1 /******************************************************************************
2 *
3 * Copyright 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains action functions for the audio gateway.
22 *
23 ******************************************************************************/
24
25 #include <bluetooth/log.h>
26 #include <com_android_bluetooth_flags.h>
27
28 #include <cstdint>
29 #include <cstring>
30
31 #include "bta/ag/bta_ag_int.h"
32 #include "bta/include/bta_dm_api.h"
33 #include "bta/include/bta_hfp_api.h"
34 #include "bta_ag_swb_aptx.h"
35 #include "internal_include/bt_trace.h"
36
37 #ifdef __ANDROID__
38 #include "bta/le_audio/devices.h"
39 #endif
40
41 #include "btif/include/btif_config.h"
42 #include "device/include/device_iot_config.h"
43 #include "stack/include/bt_uuid16.h"
44 #include "stack/include/btm_sec_api_types.h"
45 #include "stack/include/l2c_api.h"
46 #include "stack/include/port_api.h"
47 #include "stack/include/sdp_api.h"
48 #include "storage/config_keys.h"
49 #include "types/raw_address.h"
50
51 using namespace bluetooth;
52 using namespace bluetooth::legacy::stack::sdp;
53
54 /*****************************************************************************
55 * Constants
56 ****************************************************************************/
57
58 /* maximum length of data to read from RFCOMM */
59 #define BTA_AG_RFC_READ_MAX 512
60
61 /* maximum AT command length */
62 #define BTA_AG_CMD_MAX 512
63
64 const uint16_t bta_ag_uuid[BTA_AG_NUM_IDX] = {
65 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, UUID_SERVCLASS_AG_HANDSFREE};
66
67 const uint8_t bta_ag_sec_id[BTA_AG_NUM_IDX] = {BTM_SEC_SERVICE_HEADSET_AG,
68 BTM_SEC_SERVICE_AG_HANDSFREE};
69
70 const tBTA_SERVICE_ID bta_ag_svc_id[BTA_AG_NUM_IDX] = {BTA_HSP_SERVICE_ID,
71 BTA_HFP_SERVICE_ID};
72
73 const tBTA_SERVICE_MASK bta_ag_svc_mask[BTA_AG_NUM_IDX] = {
74 BTA_HSP_SERVICE_MASK, BTA_HFP_SERVICE_MASK};
75
76 typedef void (*tBTA_AG_ATCMD_CBACK)(tBTA_AG_SCB* p_scb, uint16_t cmd,
77 uint8_t arg_type, char* p_arg, char* p_end,
78 int16_t int_arg);
79
80 const tBTA_AG_ATCMD_CBACK bta_ag_at_cback_tbl[BTA_AG_NUM_IDX] = {
81 bta_ag_at_hsp_cback, bta_ag_at_hfp_cback};
82
83 /*******************************************************************************
84 *
85 * Function bta_ag_cback_open
86 *
87 * Description Send open callback event to application.
88 *
89 *
90 * Returns void
91 *
92 ******************************************************************************/
bta_ag_cback_open(tBTA_AG_SCB * p_scb,const RawAddress & bd_addr,tBTA_AG_STATUS status)93 static void bta_ag_cback_open(tBTA_AG_SCB* p_scb, const RawAddress& bd_addr,
94 tBTA_AG_STATUS status) {
95 tBTA_AG_OPEN open = {};
96
97 /* call app callback with open event */
98 open.hdr.handle = bta_ag_scb_to_idx(p_scb);
99 open.hdr.app_id = p_scb->app_id;
100 open.status = status;
101 open.service_id = bta_ag_svc_id[p_scb->conn_service];
102 open.bd_addr = bd_addr;
103
104 (*bta_ag_cb.p_cback)(BTA_AG_OPEN_EVT, (tBTA_AG*)&open);
105 }
106
107 /*******************************************************************************
108 *
109 * Function bta_ag_register
110 *
111 * Description This function initializes values of the AG cb and sets up
112 * the SDP record for the services.
113 *
114 *
115 * Returns void
116 *
117 ******************************************************************************/
bta_ag_register(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)118 void bta_ag_register(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
119 /* initialize control block */
120 p_scb->reg_services = data.api_register.services;
121 p_scb->features = data.api_register.features;
122 p_scb->masked_features = data.api_register.features;
123 p_scb->app_id = data.api_register.app_id;
124
125 /* create SDP records */
126 bta_ag_create_records(p_scb, data);
127
128 /* start RFCOMM servers */
129 bta_ag_start_servers(p_scb, p_scb->reg_services);
130
131 /* call app callback with register event */
132 tBTA_AG_REGISTER reg = {};
133 reg.hdr.handle = bta_ag_scb_to_idx(p_scb);
134 reg.hdr.app_id = p_scb->app_id;
135 reg.status = BTA_AG_SUCCESS;
136 (*bta_ag_cb.p_cback)(BTA_AG_REGISTER_EVT, (tBTA_AG*)®);
137 }
138
139 /*******************************************************************************
140 *
141 * Function bta_ag_deregister
142 *
143 * Description This function removes the sdp records, closes the RFCOMM
144 * servers, and deallocates the service control block.
