1 /******************************************************************************
2 *
3 * Copyright 2008-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for BLE GAP.
22 *
23 ******************************************************************************/
24
25 #define LOG_TAG "bt_btm_ble"
26
27 #include <android_bluetooth_sysprop.h>
28 #include <base/functional/bind.h>
29 #include <base/strings/string_number_conversions.h>
30 #include <bluetooth/log.h>
31 #include <com_android_bluetooth_flags.h>
32
33 #include <cstdint>
34 #include <list>
35 #include <memory>
36 #include <type_traits>
37 #include <vector>
38
39 #include "bta/include/bta_api.h"
40 #include "common/time_util.h"
41 #include "hci/controller.h"
42 #include "hci/controller_interface.h"
43 #include "main/shim/acl_api.h"
44 #include "main/shim/entry.h"
45 #include "osi/include/allocator.h"
46 #include "osi/include/properties.h"
47 #include "osi/include/stack_power_telemetry.h"
48 #include "stack/btm/btm_ble_int.h"
49 #include "stack/btm/btm_ble_int_types.h"
50 #include "stack/btm/btm_dev.h"
51 #include "stack/btm/btm_int_types.h"
52 #include "stack/btm/btm_sec.h"
53 #include "stack/btm/btm_sec_cb.h"
54 #include "stack/include/acl_api.h"
55 #include "stack/include/advertise_data_parser.h"
56 #include "stack/include/ble_scanner.h"
57 #include "stack/include/bt_dev_class.h"
58 #include "stack/include/bt_types.h"
59 #include "stack/include/bt_uuid16.h"
60 #include "stack/include/btm_api_types.h"
61 #include "stack/include/btm_ble_addr.h"
62 #include "stack/include/btm_ble_privacy.h"
63 #include "stack/include/btm_log_history.h"
64 #include "stack/include/gap_api.h"
65 #include "stack/include/gattdefs.h"
66 #include "stack/include/hci_error_code.h"
67 #include "stack/include/inq_hci_link_interface.h"
68 #include "types/ble_address_with_type.h"
69 #include "types/raw_address.h"
70
71 using namespace bluetooth;
72
73 extern tBTM_CB btm_cb;
74
75 void btm_inq_remote_name_timer_timeout(void* data);
76 void btm_ble_adv_filter_init(void);
77
78 #define BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS (30 * 1000)
79 #define MIN_ADV_LENGTH 2
80 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN 9
81 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE \
82 BTM_VSC_CHIP_CAPABILITY_RSP_LEN
83 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_M_RELEASE 15
84 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_S_RELEASE 25
85
86 /* Sysprop paths for scan parameters */
87 static const char kPropertyInquiryScanInterval[] =
88 "bluetooth.core.le.inquiry_scan_interval";
89 static const char kPropertyInquiryScanWindow[] =
90 "bluetooth.core.le.inquiry_scan_window";
91
92 #ifndef PROPERTY_BLE_PRIVACY_OWN_ADDRESS_ENABLED
93 #define PROPERTY_BLE_PRIVACY_OWN_ADDRESS_ENABLED \
94 "bluetooth.core.gap.le.privacy.own_address_type.enabled"
95 #endif
96
97 static void btm_ble_start_scan();
98 static void btm_ble_stop_scan();
99 static tBTM_STATUS btm_ble_stop_adv(void);
100 static tBTM_STATUS btm_ble_start_adv(void);
101
102 using bluetooth::shim::GetController;
103
104 namespace {
105
106 constexpr char kBtmLogTag[] = "SCAN";
107
108 constexpr uint8_t BLE_EVT_CONNECTABLE_BIT = 0;
109 constexpr uint8_t BLE_EVT_SCANNABLE_BIT = 1;
110 constexpr uint8_t BLE_EVT_DIRECTED_BIT = 2;
111 constexpr uint8_t BLE_EVT_SCAN_RESPONSE_BIT = 3;
112 constexpr uint8_t BLE_EVT_LEGACY_BIT = 4;
113
114 class AdvertisingCache {
115 public:
116 /* Set the data to |data| for device |addr_type, addr| */
Set(uint8_t addr_type,const RawAddress & addr,std::vector<uint8_t> data)117 const std::vector<uint8_t>& Set(uint8_t addr_type, const RawAddress& addr,
118 std::vector<uint8_t> data) {
119 auto it = Find(addr_type, addr);
120 if (it != items.end()) {
121 it->data = std::move(data);
122 return it->data;
123 }
124
125 if (items.size() > cache_max) {
126 items.pop_back();
127 }
128
129 items.emplace_front(addr_type, addr, std::move(data));
130 return items.front().data;
131 }
132
Exist(uint8_t addr_type,const RawAddress & addr)133 bool Exist(uint8_t addr_type, const RawAddress& addr) {
134 auto it = Find(addr_type, addr);
135 if (it != items.end()) {
136 return true;
137 }
138 return false;
139 }
140
141 /* Append |data| for device |addr_type, addr| */
Append(uint8_t addr_type,const RawAddress & addr,std::vector<uint8_t> data)142 const std::vector<uint8_t>& Append(uint8_t addr_type, const RawAddress& addr,
143 std::vector<uint8_t> data) {
144 auto it = Find(addr_type, addr);
145 if (it != items.end()) {
146 it->data.insert(it->data.end(), data.begin(), data.end());
147 return it->data;
148 }
149
150 if (items.size() > cache_max) {
151 items.pop_back();
152 }
153
154 items.emplace_front(addr_type, addr, std::move(data));
155 return items.front().data;
156 }
157
158 /* Clear data for device |addr_type, addr| */
Clear(uint8_t addr_type,const RawAddress & addr)159 void Clear(uint8_t addr_type, const RawAddress& addr) {
160 auto it = Find(addr_type, addr);
161 if (it != items.end()) {
162 items.erase(it);
163 }
164 }
165
ClearAll()166 void ClearAll() { items.clear(); }
167
168 private:
169 struct Item {
170 uint8_t addr_type;
171 RawAddress addr;
172 std::vector<uint8_t> data;
173
