_event_mask_t*)("\x00\x00\x00\x00\x00\x00\x00\x00")),
668 NULL, NULL, NULL);
669
670 /* Send the HCI command */
671 btsnd_hcic_enable_test_mode();
672 return (BTM_SUCCESS);
673 }
674
675 /*******************************************************************************
676 *
677 * Function BTM_DeleteStoredLinkKey
678 *
679 * Description This function is called to delete link key for the specified
680 * device addresses from the NVRAM storage attached to the
681 * Bluetooth controller.
682 *
683 * Parameters: bd_addr - Addresses of the devices
684 * p_cb - Call back function to be called to return
685 * the results
686 *
687 ******************************************************************************/
BTM_DeleteStoredLinkKey(const RawAddress * bd_addr,tBTM_CMPL_CB * p_cb)688 tBTM_STATUS BTM_DeleteStoredLinkKey(const RawAddress* bd_addr,
689 tBTM_CMPL_CB* p_cb) {
690 /* Check if the previous command is completed */
691 if (btm_cb.devcb.p_stored_link_key_cmpl_cb) return (BTM_BUSY);
692
693 bool delete_all_flag = !bd_addr;
694
695 BTM_TRACE_EVENT("BTM: BTM_DeleteStoredLinkKey: delete_all_flag: %s",
696 delete_all_flag ? "true" : "false");
697
698 btm_cb.devcb.p_stored_link_key_cmpl_cb = p_cb;
699 if (!bd_addr) {
700 /* This is to delete all link keys */
701 /* We don't care the BD address. Just pass a non zero pointer */
702 RawAddress local_bd_addr = RawAddress::kEmpty;
703 btsnd_hcic_delete_stored_key(local_bd_addr, delete_all_flag);
704 } else {
705 btsnd_hcic_delete_stored_key(*bd_addr, delete_all_flag);
706 }
707
708 return (BTM_SUCCESS);
709 }
710
711 /*******************************************************************************
712 *
713 * Function btm_delete_stored_link_key_complete
714 *
715 * Description This function is called when the command complete message
716 * is received from the HCI for the delete stored link key
717 * command.
718 *
719 * Returns void
720 *
721 ******************************************************************************/
btm_delete_stored_link_key_complete(uint8_t * p)722 void btm_delete_stored_link_key_complete(uint8_t* p) {
723 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_stored_link_key_cmpl_cb;
724 tBTM_DELETE_STORED_LINK_KEY_COMPLETE result;
725
726 /* If there was a callback registered for read stored link key, call it */
727 btm_cb.devcb.p_stored_link_key_cmpl_cb = NULL;
728
729 if (p_cb) {
730 /* Set the call back event to indicate command complete */
731 result.event = BTM_CB_EVT_DELETE_STORED_LINK_KEYS;
732
733 /* Extract the result fields from the HCI event */
734 STREAM_TO_UINT8(result.status, p);
735 STREAM_TO_UINT16(result.num_keys, p);
736
737 /* Call the call back and pass the result */
738 (*p_cb)(&result);
739 }
740 }
741
742 /*******************************************************************************
743 *
744 * Function BTM_BT_Quality_Report_VSE_CBack
745 *
746 * Description Callback invoked on receiving of Vendor Specific Events.
747 * This function will call registered BQR report receiver if
748 * Bluetooth Quality Report sub-event is identified.
749 *
750 * Parameters: length - Lengths of all of the parameters contained in the
751 * Vendor Specific Event.
752 * p_stream - A pointer to the quality report which is sent
753 * from the Bluetooth controller via Vendor Specific Event.
754 *
755 ******************************************************************************/
BTM_BT_Quality_Report_VSE_CBack(uint8_t length,uint8_t * p_stream)756 static void BTM_BT_Quality_Report_VSE_CBack(uint8_t length, uint8_t* p_stream) {
757 if (length == 0) {
758 LOG(WARNING) << __func__ << ": Lengths of all of the parameters are zero.";
759 return;
760 }
761
762 uint8_t sub_event = 0;
763 STREAM_TO_UINT8(sub_event, p_stream);
764 length--;
765
766 if (sub_event == HCI_VSE_SUBCODE_BQR_SUB_EVT) {
767 if (btm_cb.p_bqr_report_receiver == nullptr) {
768 LOG(WARNING) << __func__ << ": No registered report receiver.";
769 return;
770 }
771
772 btm_cb.p_bqr_report_receiver(length, p_stream);
773 }
774 }
775
776 /*******************************************************************************
777 *
778 * Function BTM_BT_Quality_Report_VSE_Register
779 *
780 * Description Register/Deregister for Bluetooth Quality Report VSE sub
781 * event Callback.
782 *
783 * Parameters: is_register - True/False to register/unregister for VSE.
784 * p_bqr_report_receiver - The receiver for receiving Bluetooth
785 * Quality Report VSE sub event.
786 *
787 ******************************************************************************/
BTM_BT_Quality_Report_VSE_Register(bool is_register,tBTM_BT_QUALITY_REPORT_RECEIVER * p_bqr_report_receiver)788 tBTM_STATUS BTM_BT_Quality_Report_VSE_Register(
789 bool is_register, tBTM_BT_QUALITY_REPORT_RECEIVER* p_bqr_report_receiver) {
790 tBTM_STATUS retval =
791 BTM_RegisterForVSEvents(BTM_BT_Quality_Report_VSE_CBack, is_register);
792
793 if (retval != BTM_SUCCESS) {
794 LOG(WARNING) << __func__ << ": Fail to (un)register VSEvents: " << retval
795 << ", is_register: " << logbool(is_register);
796 return retval;
797 }
798
799 if (is_register) {
800 btm_cb.p_bqr_report_receiver = p_bqr_report_receiver;
801 } else {
802 btm_cb.p_bqr_report_receiver = nullptr;
803 }
804
805 LOG(INFO) << __func__ << ": Success to (un)register VSEvents."
806 << " is_register: " << logbool(is_register);
807 return retval;
808 }
809