145 *
146 *
147 * Returns void
148 *
149 ******************************************************************************/
bta_ag_deregister(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)150 void bta_ag_deregister(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
151 /* set dealloc */
152 p_scb->dealloc = true;
153
154 /* remove sdp records */
155 bta_ag_del_records(p_scb);
156
157 /* remove rfcomm servers */
158 bta_ag_close_servers(p_scb, p_scb->reg_services);
159
160 /* dealloc */
161 bta_ag_scb_dealloc(p_scb);
162 }
163
164 /*******************************************************************************
165 *
166 * Function bta_ag_start_dereg
167 *
168 * Description Start a deregister event.
169 *
170 *
171 * Returns void
172 *
173 ******************************************************************************/
bta_ag_start_dereg(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)174 void bta_ag_start_dereg(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
175 /* set dealloc */
176 p_scb->dealloc = true;
177
178 /* remove sdp records */
179 bta_ag_del_records(p_scb);
180 }
181
182 /*******************************************************************************
183 *
184 * Function bta_ag_start_open
185 *
186 * Description This starts an AG open.
187 *
188 *
189 * Returns void
190 *
191 ******************************************************************************/
bta_ag_start_open(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)192 void bta_ag_start_open(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
193 p_scb->peer_addr = data.api_open.bd_addr;
194 p_scb->open_services = p_scb->reg_services;
195
196 /* Check if RFCOMM has any incoming connection to avoid collision. */
197 RawAddress pending_bd_addr = RawAddress::kEmpty;
198 if (PORT_IsOpening(&pending_bd_addr)) {
199 /* Let the incoming connection goes through. */
200 /* Issue collision for this scb for now. */
201 /* We will decide what to do when we find incoming connetion later. */
202 bta_ag_collision_cback(BTA_SYS_CONN_OPEN, BTA_ID_AG, 0, p_scb->peer_addr);
203 return;
204 }
205
206 /* close servers */
207 bta_ag_close_servers(p_scb, p_scb->reg_services);
208
209 /* set role */
210 p_scb->role = BTA_AG_INT;
211
212 /* do service search */
213 bta_ag_do_disc(p_scb, p_scb->open_services);
214 }
215
216 /*******************************************************************************
217 *
218 * Function bta_ag_disc_int_res
219 *
220 * Description This function handles a discovery result when initiator.
221 *
222 *
223 * Returns void
224 *
225 ******************************************************************************/
bta_ag_disc_int_res(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)226 void bta_ag_disc_int_res(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
227 uint16_t event = BTA_AG_DISC_FAIL_EVT;
228
229 log::verbose("bta_ag_disc_int_res: Status: {}", data.disc_result.status);
230
231 /* if found service */
232 if (data.disc_result.status == SDP_SUCCESS ||
233 data.disc_result.status == SDP_DB_FULL) {
234 /* get attributes */
235 if (bta_ag_sdp_find_attr(p_scb, p_scb->open_services)) {
236 /* set connected service */
237 p_scb->conn_service = bta_ag_service_to_idx(p_scb->open_services);
238
239 /* send ourselves sdp ok event */
240 event = BTA_AG_DISC_OK_EVT;
241
242 DEVICE_IOT_CONFIG_ADDR_SET_HEX_IF_GREATER(
243 p_scb->peer_addr, IOT_CONF_KEY_HFP_VERSION, p_scb->peer_version,
244 IOT_CONF_BYTE_NUM_2);
245 }
246 }
247
248 /* free discovery db */
249 bta_ag_free_db(p_scb, data);
250
251 /* if service not found check if we should search for other service */
252 if ((event == BTA_AG_DISC_FAIL_EVT) &&
253 (data.disc_result.status == SDP_SUCCESS ||
254 data.disc_result.status == SDP_DB_FULL ||
255 data.disc_result.status == SDP_NO_RECS_MATCH)) {
256 if ((p_scb->open_services & BTA_HFP_SERVICE_MASK) &&
257 (p_scb->open_services & BTA_HSP_SERVICE_MASK)) {
258 /* search for HSP */
259 p_scb->open_services &= ~BTA_HFP_SERVICE_MASK;
260 bta_ag_do_disc(p_scb, p_scb->open_services);
261 } else if ((p_scb->open_services & BTA_HSP_SERVICE_MASK) &&
262 (p_scb->hsp_version == HSP_VERSION_1_2)) {
263 /* search for UUID_SERVCLASS_HEADSET instead */
264 p_scb->hsp_version = HSP_VERSION_1_0;
265 bta_ag_do_disc(p_scb, p_scb->open_services);
266 } else {
267 /* send ourselves sdp ok/fail event */
268 bta_ag_sm_execute(p_scb, event, data);
269 }
270 } else {
271 /* send ourselves sdp ok/fail event */
272 bta_ag_sm_execute(p_scb, event, data);
273 }
274 }
275
276 /*******************************************************************************
277 *
278 * Function bta_ag_disc_acp_res
279 *
280 * Description This function handles a discovery result when acceptor.