Item__anona2202ec50111::AdvertisingCache::Item174 Item(uint8_t addr_type, const RawAddress& addr, std::vector<uint8_t> data)
175 : addr_type(addr_type), addr(addr), data(data) {}
176 };
177
Find(uint8_t addr_type,const RawAddress & addr)178 std::list<Item>::iterator Find(uint8_t addr_type, const RawAddress& addr) {
179 for (auto it = items.begin(); it != items.end(); it++) {
180 if (it->addr_type == addr_type && it->addr == addr) {
181 return it;
182 }
183 }
184 return items.end();
185 }
186
187 /* we keep maximum 7 devices in the cache */
188 const size_t cache_max = 7;
189 std::list<Item> items;
190 };
191
192 /* Devices in this cache are waiting for eiter scan response, or chained packets
193 * on secondary channel */
194 AdvertisingCache cache;
195
196 } // namespace
197
ble_vnd_is_included()198 bool ble_vnd_is_included() {
199 // replace build time config BLE_VND_INCLUDED with runtime
200 return GET_SYSPROP(Ble, vnd_included, true);
201 }
202
203 static tBTM_BLE_CTRL_FEATURES_CBACK* p_ctrl_le_feature_rd_cmpl_cback = NULL;
204 /**********PAST & PS *******************/
205 using StartSyncCb = base::Callback<void(
206 uint8_t /*status*/, uint16_t /*sync_handle*/, uint8_t /*advertising_sid*/,
207 uint8_t /*address_type*/, RawAddress /*address*/, uint8_t /*phy*/,
208 uint16_t /*interval*/)>;
209 using SyncReportCb = base::Callback<void(
210 uint16_t /*sync_handle*/, int8_t /*tx_power*/, int8_t /*rssi*/,
211 uint8_t /*status*/, std::vector<uint8_t> /*data*/)>;
212 using SyncLostCb = base::Callback<void(uint16_t /*sync_handle*/)>;
213 using SyncTransferCb = base::Callback<void(uint8_t /*status*/, RawAddress)>;
214 #define MAX_SYNC_TRANSACTION 16
215 #define SYNC_TIMEOUT (30 * 1000)
216 #define ADV_SYNC_ESTB_EVT_LEN 16
217 #define SYNC_LOST_EVT_LEN 3
218 typedef enum {
219 PERIODIC_SYNC_IDLE = 0,
220 PERIODIC_SYNC_PENDING,
221 PERIODIC_SYNC_ESTABLISHED,
222 PERIODIC_SYNC_LOST,
223 } tBTM_BLE_PERIODIC_SYNC_STATE;
224
225 struct alarm_t* sync_timeout_alarm;
226 typedef struct {
227 uint8_t sid;
228 RawAddress remote_bda;
229 tBTM_BLE_PERIODIC_SYNC_STATE sync_state;
230 uint16_t sync_handle;
231 bool in_use;
232 StartSyncCb sync_start_cb;
233 SyncReportCb sync_report_cb;
234 SyncLostCb sync_lost_cb;
235 BigInfoReportCb biginfo_report_cb;
236 } tBTM_BLE_PERIODIC_SYNC;
237
238 typedef struct {
239 bool in_use;
240 int conn_handle;
241 RawAddress addr;
242 SyncTransferCb cb;
243 } tBTM_BLE_PERIODIC_SYNC_TRANSFER;
244
245 static list_t* sync_queue;
246 static std::mutex sync_queue_mutex_;
247
248 typedef struct {
249 bool busy;
250 uint8_t sid;
251 RawAddress address;
252 uint16_t skip;
253 uint16_t timeout;
254 } sync_node_t;
255 typedef struct {
256 uint8_t sid;
257 RawAddress address;
258 } remove_sync_node_t;
259 typedef enum {
260 BTM_QUEUE_SYNC_REQ_EVT,
261 BTM_QUEUE_SYNC_ADVANCE_EVT,
262 BTM_QUEUE_SYNC_CLEANUP_EVT
263 } btif_queue_event_t;
264
265 typedef struct {
266 tBTM_BLE_PERIODIC_SYNC p_sync[MAX_SYNC_TRANSACTION];
267 tBTM_BLE_PERIODIC_SYNC_TRANSFER sync_transfer[MAX_SYNC_TRANSACTION];
268 } tBTM_BLE_PA_SYNC_TX_CB;
269 tBTM_BLE_PA_SYNC_TX_CB btm_ble_pa_sync_cb;
270 StartSyncCb sync_rcvd_cb;
271 static bool syncRcvdCbRegistered = false;
272 static int btm_ble_get_psync_index(uint8_t adv_sid, RawAddress addr);
273 static void btm_ble_start_sync_timeout(void* data);
274
275 /*****************************/
276 /*******************************************************************************
277 * Local functions
278 ******************************************************************************/
279 static void btm_ble_update_adv_flag(uint8_t flag);
280 void btm_ble_process_adv_pkt_cont(uint16_t evt_type, tBLE_ADDR_TYPE addr_type,
281 const RawAddress& bda, uint8_t primary_phy,
282 uint8_t secondary_phy,
283 uint8_t advertising_sid, int8_t tx_power,
284 int8_t rssi, uint16_t periodic_adv_int,
285 uint8_t data_len, const uint8_t* data,
286 const RawAddress& original_bda);
287 static uint8_t btm_set_conn_mode_adv_init_addr(RawAddress& p_peer_addr_ptr,
288 tBLE_ADDR_TYPE* p_peer_addr_type,
289 tBLE_ADDR_TYPE* p_own_addr_type);
290 static void btm_ble_stop_observe(void);
291 static void btm_ble_fast_adv_timer_timeout(void* data);
292 static void btm_ble_start_slow_adv(void);
293 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(void* data);
294 static void btm_ble_inquiry_timer_timeout(void* data);
295 static void btm_ble_observer_timer_timeout(void* data);
296
297 enum : uint8_t {
298 BTM_BLE_NOT_SCANNING = 0x00,
299 BTM_BLE_INQ_RESULT = 0x01,
300 BTM_BLE_OBS_RESULT = 0x02,
301 };
302
ble_evt_type_is_connectable(uint16_t evt_type)303 static bool ble_evt_type_is_connectable(uint16_t evt_type) {
304 return evt_type & (1 << BLE_EVT_CONNECTABLE_BIT);
305 }
306
ble_evt_type_is_scannable(uint16_t evt_type)307 static bool ble_evt_type_is_scannable(uint16_t evt_type) {
308 return evt_type & (1 << BLE_EVT_SCANNABLE_BIT);
309 }
310
ble_evt_type_is_directed(uint16_t evt_type)311 static bool ble_evt_type_is_directed(uint16_t evt_type) {
312 return evt_type & (1 << BLE_EVT_DIRECTED_BIT);
313 }
314
ble_evt_type_is_scan_resp(uint16_t evt_type)315 static bool ble_evt_type_is_scan_resp(uint16_t evt_type) {
316 return evt_type & (1 << BLE_EVT_SCAN_RESPONSE_BIT);
317 }
318