281 *
282 *
283 * Returns void
284 *
285 ******************************************************************************/
bta_ag_disc_acp_res(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)286 void bta_ag_disc_acp_res(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
287 /* if found service */
288 if (data.disc_result.status == SDP_SUCCESS ||
289 data.disc_result.status == SDP_DB_FULL) {
290 /* get attributes */
291 bta_ag_sdp_find_attr(p_scb, bta_ag_svc_mask[p_scb->conn_service]);
292 DEVICE_IOT_CONFIG_ADDR_SET_HEX_IF_GREATER(
293 p_scb->peer_addr, IOT_CONF_KEY_HFP_VERSION, p_scb->peer_version,
294 IOT_CONF_BYTE_NUM_2);
295 }
296
297 /* free discovery db */
298 bta_ag_free_db(p_scb, data);
299 }
300
301 /*******************************************************************************
302 *
303 * Function bta_ag_disc_fail
304 *
305 * Description This function handles a discovery failure.
306 *
307 *
308 * Returns void
309 *
310 ******************************************************************************/
bta_ag_disc_fail(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA &)311 void bta_ag_disc_fail(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& /* data */) {
312 /* reopen registered servers */
313 bta_ag_start_servers(p_scb, p_scb->reg_services);
314
315 /* reinitialize stuff */
316
317 /* clear the remote BD address */
318 RawAddress peer_addr = p_scb->peer_addr;
319 p_scb->peer_addr = RawAddress::kEmpty;
320
321 /* call open cback w. failure */
322 bta_ag_cback_open(p_scb, peer_addr, BTA_AG_FAIL_SDP);
323 }
324
325 /*******************************************************************************
326 *
327 * Function bta_ag_open_fail
328 *
329 * Description open connection failed.
330 *
331 *
332 * Returns void
333 *
334 ******************************************************************************/
bta_ag_open_fail(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)335 void bta_ag_open_fail(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
336 /* call open cback w. failure */
337 log::debug("state {}", bta_ag_state_str(p_scb->state));
338 bta_ag_cback_open(p_scb, data.api_open.bd_addr, BTA_AG_FAIL_RESOURCES);
339 }
340
341 /*******************************************************************************
342 *
343 * Function bta_ag_rfc_fail
344 *
345 * Description RFCOMM connection failed.
346 *
347 *
348 * Returns void
349 *
350 ******************************************************************************/
bta_ag_rfc_fail(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA &)351 void bta_ag_rfc_fail(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& /* data */) {
352 log::info("reset p_scb with index={}", bta_ag_scb_to_idx(p_scb));
353 RawAddress peer_addr = p_scb->peer_addr;
354 /* reinitialize stuff */
355 if (com::android::bluetooth::flags::reset_ag_state_on_collision()) {
356 p_scb->state = BTA_AG_INIT_ST;
357 }
358 p_scb->conn_handle = 0;
359 p_scb->conn_service = 0;
360 p_scb->peer_features = 0;
361 p_scb->peer_codecs = BTM_SCO_CODEC_CVSD;
362 p_scb->sco_codec = BTM_SCO_CODEC_CVSD;
363 p_scb->is_aptx_swb_codec = false;
364 p_scb->role = 0;
365 p_scb->svc_conn = false;
366 p_scb->hsp_version = HSP_VERSION_1_2;
367 /*Clear the BD address*/
368 p_scb->peer_addr = RawAddress::kEmpty;
369
370 /* reopen registered servers */
371 bta_ag_start_servers(p_scb, p_scb->reg_services);
372
373 /* call open cback w. failure */
374 bta_ag_cback_open(p_scb, peer_addr, BTA_AG_FAIL_RFCOMM);
375 }
376
377 /*******************************************************************************
378 *
379 * Function bta_ag_rfc_close
380 *
381 * Description RFCOMM connection closed.
382 *
383 *
384 * Returns void
385 *
386 ******************************************************************************/
bta_ag_rfc_close(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA &)387 void bta_ag_rfc_close(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& /* data */) {
388 tBTA_AG_CLOSE close = {};
389 tBTA_SERVICE_MASK services;
390 int i, num_active_conn = 0;
391
392 /* reinitialize stuff */
393 p_scb->conn_service = 0;
394 p_scb->peer_features = 0;
395 p_scb->masked_features = p_scb->features;
396 p_scb->peer_codecs = BTM_SCO_CODEC_CVSD;
397 p_scb->sco_codec = BTM_SCO_CODEC_CVSD;
398 /* Clear these flags upon SLC teardown */
399 p_scb->codec_updated = false;
400 p_scb->codec_fallback = false;
401 p_scb->trying_cvsd_safe_settings = false;
402 p_scb->retransmission_effort_retries = 0;
403 p_scb->codec_msbc_settings = BTA_AG_SCO_MSBC_SETTINGS_T2;
404 p_scb->codec_cvsd_settings = BTA_AG_SCO_CVSD_SETTINGS_S4;
405 p_scb->codec_aptx_settings = BTA_AG_SCO_APTX_SWB_SETTINGS_Q0;
406 p_scb->is_aptx_swb_codec = false;
407 p_scb->codec_lc3_settings = BTA_AG_SCO_LC3_SETTINGS_T2;
408 p_scb->role = 0;
409 p_scb->svc_conn = false;
410 p_scb->hsp_version = HSP_VERSION_1_2;
411 bta_ag_at_reinit(&p_scb->at_cb);
412
413 for (auto& peer_hf_indicator : p_scb->peer_hf_indicators) {
414 peer_hf_indicator = {};
415 }
416 for (auto& local_hf_indicator : p_scb->local_hf_indicators) {
417 local_hf_indicator = {};
418 }
419
420 /* stop timers */
421 alarm_cancel(p_scb->ring_timer);
422 alarm_cancel(p_scb->codec_negotiation_timer);
423
424 close.hdr.handle = bta_ag_scb_to_idx(p_scb);
425 close.hdr.app_id = p_scb->app_id;
426 close.bd_addr = p_scb->peer_addr;
427
428 bta_sys_conn_close(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
429
430 if (bta_ag_get_active_device() == p_scb->peer_addr) {
431 bta_clear_active_device();
432 }
433
434 /* call close cback */
435 (*bta_ag_cb.p_cback)(BTA_AG_CLOSE_EVT, (tBTA_AG*)&close);
436
437 /* if not deregistering (deallocating) reopen registered servers */
438 if (!p_scb->dealloc) {
439 /* Clear peer bd_addr so instance can be reused */
440 p_scb->peer_addr = RawAddress::kEmpty;
441
442 /* start only unopened server */
443 services = p_scb->reg_services;
444 for (i = 0; i < BTA_AG_NUM_IDX && services != 0; i++) {
445 if (p_scb->serv_handle[i])
446 services &= ~((tBTA_SERVICE_MASK)1 << (BTA_HSP_SERVICE_ID + i));
447 }
448 bta_ag_start_servers(p_scb, services);
449
450 p_scb->conn_handle = 0;
451
452 /* Make sure SCO state is BTA_AG_SCO_SHUTDOWN_ST */
453 bta_ag_sco_shutdown(p_scb, tBTA_AG_DATA::kEmpty);
454
455 /* Check if all the SLCs are down */
456 for (i = 0; i < BTA_AG_MAX_NUM_CLIENTS; i++) {
457 if (bta_ag_cb.scb[i].in_use && bta_ag_cb.scb[i].svc_conn)
458 num_active_conn++;
459 }
460
461 if (!num_active_conn) {
462 bta_sys_sco_unuse(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
463 }
464
465 }
466 /* else close port and deallocate scb */
467 else {
468 if (RFCOMM_RemoveServer(p_scb->conn_handle) != PORT_SUCCESS) {
469 log::warn("Unable to remove RFCOMM server peer:{} handle:{}",
470 p_scb->peer_addr, p_scb->conn_handle);
471 };
472 bta_ag_scb_dealloc(p_scb);
473 }
474 }
475
476 /*******************************************************************************
477 *
478 * Function bta_ag_rfc_open
479 *
480 * Description Handle RFCOMM channel open.