ble_evt_type_is_legacy(uint16_t evt_type)319 static bool ble_evt_type_is_legacy(uint16_t evt_type) {
320 return evt_type & (1 << BLE_EVT_LEGACY_BIT);
321 }
322
ble_evt_type_data_status(uint16_t evt_type)323 static uint8_t ble_evt_type_data_status(uint16_t evt_type) {
324 return (evt_type >> 5) & 3;
325 }
326
327 constexpr uint8_t UNSUPPORTED = 255;
328
329 /* LE states combo bit to check */
330 const uint8_t btm_le_state_combo_tbl[BTM_BLE_STATE_MAX][BTM_BLE_STATE_MAX] = {
331 {
332 /* single state support */
333 HCI_LE_STATES_CONN_ADV_BIT, /* conn_adv */
334 HCI_LE_STATES_INIT_BIT, /* init */
335 HCI_LE_STATES_INIT_BIT, /* central */
336 HCI_LE_STATES_PERIPHERAL_BIT, /* peripheral */
337 UNSUPPORTED, /* todo: lo du dir adv, not covered ? */
338 HCI_LE_STATES_HI_DUTY_DIR_ADV_BIT, /* hi duty dir adv */
339 HCI_LE_STATES_NON_CONN_ADV_BIT, /* non connectable adv */
340 HCI_LE_STATES_PASS_SCAN_BIT, /* passive scan */
341 HCI_LE_STATES_ACTIVE_SCAN_BIT, /* active scan */
342 HCI_LE_STATES_SCAN_ADV_BIT /* scanable adv */
343 },
344 {
345 /* conn_adv =0 */
346 UNSUPPORTED, /* conn_adv */
347 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* init: 32 */
348 HCI_LE_STATES_CONN_ADV_CENTRAL_BIT, /* central: 35 */
349 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* peripheral: 38,*/
350 UNSUPPORTED, /* lo du dir adv */
351 UNSUPPORTED, /* hi duty dir adv */
352 UNSUPPORTED, /* non connectable adv */
353 HCI_LE_STATES_CONN_ADV_PASS_SCAN_BIT, /* passive scan */
354 HCI_LE_STATES_CONN_ADV_ACTIVE_SCAN_BIT, /* active scan */
355 UNSUPPORTED /* scanable adv */
356 },
357 {
358 /* init */
359 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* conn_adv: 32 */
360 UNSUPPORTED, /* init */
361 HCI_LE_STATES_INIT_CENTRAL_BIT, /* central 28 */
362 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* peripheral 41 */
363 HCI_LE_STATES_LO_DUTY_DIR_ADV_INIT_BIT, /* lo du dir adv 34 */
364 HCI_LE_STATES_HI_DUTY_DIR_ADV_INIT_BIT, /* hi duty dir adv 33 */
365 HCI_LE_STATES_NON_CONN_INIT_BIT, /* non connectable adv */
366 HCI_LE_STATES_PASS_SCAN_INIT_BIT, /* passive scan */
367 HCI_LE_STATES_ACTIVE_SCAN_INIT_BIT, /* active scan */
368 HCI_LE_STATES_SCAN_ADV_INIT_BIT /* scanable adv */
369
370 },
371 {
372 /* central */
373 HCI_LE_STATES_CONN_ADV_CENTRAL_BIT, /* conn_adv: 35 */
374 HCI_LE_STATES_INIT_CENTRAL_BIT, /* init 28 */
375 HCI_LE_STATES_INIT_CENTRAL_BIT, /* central 28 */
376 HCI_LE_STATES_CONN_ADV_INIT_BIT, /* peripheral: 32 */
377 HCI_LE_STATES_LO_DUTY_DIR_ADV_CENTRAL_BIT, /* lo duty cycle adv 37 */
378 HCI_LE_STATES_HI_DUTY_DIR_ADV_CENTRAL_BIT, /* hi duty cycle adv 36 */
379 HCI_LE_STATES_NON_CONN_ADV_CENTRAL_BIT, /* non connectable adv*/
380 HCI_LE_STATES_PASS_SCAN_CENTRAL_BIT, /* passive scan */
381 HCI_LE_STATES_ACTIVE_SCAN_CENTRAL_BIT, /* active scan */
382 HCI_LE_STATES_SCAN_ADV_CENTRAL_BIT /* scanable adv */
383
384 },
385 {
386 /* peripheral */
387 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* conn_adv: 38,*/
388 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* init 41 */
389 HCI_LE_STATES_INIT_CENTRAL_PERIPHERAL_BIT, /* central 41 */
390 HCI_LE_STATES_CONN_ADV_PERIPHERAL_BIT, /* peripheral: 38,*/
391 HCI_LE_STATES_LO_DUTY_DIR_ADV_PERIPHERAL_BIT, /* lo duty cycle adv 40 */
392 HCI_LE_STATES_HI_DUTY_DIR_ADV_PERIPHERAL_BIT, /* hi duty cycle adv 39 */
393 HCI_LE_STATES_NON_CONN_ADV_PERIPHERAL_BIT, /* non connectable adv */
394 HCI_LE_STATES_PASS_SCAN_PERIPHERAL_BIT, /* passive scan */
395 HCI_LE_STATES_ACTIVE_SCAN_PERIPHERAL_BIT, /* active scan */
396 HCI_LE_STATES_SCAN_ADV_PERIPHERAL_BIT /* scanable adv */
397
398 },
399 {
400 /* lo duty cycle adv */
401 UNSUPPORTED, /* conn_adv: 38,*/
402 HCI_LE_STATES_LO_DUTY_DIR_ADV_INIT_BIT, /* init 34 */
403 HCI_LE_STATES_LO_DUTY_DIR_ADV_CENTRAL_BIT, /* central 37 */
404 HCI_LE_STATES_LO_DUTY_DIR_ADV_PERIPHERAL_BIT, /* peripheral: 40 */
405 UNSUPPORTED, /* lo duty cycle adv 40 */
406 UNSUPPORTED, /* hi duty cycle adv 39 */
407 UNSUPPORTED, /* non connectable adv */
408 UNSUPPORTED, /* TODO: passive scan, not covered? */
409 UNSUPPORTED, /* TODO: active scan, not covered? */
410 UNSUPPORTED /* scanable adv */
411 },
412 {
413 /* hi duty cycle adv */
414 UNSUPPORTED, /* conn_adv: 38,*/
415 HCI_LE_STATES_HI_DUTY_DIR_ADV_INIT_BIT, /* init 33 */
416 HCI_LE_STATES_HI_DUTY_DIR_ADV_CENTRAL_BIT, /* central 36 */
417 HCI_LE_STATES_HI_DUTY_DIR_ADV_PERIPHERAL_BIT, /* peripheral: 39*/
418 UNSUPPORTED, /* lo duty cycle adv 40 */
419 UNSUPPORTED, /* hi duty cycle adv 39 */
420 UNSUPPORTED, /* non connectable adv */
421 HCI_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_BIT, /* passive scan */
422 HCI_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_BIT, /* active scan */
423 UNSUPPORTED /* scanable adv */
424 },
425 {
426 /* non connectable adv */
427 UNSUPPORTED, /* conn_adv: */
428 HCI_LE_STATES_NON_CONN_INIT_BIT, /* init */
429 HCI_LE_STATES_NON_CONN_ADV_CENTRAL_BIT, /* central */
430 HCI_LE_STATES_NON_CONN_ADV_PERIPHERAL_BIT, /* peripheral: */
431 UNSUPPORTED, /* lo duty cycle adv */
432 UNSUPPORTED, /* hi duty cycle adv */
433 UNSUPPORTED, /* non connectable adv */
434 HCI_LE_STATES_NON_CONN_ADV_PASS_SCAN_BIT, /* passive scan */
435 HCI_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_BIT, /* active scan */