481 *
482 *
483 * Returns void
484 *
485 ******************************************************************************/
bta_ag_rfc_open(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)486 void bta_ag_rfc_open(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
487 /* initialize AT feature variables */
488 p_scb->clip_enabled = false;
489 p_scb->ccwa_enabled = false;
490 p_scb->cmer_enabled = false;
491 p_scb->cmee_enabled = false;
492 p_scb->inband_enabled =
493 ((p_scb->features & BTA_AG_FEAT_INBAND) == BTA_AG_FEAT_INBAND);
494 if (p_scb->conn_service == BTA_AG_HFP) {
495 size_t version_value_size = sizeof(p_scb->peer_version);
496 if (!btif_config_get_bin(
497 p_scb->peer_addr.ToString(), BTIF_STORAGE_KEY_HFP_VERSION,
498 (uint8_t*)&p_scb->peer_version, &version_value_size)) {
499 log::warn("Failed read cached peer HFP version for {}", p_scb->peer_addr);
500 p_scb->peer_version = HFP_HSP_VERSION_UNKNOWN;
501 }
502 size_t sdp_features_size = sizeof(p_scb->peer_sdp_features);
503 if (btif_config_get_bin(
504 p_scb->peer_addr.ToString(), BTIF_STORAGE_KEY_HFP_SDP_FEATURES,
505 (uint8_t*)&p_scb->peer_sdp_features, &sdp_features_size)) {
506 bool sdp_wbs_support = p_scb->peer_sdp_features & BTA_AG_FEAT_WBS_SUPPORT;
507 if (!p_scb->received_at_bac && sdp_wbs_support) {
508 p_scb->codec_updated = true;
509 p_scb->peer_codecs = BTM_SCO_CODEC_CVSD | BTM_SCO_CODEC_MSBC;
510 p_scb->sco_codec = BTM_SCO_CODEC_MSBC;
511 }
512 bool sdp_swb_support = p_scb->peer_sdp_features & BTA_AG_FEAT_SWB_SUPPORT;
513 if (!p_scb->received_at_bac && sdp_swb_support) {
514 p_scb->codec_updated = true;
515 p_scb->peer_codecs |= BTM_SCO_CODEC_LC3;
516 p_scb->sco_codec = BTM_SCO_CODEC_LC3;
517 }
518 } else {
519 log::warn("Failed read cached peer HFP SDP features for {}",
520 p_scb->peer_addr);
521 }
522 }
523
524 /* set up AT command interpreter */
525 p_scb->at_cb.p_at_tbl = bta_ag_at_tbl[p_scb->conn_service];
526 p_scb->at_cb.p_cmd_cback = bta_ag_at_cback_tbl[p_scb->conn_service];
527 p_scb->at_cb.p_err_cback = bta_ag_at_err_cback;
528 p_scb->at_cb.p_user = p_scb;
529 p_scb->at_cb.cmd_max_len = BTA_AG_CMD_MAX;
530 bta_ag_at_init(&p_scb->at_cb);
531
532 bta_sys_conn_open(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
533
534 bta_ag_cback_open(p_scb, p_scb->peer_addr, BTA_AG_SUCCESS);
535
536 if (p_scb->conn_service == BTA_AG_HFP) {
537 /* if hfp start timer for service level conn */
538 bta_sys_start_timer(p_scb->ring_timer, p_bta_ag_cfg->conn_tout,
539 BTA_AG_SVC_TIMEOUT_EVT, bta_ag_scb_to_idx(p_scb));
540 } else {
541 /* else service level conn is open */
542 bta_ag_svc_conn_open(p_scb, data);
543 }
544 }
545
546 /*******************************************************************************
547 *
548 * Function bta_ag_rfc_acp_open
549 *
550 * Description Handle RFCOMM channel open when accepting connection.
551 *
552 *
553 * Returns void
554 *
555 ******************************************************************************/
bta_ag_rfc_acp_open(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)556 void bta_ag_rfc_acp_open(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
557 log::verbose("serv_handle0 = {} serv_handle = {}", p_scb->serv_handle[0],
558 p_scb->serv_handle[1]);
559 /* set role */
560 p_scb->role = BTA_AG_ACP;
561
562 /* get bd addr of peer */
563 uint16_t lcid = 0;
564 uint16_t hfp_version = 0;
565 RawAddress dev_addr = RawAddress::kEmpty;
566 int status = PORT_CheckConnection(data.rfc.port_handle, &dev_addr, &lcid);
567 if (status != PORT_SUCCESS) {
568 log::error("PORT_CheckConnection returned {}", status);
569 return;
570 }
571
572 /* Collision Handling */
573 for (tBTA_AG_SCB& ag_scb : bta_ag_cb.scb) {
574 // Cancel any pending collision timers
575 if (ag_scb.in_use && alarm_is_scheduled(ag_scb.collision_timer)) {
576 log::verbose("cancel collision alarm for {}", ag_scb.peer_addr);
577 alarm_cancel(ag_scb.collision_timer);
578 if (dev_addr != ag_scb.peer_addr && p_scb != &ag_scb) {
579 // Resume outgoing connection if incoming is not on the same device
580 bta_ag_resume_open(&ag_scb);
581 }
582 }
583 if (dev_addr == ag_scb.peer_addr && p_scb != &ag_scb) {
584 log::info(