436 UNSUPPORTED /* scanable adv */
437 },
438 {
439 /* passive scan */
440 HCI_LE_STATES_CONN_ADV_PASS_SCAN_BIT, /* conn_adv: */
441 HCI_LE_STATES_PASS_SCAN_INIT_BIT, /* init */
442 HCI_LE_STATES_PASS_SCAN_CENTRAL_BIT, /* central */
443 HCI_LE_STATES_PASS_SCAN_PERIPHERAL_BIT, /* peripheral: */
444 UNSUPPORTED, /* lo duty cycle adv */
445 HCI_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_BIT, /* hi duty cycle adv */
446 HCI_LE_STATES_NON_CONN_ADV_PASS_SCAN_BIT, /* non connectable adv */
447 UNSUPPORTED, /* passive scan */
448 UNSUPPORTED, /* active scan */
449 HCI_LE_STATES_SCAN_ADV_PASS_SCAN_BIT /* scanable adv */
450 },
451 {
452 /* active scan */
453 HCI_LE_STATES_CONN_ADV_ACTIVE_SCAN_BIT, /* conn_adv: */
454 HCI_LE_STATES_ACTIVE_SCAN_INIT_BIT, /* init */
455 HCI_LE_STATES_ACTIVE_SCAN_CENTRAL_BIT, /* central */
456 HCI_LE_STATES_ACTIVE_SCAN_PERIPHERAL_BIT, /* peripheral: */
457 UNSUPPORTED, /* lo duty cycle adv */
458 HCI_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_BIT, /* hi duty cycle adv */
459 HCI_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_BIT, /* non connectable adv */
460 UNSUPPORTED, /* TODO: passive scan */
461 UNSUPPORTED, /* TODO: active scan */
462 HCI_LE_STATES_SCAN_ADV_ACTIVE_SCAN_BIT /* scanable adv */
463 },
464 {
465 /* scanable adv */
466 UNSUPPORTED, /* conn_adv: */
467 HCI_LE_STATES_SCAN_ADV_INIT_BIT, /* init */
468 HCI_LE_STATES_SCAN_ADV_CENTRAL_BIT, /* central */
469 HCI_LE_STATES_SCAN_ADV_PERIPHERAL_BIT, /* peripheral: */
470 UNSUPPORTED, /* lo duty cycle adv */
471 UNSUPPORTED, /* hi duty cycle adv */
472 UNSUPPORTED, /* non connectable adv */
473 HCI_LE_STATES_SCAN_ADV_PASS_SCAN_BIT, /* passive scan */
474 HCI_LE_STATES_SCAN_ADV_ACTIVE_SCAN_BIT, /* active scan */
475 UNSUPPORTED /* scanable adv */
476 }};
477
478 /* check LE combo state supported */
BTM_LE_STATES_SUPPORTED(const uint64_t x,uint8_t bit_num)479 inline bool BTM_LE_STATES_SUPPORTED(const uint64_t x, uint8_t bit_num) {
480 uint64_t mask = 1 << bit_num;
481 return ((x)&mask);
482 }
483
BTM_BleOpportunisticObserve(bool enable,tBTM_INQ_RESULTS_CB * p_results_cb)484 void BTM_BleOpportunisticObserve(bool enable,
485 tBTM_INQ_RESULTS_CB* p_results_cb) {
486 if (enable) {
487 btm_cb.ble_ctr_cb.p_opportunistic_obs_results_cb = p_results_cb;
488 } else {
489 btm_cb.ble_ctr_cb.p_opportunistic_obs_results_cb = NULL;
490 }
491 }
492
BTM_BleTargetAnnouncementObserve(bool enable,tBTM_INQ_RESULTS_CB * p_results_cb)493 void BTM_BleTargetAnnouncementObserve(bool enable,
494 tBTM_INQ_RESULTS_CB* p_results_cb) {
495 if (enable) {
496 btm_cb.ble_ctr_cb.p_target_announcement_obs_results_cb = p_results_cb;
497 } else {
498 btm_cb.ble_ctr_cb.p_target_announcement_obs_results_cb = NULL;
499 }
500 }
501
502 std::pair<uint16_t /* interval */, uint16_t /* window */>
get_low_latency_scan_params()503 get_low_latency_scan_params() {
504 uint16_t scan_interval = osi_property_get_int32(kPropertyInquiryScanInterval,
505 BTM_BLE_LOW_LATENCY_SCAN_INT);
506 uint16_t scan_window = osi_property_get_int32(kPropertyInquiryScanWindow,
507 BTM_BLE_LOW_LATENCY_SCAN_WIN);
508
509 return std::make_pair(scan_interval, scan_window);
510 }
511
512 /*******************************************************************************
513 *
514 * Function BTM_BleObserve
515 *
516 * Description This procedure keep the device listening for advertising
517 * events from a broadcast device.
518 *
519 * Parameters start: start or stop observe.
520 * duration: how long the scan should last, in seconds. 0 means
521 * scan without timeout. Starting the scan second time without
522 * timeout will disable the timer.
523 * low_latency_scan: whether this is a low latency scan,
524 * default is false.
525 *
526 * Returns void
527 *
528 ******************************************************************************/
BTM_BleObserve(bool start,uint8_t duration,tBTM_INQ_RESULTS_CB * p_results_cb,tBTM_CMPL_CB * p_cmpl_cb,bool low_latency_scan)529 tBTM_STATUS BTM_BleObserve(bool start, uint8_t duration,
530 tBTM_INQ_RESULTS_CB* p_results_cb,
531 tBTM_CMPL_CB* p_cmpl_cb, bool low_latency_scan) {
532 tBTM_STATUS status = BTM_WRONG_MODE;
533
534 uint16_t scan_interval = !btm_cb.ble_ctr_cb.inq_var.scan_interval
535 ? BTM_BLE_GAP_DISC_SCAN_INT
536 : btm_cb.ble_ctr_cb.inq_var.scan_interval;
537 uint16_t scan_window = !btm_cb.ble_ctr_cb.inq_var.scan_window
538 ? BTM_BLE_GAP_DISC_SCAN_WIN
539 : btm_cb.ble_ctr_cb.inq_var.scan_window;
540
541 uint8_t scan_phy = !btm_cb.ble_ctr_cb.inq_var.scan_phy
542 ? BTM_BLE_DEFAULT_PHYS
543 : btm_cb.ble_ctr_cb.inq_var.scan_phy;
544
545 // use low latency scanning if the scanning is active
546 uint16_t ll_scan_interval, ll_scan_window;
547 std::tie(ll_scan_interval, ll_scan_window) = get_low_latency_scan_params();
548 if (low_latency_scan) {
549 std::tie(scan_interval, scan_window) =
550 std::tie(ll_scan_interval, ll_scan_window);
551 }
552
553 log::verbose("scan_type:{}, {}, {}", btm_cb.ble_ctr_cb.inq_var.scan_type,
554 scan_interval, scan_window);
555
556 if (!bluetooth::shim::GetController()->SupportsBle())
557 return BTM_ILLEGAL_VALUE;
558
559 if (start) {
560 /* shared inquiry database, do not allow observe if any inquiry is active.