585 "close outgoing connection before accepting {} with conn_handle={}",
586 ag_scb.peer_addr, ag_scb.conn_handle);
587 if (!com::android::bluetooth::flags::close_rfcomm_instead_of_reset()) {
588 // Fail the outgoing connection to clean up any upper layer states
589 bta_ag_rfc_fail(&ag_scb, tBTA_AG_DATA::kEmpty);
590 }
591 // If client port is opened, close it, state machine will handle rfcomm
592 // closed in opening state as failure and pass to upper layer
593 if (ag_scb.conn_handle > 0) {
594 status = RFCOMM_RemoveConnection(ag_scb.conn_handle);
595 if (status != PORT_SUCCESS) {
596 log::warn(
597 "RFCOMM_RemoveConnection failed for {}, handle {}, error {}",
598 dev_addr, ag_scb.conn_handle, status);
599 }
600 } else if (com::android::bluetooth::flags::reset_after_collision()) {
601 // As no existing outgoing rfcomm connection, then manual reset current
602 // state, and use the incoming one
603 bta_ag_rfc_fail(&ag_scb, tBTA_AG_DATA::kEmpty);
604 }
605 }
606 log::info("dev_addr={}, peer_addr={}, in_use={}, index={}", dev_addr,
607 ag_scb.peer_addr, ag_scb.in_use, bta_ag_scb_to_idx(p_scb));
608 }
609
610 p_scb->peer_addr = dev_addr;
611
612 /* determine connected service from port handle */
613 for (uint8_t i = 0; i < BTA_AG_NUM_IDX; i++) {
614 log::verbose(
615 "bta_ag_rfc_acp_open: i = {} serv_handle = {} port_handle = {}", i,
616 p_scb->serv_handle[i], data.rfc.port_handle);
617
618 if (p_scb->serv_handle[i] == data.rfc.port_handle) {
619 p_scb->conn_service = i;
620 p_scb->conn_handle = data.rfc.port_handle;
621 break;
622 }
623 }
624
625 log::verbose("bta_ag_rfc_acp_open: conn_service = {} conn_handle = {}",
626 p_scb->conn_service, p_scb->conn_handle);
627
628 /* close any unopened server */
629 bta_ag_close_servers(
630 p_scb, (p_scb->reg_services & ~bta_ag_svc_mask[p_scb->conn_service]));
631
632 size_t version_value_size = sizeof(hfp_version);
633 bool get_version = btif_config_get_bin(
634 p_scb->peer_addr.ToString(), BTIF_STORAGE_KEY_HFP_VERSION,
635 (uint8_t*)&hfp_version, &version_value_size);
636
637 if (p_scb->conn_service == BTA_AG_HFP && get_version) {
638 DEVICE_IOT_CONFIG_ADDR_SET_HEX_IF_GREATER(p_scb->peer_addr,
639 IOT_CONF_KEY_HFP_VERSION,
640 hfp_version, IOT_CONF_BYTE_NUM_2);
641 }
642 /* do service discovery to get features */
643 bta_ag_do_disc(p_scb, bta_ag_svc_mask[p_scb->conn_service]);
644
645 /* continue with common open processing */
646 bta_ag_rfc_open(p_scb, data);
647 }
648
649 /*******************************************************************************
650 *
651 * Function bta_ag_rfc_data
652 *
653 * Description Read and process data from RFCOMM.
654 *
655 *
656 * Returns void
657 *
658 ******************************************************************************/
bta_ag_rfc_data(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA &)659 void bta_ag_rfc_data(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& /* data */) {
660 uint16_t len;
661 char buf[BTA_AG_RFC_READ_MAX] = "";
662
663 log::verbose("");
664
665 /* do the following */
666 for (;;) {
667 /* read data from rfcomm; if bad status, we're done */
668 if (PORT_ReadData(p_scb->conn_handle, buf, BTA_AG_RFC_READ_MAX, &len) !=
669 PORT_SUCCESS) {
670 log::error("failed to read data {}", p_scb->peer_addr);
671 break;
672 }
673
674 /* if no data, we're done */
675 if (len == 0) {
676 log::warn("no data for {}", p_scb->peer_addr);
677 break;
678 }
679
680 /* run AT command interpreter on data */
681 bta_sys_busy(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
682 bta_ag_at_parse(&p_scb->at_cb, buf, len);
683 if ((p_scb->sco_idx != BTM_INVALID_SCO_INDEX) &&
684 bta_ag_sco_is_open(p_scb)) {
685 log::verbose("change link policy for SCO");
686 bta_sys_sco_open(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
687 } else {
688 bta_sys_idle(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
689 }
690
691 /* no more data to read, we're done */
692 if (len < BTA_AG_RFC_READ_MAX) {
693 break;
694 }
695 }
696 }
697
698 /*******************************************************************************
699 *
700 * Function bta_ag_start_close
701 *
702 * Description Start the process of closing SCO and RFCOMM connection.
703 *
704 *
705 * Returns void
706 *
707 ******************************************************************************/
bta_ag_start_close(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)708 void bta_ag_start_close(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
709 /* Take the link out of sniff and set L2C idle time to 0 */
710 bta_dm_pm_active(p_scb->peer_addr);
711 if (!L2CA_SetIdleTimeoutByBdAddr(p_scb->peer_addr, 0, BT_TRANSPORT_BR_EDR)) {
712 log::warn("Unable to set idle timeout peer:{}", p_scb->peer_addr);
713 }
714
715 /* if SCO is open close SCO and wait on RFCOMM close */
716 if (bta_ag_sco_is_open(p_scb)) {
717 p_scb->post_sco = BTA_AG_POST_SCO_CLOSE_RFC;
718 } else {
719 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
720 bta_ag_rfc_do_close(p_scb, data);
721 }
722
723 /* always do SCO shutdown to handle all SCO corner cases */
724 bta_ag_sco_shutdown(p_scb, data);
725 }
726
727 /*******************************************************************************
728 *
729 * Function bta_ag_post_sco_open
730 *
731 * Description Perform post-SCO open action, if any
732 *
733 *
734 * Returns void
735 *
736 ******************************************************************************/
bta_ag_post_sco_open(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)737 void bta_ag_post_sco_open(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
738 switch (p_scb->post_sco) {
739 case BTA_AG_POST_SCO_RING:
740 bta_ag_send_ring(p_scb, data);
741 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
742 break;
743
744 case BTA_AG_POST_SCO_CALL_CONN:
745 bta_ag_send_call_inds(p_scb, BTA_AG_IN_CALL_CONN_RES);
746 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
747 break;
748
749 default:
750 break;
751 }
752 }
753
754 /*******************************************************************************
755 *
756 * Function bta_ag_post_sco_close
757 *
758 * Description Perform post-SCO close action, if any
759 *
760 *
761 * Returns void
762 *
763 ******************************************************************************/
bta_ag_post_sco_close(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)764 void bta_ag_post_sco_close(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
765 switch (p_scb->post_sco) {
766 case BTA_AG_POST_SCO_CLOSE_RFC:
767 bta_ag_rfc_do_close(p_scb, data);
768 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
769 break;
770
771 case BTA_AG_POST_SCO_CALL_CONN:
772 bta_ag_send_call_inds(p_scb, BTA_AG_IN_CALL_CONN_RES);
773 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
774 break;
775
776 case BTA_AG_POST_SCO_CALL_ORIG:
777 bta_ag_send_call_inds(p_scb, BTA_AG_OUT_CALL_ORIG_RES);
778 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
779 break;
780
781 case BTA_AG_POST_SCO_CALL_END:
782 bta_ag_send_call_inds(p_scb, BTA_AG_END_CALL_RES);
783 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
784 break;
785
786 case BTA_AG_POST_SCO_CALL_END_INCALL:
787 bta_ag_send_call_inds(p_scb, BTA_AG_END_CALL_RES);
788
789 /* Sending callsetup IND and Ring were defered to after SCO close. */
790 bta_ag_send_call_inds(p_scb, BTA_AG_IN_CALL_RES);
791
792 if (bta_ag_inband_enabled(p_scb) &&
793 !(p_scb->features & BTA_AG_FEAT_NOSCO)) {
794 p_scb->post_sco = BTA_AG_POST_SCO_RING;
795 if (!bta_ag_is_sco_open_allowed(p_scb,
796 "BTA_AG_POST_SCO_CALL_END_INCALL")) {
797 break;
798 }
799 if (bta_ag_is_sco_managed_by_audio()) {
800 // let Audio HAL open the SCO
801 break;
802 }
803 bta_ag_sco_open(p_scb, data);
804 } else {
805 p_scb->post_sco = BTA_AG_POST_SCO_NONE;
806 bta_ag_send_ring(p_scb, data);
807 }
808 break;
809
810 default:
811 break;
812 }
813 }
814
815 /*******************************************************************************
816 *
817 * Function bta_ag_svc_conn_open
818 *
819 * Description Service level connection opened
820 *
821 *
822 * Returns void
823 *
824 ******************************************************************************/