561 * except we are doing CSIS active scanning
562 */
563 if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
564 if (duration == 0) {
565 if (alarm_is_scheduled(btm_cb.ble_ctr_cb.observer_timer)) {
566 alarm_cancel(btm_cb.ble_ctr_cb.observer_timer);
567 } else {
568 log::error("Scan with no duration started twice!");
569 }
570 } else {
571 if (!low_latency_scan &&
572 alarm_is_scheduled(btm_cb.ble_ctr_cb.observer_timer)) {
573 log::error("Scan with duration started twice!");
574 }
575 }
576 /*
577 * we stop current observation request for below scenarios
578 * 1. if the scan we wish to start is not low latency
579 * 2. current ongoing scanning is low latency
580 */
581 bool is_ongoing_low_latency =
582 btm_cb.ble_ctr_cb.inq_var.scan_interval == ll_scan_interval &&
583 btm_cb.ble_ctr_cb.inq_var.scan_window == ll_scan_window;
584 if (!low_latency_scan || is_ongoing_low_latency) {
585 log::warn("Observer was already active, is_low_latency: {}",
586 is_ongoing_low_latency);
587 return BTM_CMD_STARTED;
588 }
589 // stop any scan without low latency config
590 btm_ble_stop_observe();
591 }
592
593 btm_cb.ble_ctr_cb.p_obs_results_cb = p_results_cb;
594 btm_cb.ble_ctr_cb.p_obs_cmpl_cb = p_cmpl_cb;
595 status = BTM_CMD_STARTED;
596
597 /* scan is not started */
598 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) {
599 /* allow config of scan type */
600 cache.ClearAll();
601 btm_cb.ble_ctr_cb.inq_var.scan_type =
602 (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_NONE)
603 ? BTM_BLE_SCAN_MODE_ACTI
604 : btm_cb.ble_ctr_cb.inq_var.scan_type;
605 btm_send_hci_set_scan_params(
606 btm_cb.ble_ctr_cb.inq_var.scan_type, (uint16_t)scan_interval,
607 (uint8_t)scan_phy, (uint16_t)scan_window,
608 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, BTM_BLE_DEFAULT_SFP);
609
610 btm_ble_start_scan();
611 }
612
613 btm_cb.neighbor.le_observe = {
614 .start_time_ms = timestamper_in_milliseconds.GetTimestamp(),
615 .results = 0,
616 };
617
618 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Le observe started",
619 base::StringPrintf("low latency scanning enabled: %d",
620 low_latency_scan));
621
622 if (status == BTM_CMD_STARTED) {
623 btm_cb.ble_ctr_cb.set_ble_observe_active();
624 if (duration != 0) {
625 /* start observer timer */
626 uint64_t duration_ms = duration * 1000;
627 alarm_set_on_mloop(btm_cb.ble_ctr_cb.observer_timer, duration_ms,
628 btm_ble_observer_timer_timeout, NULL);
629 }
630 }
631 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
632 const unsigned long long duration_timestamp =
633 timestamper_in_milliseconds.GetTimestamp() -
634 btm_cb.neighbor.le_observe.start_time_ms;
635 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Le observe stopped",
636 base::StringPrintf("duration_s:%6.3f results:%-3lu",
637 (double)duration_timestamp / 1000.0,
638 btm_cb.neighbor.le_observe.results));
639 status = BTM_CMD_STARTED;
640 btm_ble_stop_observe();
641 } else {
642 log::error("Observe not active");
643 }
644
645 return status;
646 }
647
648 /*******************************************************************************
649 *
650 * Function BTM_BleGetVendorCapabilities
651 *
652 * Description This function reads local LE features
653 *
654 * Parameters p_cmn_vsc_cb : Locala LE capability structure
655 *
656 * Returns void
657 *
658 ******************************************************************************/
BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB * p_cmn_vsc_cb)659 void BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB* p_cmn_vsc_cb) {
660 if (NULL != p_cmn_vsc_cb) {
661 *p_cmn_vsc_cb = btm_cb.cmn_ble_vsc_cb;
662 }
663 }
664
BTM_BleGetDynamicAudioBuffer(tBTM_BT_DYNAMIC_AUDIO_BUFFER_CB p_dynamic_audio_buffer_cb[])665 void BTM_BleGetDynamicAudioBuffer(
666 tBTM_BT_DYNAMIC_AUDIO_BUFFER_CB p_dynamic_audio_buffer_cb[]) {
667 log::verbose("BTM_BleGetDynamicAudioBuffer");
668
669 if (NULL != p_dynamic_audio_buffer_cb) {
670 for (int i = 0; i < 32; i++) {
671 p_dynamic_audio_buffer_cb[i] = btm_cb.dynamic_audio_buffer_cb[i];
672 }
673 }
674 }
675
676 /******************************************************************************
677 *
678 * Function BTM_BleReadControllerFeatures
679 *
680 * Description Reads BLE specific controller features
681 *
682 * Parameters: tBTM_BLE_CTRL_FEATURES_CBACK : Callback to notify when
683 * features are read
684 *
685 * Returns void
686 *
687 ******************************************************************************/
BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)688 void BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK* p_vsc_cback) {
689 if (!ble_vnd_is_included()) return;
690
691 if (btm_cb.cmn_ble_vsc_cb.values_read) return;
692
693 log::verbose("BTM_BleReadControllerFeatures");
694
695 btm_cb.cmn_ble_vsc_cb.values_read = true;
696 bluetooth::hci::ControllerInterface::VendorCapabilities vendor_capabilities =
697 GetController()->GetVendorCapabilities();
698
699 btm_cb.cmn_ble_vsc_cb.adv_inst_max = vendor_capabilities.max_advt_instances_;
700 btm_cb.cmn_ble_vsc_cb.rpa_offloading =
701 vendor_capabilities.offloaded_resolution_of_private_address_;
702 btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg =
703 vendor_capabilities.total_scan_results_storage_;
704 btm_cb.cmn_ble_vsc_cb.max_irk_list_sz = vendor_capabilities.max_irk_list_sz_;
705 btm_cb.cmn_ble_vsc_cb.filter_support = vendor_capabilities.filtering_support_;
706 btm_cb.cmn_ble_vsc_cb.max_filter = vendor_capabilities.max_filter_;
707 btm_cb.cmn_ble_vsc_cb.energy_support =
708 vendor_capabilities.activity_energy_info_support_;
709
710 btm_cb.cmn_ble_vsc_cb.version_supported =
711 vendor_capabilities.version_supported_;
712 btm_cb.cmn_ble_vsc_cb.total_trackable_advertisers =
713 vendor_capabilities.total_num_of_advt_tracked_;
714 btm_cb.cmn_ble_vsc_cb.extended_scan_support =
715 vendor_capabilities.extended_scan_support_;
716 btm_cb.cmn_ble_vsc_cb.debug_logging_supported =
717 vendor_capabilities.debug_logging_supported_;
718
719 btm_cb.cmn_ble_vsc_cb.le_address_generation_offloading_support =
720 vendor_capabilities.le_address_generation_offloading_support_;
721 btm_cb.cmn_ble_vsc_cb.a2dp_source_offload_capability_mask =
722 vendor_capabilities.a2dp_source_offload_capability_mask_;
723 btm_cb.cmn_ble_vsc_cb.quality_report_support =
724 vendor_capabilities.bluetooth_quality_report_support_;
725 btm_cb.cmn_ble_vsc_cb.dynamic_audio_buffer_support =
726 vendor_capabilities.dynamic_audio_buffer_support_;
727 btm_cb.cmn_ble_vsc_cb.a2dp_offload_v2_support =
728 vendor_capabilities.a2dp_offload_v2_support_;
729
730 if (vendor_capabilities.dynamic_audio_buffer_support_) {
731 std::array<bluetooth::hci::DynamicAudioBufferCodecCapability,
732 BTM_CODEC_TYPE_MAX_RECORDS>
733 capabilities = GetController()->GetDabCodecCapabilities();
734
735 for (size_t i = 0; i < capabilities.size(); i++) {
736 btm_cb.dynamic_audio_buffer_cb[i].default_buffer_time =
737 capabilities[i].default_time_ms_;
738 btm_cb.dynamic_audio_buffer_cb[i].maximum_buffer_time =
739 capabilities[i].maximum_time_ms_;
740 btm_cb.dynamic_audio_buffer_cb[i].minimum_buffer_time =
741 capabilities[i].minimum_time_ms_;
742 }
743 }
744
745 if (btm_cb.cmn_ble_vsc_cb.filter_support == 1 &&
746 GetController()->GetLocalVersionInformation().manufacturer_name_ ==
747 LMP_COMPID_QTI) {
748 // QTI controller, TDS data filter are supported by default.