bta_ag_svc_conn_open(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA &)825 void bta_ag_svc_conn_open(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& /* data */) {
826 tBTA_AG_CONN evt = {};
827
828 if (!p_scb->svc_conn) {
829 /* set state variable */
830 p_scb->svc_conn = true;
831
832 /* Clear AT+BIA mask from previous SLC if any. */
833 p_scb->bia_masked_out = 0;
834
835 alarm_cancel(p_scb->ring_timer);
836
837 /* call callback */
838 evt.hdr.handle = bta_ag_scb_to_idx(p_scb);
839 evt.hdr.app_id = p_scb->app_id;
840 evt.peer_feat = p_scb->peer_features;
841 evt.bd_addr = p_scb->peer_addr;
842 evt.peer_codec = p_scb->peer_codecs;
843
844 if ((p_scb->call_ind != BTA_AG_CALL_INACTIVE) ||
845 (p_scb->callsetup_ind != BTA_AG_CALLSETUP_NONE)) {
846 bta_sys_sco_use(BTA_ID_AG, p_scb->app_id, p_scb->peer_addr);
847 }
848 if (bta_ag_get_active_device().IsEmpty()) {
849 bta_ag_api_set_active_device(p_scb->peer_addr);
850 }
851 (*bta_ag_cb.p_cback)(BTA_AG_CONN_EVT, (tBTA_AG*)&evt);
852 }
853 }
854
855 /*******************************************************************************
856 *
857 * Function bta_ag_setcodec
858 *
859 * Description Handle API SetCodec
860 *
861 *
862 * Returns void
863 *
864 ******************************************************************************/
bta_ag_setcodec(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA & data)865 void bta_ag_setcodec(tBTA_AG_SCB* p_scb, const tBTA_AG_DATA& data) {
866 tBTA_AG_PEER_CODEC codec_type = data.api_setcodec.codec;
867 tBTA_AG_VAL val = {};
868 const bool aptx_voice = is_hfp_aptx_voice_enabled() &&
869 (codec_type == BTA_AG_SCO_APTX_SWB_SETTINGS_Q0);
870 log::verbose("aptx_voice={}, codec_type={:#x}", aptx_voice, codec_type);
871
872 val.hdr.handle = bta_ag_scb_to_idx(p_scb);
873
874 /* Check if the requested codec type is valid */
875 if ((codec_type != BTM_SCO_CODEC_NONE) &&
876 (codec_type != BTM_SCO_CODEC_CVSD) &&
877 (codec_type != BTM_SCO_CODEC_MSBC) && (codec_type != BTM_SCO_CODEC_LC3) &&
878 !aptx_voice) {
879 val.num = codec_type;
880 val.hdr.status = BTA_AG_FAIL_RESOURCES;
881 log::error("bta_ag_setcodec error: unsupported codec type {}", codec_type);
882 (*bta_ag_cb.p_cback)(BTA_AG_CODEC_EVT, (tBTA_AG*)&val);
883 return;
884 }
885
886 if ((p_scb->peer_codecs & codec_type) || (codec_type == BTM_SCO_CODEC_NONE) ||
887 (codec_type == BTM_SCO_CODEC_CVSD)) {
888 p_scb->sco_codec = codec_type;
889 p_scb->codec_updated = true;
890 val.num = codec_type;
891 val.hdr.status = BTA_AG_SUCCESS;
892 log::verbose("bta_ag_setcodec: Updated codec type {}", codec_type);
893 } else {
894 val.num = codec_type;
895 val.hdr.status = BTA_AG_FAIL_RESOURCES;
896 log::error("bta_ag_setcodec error: unsupported codec type {}", codec_type);
897 }
898
899 (*bta_ag_cb.p_cback)(BTA_AG_CODEC_EVT, (tBTA_AG*)&val);
900 }
901
bta_ag_collision_timer_cback(void * data)902 static void bta_ag_collision_timer_cback(void* data) {
903 if (data == nullptr) {
904 log::error("data should never be null in a timer callback");
905 return;
906 }
907 /* If the peer haven't opened AG connection */
908 /* we will restart opening process. */
909 bta_ag_resume_open(static_cast<tBTA_AG_SCB*>(data));
910 }
911
bta_ag_handle_collision(tBTA_AG_SCB * p_scb,const tBTA_AG_DATA &)912 void bta_ag_handle_collision(tBTA_AG_SCB* p_scb,
913 const tBTA_AG_DATA& /* data */) {
914 /* Cancel SDP if it had been started. */
915 if (p_scb->p_disc_db) {
916 if (!get_legacy_stack_sdp_api()->service.SDP_CancelServiceSearch(
917 p_scb->p_disc_db)) {
918 log::warn("Unable to cancel SDP service discovery search peer:{}",
919 p_scb->peer_addr);
920 }
921 bta_ag_free_db(p_scb, tBTA_AG_DATA::kEmpty);
922 }
923
924 /* reopen registered servers */
925 /* Collision may be detected before or after we close servers. */
926 if (bta_ag_is_server_closed(p_scb)) {
927 bta_ag_start_servers(p_scb, p_scb->reg_services);
928 }
929
930 /* Start timer to han */
931 alarm_set_on_mloop(p_scb->collision_timer, BTA_AG_COLLISION_TIMEOUT_MS,
932 bta_ag_collision_timer_cback, p_scb);
933 }
934