749 btm_cb.cmn_ble_vsc_cb.adv_filter_extended_features_mask = 0x01;
750 } else {
751 btm_cb.cmn_ble_vsc_cb.adv_filter_extended_features_mask = 0x00;
752 }
753
754 log::verbose("irk={}, ADV ins:{}, rpa={}, ener={}, ext_scan={}",
755 btm_cb.cmn_ble_vsc_cb.max_irk_list_sz,
756 btm_cb.cmn_ble_vsc_cb.adv_inst_max,
757 btm_cb.cmn_ble_vsc_cb.rpa_offloading,
758 btm_cb.cmn_ble_vsc_cb.energy_support,
759 btm_cb.cmn_ble_vsc_cb.extended_scan_support);
760
761 if (btm_cb.cmn_ble_vsc_cb.max_filter > 0) btm_ble_adv_filter_init();
762
763 /* VS capability included and non-4.2 device */
764 if (GetController()->SupportsBle() && GetController()->SupportsBlePrivacy() &&
765 btm_cb.cmn_ble_vsc_cb.max_irk_list_sz > 0 &&
766 GetController()->GetLeResolvingListSize() == 0) {
767 btm_ble_resolving_list_init(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz);
768 }
769
770 if (p_vsc_cback != NULL) {
771 p_vsc_cback(tHCI_STATUS::HCI_SUCCESS);
772 }
773 }
774
775 /*******************************************************************************
776 *
777 * Function BTM_BleConfigPrivacy
778 *
779 * Description This function is called to enable or disable the privacy in
780 * LE channel of the local device.
781 *
782 * Parameters privacy_mode: privacy mode on or off.
783 *
784 * Returns bool privacy mode set success; otherwise failed.
785 *
786 ******************************************************************************/
BTM_BleConfigPrivacy(bool privacy_mode)787 bool BTM_BleConfigPrivacy(bool privacy_mode) {
788 log::warn("{}", (int)privacy_mode);
789
790 /* if LE is not supported, return error */
791 if (!bluetooth::shim::GetController()->SupportsBle()) return false;
792
793 tGAP_BLE_ATTR_VALUE gap_ble_attr_value;
794 gap_ble_attr_value.addr_resolution = 0;
795 if (!privacy_mode) /* if privacy disabled, always use public address */
796 {
797 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
798 /* This is a Floss only flag. Allow host use random address when privacy
799 * mode is not enabled by setting the sysprop true */
800 if (com::android::bluetooth::flags::
801 floss_separate_host_privacy_and_llprivacy()) {
802 if (osi_property_get_bool(PROPERTY_BLE_PRIVACY_OWN_ADDRESS_ENABLED,
803 privacy_mode))
804 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
805 }
806 btm_cb.ble_ctr_cb.privacy_mode = BTM_PRIVACY_NONE;
807 } else /* privacy is turned on*/
808 {
809 /* always set host random address, used when privacy 1.1 or priavcy 1.2 is
810 * disabled */
811 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
812 /* This is a Floss only flag. Allow host use public address when privacy
813 * mode is enabled by setting the sysprop false */
814 if (com::android::bluetooth::flags::
815 floss_separate_host_privacy_and_llprivacy()) {
816 /* use public address if own address privacy is false in sysprop */
817 if (!osi_property_get_bool(PROPERTY_BLE_PRIVACY_OWN_ADDRESS_ENABLED,
818 privacy_mode))
819 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
820 }
821
822 /* 4.2 controller only allow privacy 1.2 or mixed mode, resolvable private
823 * address in controller */
824 if (bluetooth::shim::GetController()->SupportsBlePrivacy()) {
825 gap_ble_attr_value.addr_resolution = 1;
826 btm_cb.ble_ctr_cb.privacy_mode = BTM_PRIVACY_1_2;
827 } else /* 4.1/4.0 controller */
828 btm_cb.ble_ctr_cb.privacy_mode = BTM_PRIVACY_1_1;
829 }
830 log::verbose("privacy_mode: {} own_addr_type: {}",
831 btm_cb.ble_ctr_cb.privacy_mode,
832 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type);
833
834 GAP_BleAttrDBUpdate(GATT_UUID_GAP_CENTRAL_ADDR_RESOL, &gap_ble_attr_value);
835
836 bluetooth::shim::ACL_ConfigureLePrivacy(privacy_mode);
837 return true;
838 }
839
840 /*******************************************************************************
841 *
842 * Function BTM_BleLocalPrivacyEnabled
843 *
844 * Description Checks if local device supports private address
845 *
846 * Returns Return true if local privacy is enabled else false
847 *
848 ******************************************************************************/
BTM_BleLocalPrivacyEnabled(void)849 bool BTM_BleLocalPrivacyEnabled(void) {
850 return (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE);
851 }
852
is_resolving_list_bit_set(void * data,void *)853 static bool is_resolving_list_bit_set(void* data, void* /* context */) {
854 tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);
855
856 if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) != 0)
857 return false;
858
859 return true;
860 }
861
862 /*******************************************************************************
863 * PAST and Periodic Sync helper functions
864 ******************************************************************************/
865
sync_queue_add(sync_node_t * p_param)866 static void sync_queue_add(sync_node_t* p_param) {
867 std::unique_lock<std::mutex> guard(sync_queue_mutex_);
868 if (!sync_queue) {
869 log::info("allocating sync queue");
870 sync_queue = list_new(osi_free);
871 log::assert_that(sync_queue != NULL, "assert failed: sync_queue != NULL");
872 }
873
874 // Validity check
875 log::assert_that(
876 list_length(sync_queue) < MAX_SYNC_TRANSACTION,
877 "assert failed: list_length(sync_queue) < MAX_SYNC_TRANSACTION");
878 sync_node_t* p_node = (sync_node_t*)osi_malloc(sizeof(sync_node_t));
879 *p_node = *p_param;
880 list_append(sync_queue, p_node);
881 }
882
sync_queue_advance()883 static void sync_queue_advance() {
884 log::debug("");
885 std::unique_lock<std::mutex> guard(sync_queue_mutex_);
886
887 if (sync_queue && !list_is_empty(sync_queue)) {
888 sync_node_t* p_head = (sync_node_t*)list_front(sync_queue);
889 log::info("queue_advance");
890 list_remove(sync_queue, p_head);
891 }
892 }
893
sync_queue_cleanup(remove_sync_node_t * p_param)894 static void sync_queue_cleanup(remove_sync_node_t* p_param) {
895 std::unique_lock<std::mutex> guard(sync_queue_mutex_);
896 if (!sync_queue) {
897 return;
898 }
899
900 sync_node_t* sync_request;
901 const list_node_t* node = list_begin(sync_queue);
902 while (node && node != list_end(sync_queue)) {
903 sync_request = (sync_node_t*)list_node(node);
904 node = list_next(node);
905 if (sync_request->sid == p_param->sid &&
906 sync_request->address == p_param->address) {
907 log::info("removing connection request SID={:04X}, bd_addr={}, busy={}",
908 sync_request->sid, sync_request->address, sync_request->busy);
909 list_remove(sync_queue, sync_request);
910 }
911 }
912 }
913
btm_ble_start_sync_request(uint8_t sid,RawAddress addr,uint16_t skip,uint16_t timeout)914 void btm_ble_start_sync_request(uint8_t sid, RawAddress addr, uint16_t skip,
915 uint16_t timeout) {
916 tBLE_ADDR_TYPE address_type = BLE_ADDR_RANDOM;
917 tINQ_DB_ENT* p_i = btm_inq_db_find(addr);
918 if (p_i) {
919 address_type = p_i->inq_info.results.ble_addr_type; // Random
920 }
921 btm_random_pseudo_to_identity_addr(&addr, &address_type);
922 address_type &= ~BLE_ADDR_TYPE_ID_BIT;
923 uint8_t options = 0;
924 uint8_t cte_type = 7;
925 int index = btm_ble_get_psync_index(sid, addr);
926
927 if (index == MAX_SYNC_TRANSACTION) {
928 log::error("Failed to get sync transfer index");
929 return;
930 }
931
932 tBTM_BLE_PERIODIC_SYNC* p = &btm_ble_pa_sync_cb.p_sync[index];
933 p->sync_state = PERIODIC_SYNC_PENDING;
934
935 if (BleScanningManager::IsInitialized()) {
936 BleScanningManager::Get()->PeriodicScanStart(options, sid, address_type,
937 addr, skip, timeout, cte_type);
938 }
939
940 alarm_set(sync_timeout_alarm, SYNC_TIMEOUT, btm_ble_start_sync_timeout, NULL);
941 }
942
btm_queue_sync_next()943 static void btm_queue_sync_next() {
944 if (!sync_queue || list_is_empty(sync_queue)) {
945 log::debug("sync_queue empty");
946 return;
947 }
948
949 sync_node_t* p_head = (sync_node_t*)list_front(sync_queue);
950
951 log::info("executing sync request SID={:04X}, bd_addr={}", p_head->sid,
952 p_head->address);
953 if (p_head->busy) {
954 log::debug("BUSY");
955 return;
956 }
957
958 p_head->busy = true;
959 alarm_cancel(sync_timeout_alarm);
960 btm_ble_start_sync_request(p_head->sid, p_head->address, p_head->skip,
961 p_head->timeout);
962 }
963
btm_ble_sync_queue_handle(uint16_t event,char * param)964 static void btm_ble_sync_queue_handle(uint16_t event, char* param) {
965 switch (event) {
966 case BTM_QUEUE_SYNC_REQ_EVT:
967 log::debug("BTIF_QUEUE_SYNC_REQ_EVT");
968 sync_queue_add((sync_node_t*)param);
969 break;
970 case BTM_QUEUE_SYNC_ADVANCE_EVT:
971 log::debug("BTIF_QUEUE_ADVANCE_EVT");
972 sync_queue_advance();
973 break;
974 case BTM_QUEUE_SYNC_CLEANUP_EVT:
975 sync_queue_cleanup((remove_sync_node_t*)param);
976 return;
977 }
978 btm_queue_sync_next();
979 }
980
btm_sync_queue_advance()981 static void btm_sync_queue_advance() {
982 log::debug("");
983 btm_ble_sync_queue_handle(BTM_QUEUE_SYNC_ADVANCE_EVT, nullptr);
984 }
985
btm_ble_start_sync_timeout(void *)986 static void btm_ble_start_sync_timeout(void* /* data */) {
987 log::debug("");
988 sync_node_t* p_head = (sync_node_t*)list_front(sync_queue);
989 uint8_t adv_sid = p_head->sid;
990 RawAddress address = p_head->address;
991
992 int index = btm_ble_get_psync_index(adv_sid, address);
993
994 if (index == MAX_SYNC_TRANSACTION) {
995 log::error("Failed to get sync transfer index");
996 return;
997 }
998
999 tBTM_BLE_PERIODIC_SYNC* p = &btm_ble_pa_sync_cb.p_sync[index];
1000
1001 if (BleScanningManager::IsInitialized()) {
1002 BleScanningManager::Get()->PeriodicScanCancelStart();
1003 }
1004 p->sync_start_cb.Run(0x3C, 0, p->sid, 0, p->remote_bda, 0, 0);
1005
1006 p->sync_state = PERIODIC_SYNC_IDLE;
1007 p->in_use = false;
1008 p->remote_bda = RawAddress::kEmpty;
1009 p->sid = 0;
1010 p->sync_handle = 0;
1011 p->in_use = false;
1012 }
1013
btm_ble_get_psync_index_from_handle(uint16_t handle)1014 static int btm_ble_get_psync_index_from_handle(uint16_t handle) {
1015 int i;
1016 for (i = 0; i < MAX_SYNC_TRANSACTION; i++) {
1017 if (btm_ble_pa_sync_cb.p_sync[i].sync_handle == handle &&
1018 btm_ble_pa_sync_cb.p_sync[i].sync_state == PERIODIC_SYNC_ESTABLISHED) {
1019 log::debug("found index at {}", i);
1020 return i;
1021 }
1022 }
1023 return i;
1024 }
1025
btm_ble_get_psync_index(uint8_t adv_sid,RawAddress addr)1026 static int btm_ble_get_psync_index(uint8_t adv_sid, RawAddress addr) {
1027 int i;
1028 for (i = 0; i < MAX_SYNC_TRANSACTION; i++) {
1029 if (btm_ble_pa_sync_cb.p_sync[i].sid == adv_sid &&
1030 btm_ble_pa_sync_cb.p_sync[i].remote_bda == addr) {
1031 log::debug("found index at {}", i);
1032 return i;
1033 }
1034 }
1035 return i;
1036 }
1037
1038 /*******************************************************************************
1039 *
1040 * Function btm_ble_periodic_adv_sync_established
1041 *
1042 * Description Periodic Adv Sync Established callback from controller when
1043 & sync to PA is established
1044 *
1045 *
1046 ******************************************************************************/
btm_ble_periodic_adv_sync_established(uint8_t status,uint16_t sync_handle,uint8_t adv_sid,uint8_t address_type,const RawAddress & addr,uint8_t phy,uint16_t interval,uint8_t adv_clock_accuracy)1047 void btm_ble_periodic_adv_sync_established(uint8_t status, uint16_t sync_handle,
1048 uint8_t adv_sid,
1049 uint8_t address_type,
1050 const RawAddress& addr, uint8_t phy,
1051 uint16_t interval,
1052 uint8_t adv_clock_accuracy) {
1053 log::debug(
1054 "[PSync]: status={}, sync_handle={}, s_id={}, addr_type={}, "
1055 "adv_phy={},adv_interval={}, clock_acc={}",
1056 status, sync_handle, adv_sid, address_type, phy, interval,
1057 adv_clock_accuracy);
1058
1059 /*if (param_len != ADV_SYNC_ESTB_EVT_LEN) {
1060 log::error("[PSync]Invalid event length");
1061 STREAM_TO_UINT8(status, param);
1062 if (status == BTM_SUCCESS) {
1063 STREAM_TO_UINT16(sync_handle, param);
1064 //btsnd_hcic_ble_terminate_periodic_sync(sync_handle);
1065 if (BleScanningManager::IsInitialized()) {
1066 BleScanningManager::Get()->PeriodicScanTerminate(sync_handle);
1067 }
1068 return;
1069 }
1070 }*/
1071
1072 RawAddress bda = addr;
1073 alarm_cancel(sync_timeout_alarm);
1074
1075 tBLE_ADDR_TYPE ble_addr_type = to_ble_addr_type(address_type);
1076 if (ble_addr_type & BLE_ADDR_TYPE_ID_BIT) {
1077 btm_identity_addr_to_random_pseudo(&bda, &ble_addr_type, true);
1078 }
1079 int index = btm_ble_get_psync_index(adv_sid, bda);
1080 if (index == MAX_SYNC_TRANSACTION) {
1081 log::warn("[PSync]: Invalid index for sync established");
1082 if (status == BTM_SUCCESS) {
1083 log::warn("Terminate sync");
1084 if (BleScanningManager::IsInitialized()) {
1085 BleScanningManager::Get()->PeriodicScanTerminate(sync_handle);
1086 }
1087 }
1088 btm_sync_queue_advance();
1089 return;
1090 }
1091 tBTM_BLE_PERIODIC_SYNC* ps = &btm_ble_pa_sync_cb.p_sync[index];
1092 ps->sync_handle = sync_handle;
1093 ps->sync_state = PERIODIC_SYNC_ESTABLISHED;
1094 ps->sync_start_cb.Run(status, sync_handle, adv_sid,
1095 from_ble_addr_type(ble_addr_type), bda, phy, interval);
1096 btm_sync_queue_advance();
1097 }
1098
1099 /*******************************************************************************
1100 *
1101 * Function btm_ble_periodic_adv_report
1102 *
1103 * Description This callback is received when controller estalishes sync
1104 * to a PA requested from host
1105 *
1106 ******************************************************************************/
btm_ble_periodic_adv_report(uint16_t sync_handle,uint8_t tx_power,int8_t rssi,uint8_t cte_type,uint8_t data_status,uint8_t data_len,const uint8_t * periodic_data)1107 void btm_ble_periodic_adv_report(uint16_t sync_handle, uint8_t tx_power,
1108 int8_t rssi, uint8_t cte_type,
1109 uint8_t data_status, uint8_t data_len,
1110 const uint8_t* periodic_data) {
1111 log::debug(
1112 "[PSync]: sync_handle = {}, tx_power = {}, rssi = {},cte_type = {}, "
1113 "data_status = {}, data_len = {}",
1114 sync_handle, tx_power, rssi, cte_type, data_status, data_len);
1115
1116 std::vector<uint8_t> data;
1117 for (int i = 0; i < data_len; i++) {
1118 data.push_back(periodic_data[i]);
1119 }
1120 int index = btm_ble_get_psync_index_from_handle(sync_handle);
1121 if (index == MAX_SYNC_TRANSACTION) {
1122 log::error("[PSync]: index not found for handle {}", sync_handle);
1123 return;
1124 }
1125 tBTM_BLE_PERIODIC_SYNC* ps = &btm_ble_pa_sync_cb.p_sync[index];
1126 log::debug("[PSync]: invoking callback");
1127 ps->sync_report_cb.Run(sync_handle, tx_power, rssi, data_status, data);
1128 }
1129
1130 /*******************************************************************************
1131 *
1132 * Function btm_ble_periodic_adv_sync_lost
1133 *
1134 * Description This callback is received when sync to PA is lost
1135 *
1136 ******************************************************************************/
btm_ble_periodic_adv_sync_lost(uint16_t sync_handle)1137 void btm_ble_periodic_adv_sync_lost(uint16_t sync_handle) {
1138 log::debug("[PSync]: sync_handle = {}", sync_handle);
1139
1140 int index = btm_ble_get_psync_index_from_handle(sync_handle);
1141 if (index == MAX_SYNC_TRANSACTION) {
1142 log::error("[PSync]: index not found for handle {}", sync_handle);
1143 return;
1144 }
1145 tBTM_BLE_PERIODIC_SYNC* ps = &btm_ble_pa_sync_cb.p_sync[index];
1146 ps->sync_lost_cb.Run(sync_handle);
1147
1148 ps->in_use = false;
1149 ps->sid = 0;
1150 ps->sync_handle = 0;
1151 ps->sync_state = PERIODIC_SYNC_IDLE;
1152 ps->remote_bda = RawAddress::kEmpty;
1153 }
1154
1155 /*******************************************************************************
1156 *
1157 * Function btm_set_conn_mode_adv_init_addr
1158 *
1159 * Description set initator address type and local address type based on
1160 * adv mode.
1161 *
1162 *
1163 ******************************************************************************/
btm_set_conn_mode_adv_init_addr(RawAddress & p_peer_addr_ptr,tBLE_ADDR_TYPE * p_peer_addr_type,tBLE_ADDR_TYPE * p_own_addr_type)1164 static uint8_t btm_set_conn_mode_adv_init_addr(
1165 RawAddress& p_peer_addr_ptr, tBLE_ADDR_TYPE* p_peer_addr_type,
1166 tBLE_ADDR_TYPE* p_own_addr_type) {
1167 uint8_t evt_type;
1168 tBTM_SEC_DEV_REC* p_dev_rec;
1169
1170 if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_NON_CONNECTABLE) {
1171 if (btm_cb.ble_ctr_cb.inq_var.scan_rsp) {
1172 evt_type = BTM_BLE_DISCOVER_EVT;
1173 } else {
1174 evt_type = BTM_BLE_NON_CONNECT_EVT;
1175 }
1176 } else {
1177 evt_type = BTM_BLE_CONNECT_EVT;
1178 }
1179
1180 if (evt_type == BTM_BLE_CONNECT_EVT) {
1181 log::assert_that(p_peer_addr_type != nullptr,
1182 "assert failed: p_peer_addr_type != nullptr");
1183 const tBLE_BD_ADDR ble_bd_addr = {
1184 .type = *p_peer_addr_type,
1185 .bda = p_peer_addr_ptr,
1186 };
1187 log::debug("Received BLE connect event {}", ble_bd_addr);
1188
1189 evt_type = btm_cb.ble_ctr_cb.inq_var.directed_conn;
1190
1191 if (static_cast<std::underlying_type_t<tBTM_BLE_EVT>>(
1192 btm_cb.ble_ctr_cb.inq_var.directed_conn) ==
1193 BTM_BLE_CONNECT_DIR_EVT ||
1194 static_cast<std::underlying_type_t<tBTM_BLE_EVT>>(
1195 btm_cb.ble_ctr_cb.inq_var.directed_conn) ==
1196 BTM_BLE_CONNECT_LO_DUTY_DIR_EVT) {
1197 /* for privacy 1.2, convert peer address as static, own address set as ID
1198 * addr */
1199 if (btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 ||
1200 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED) {
1201 /* only do so for bonded device */
1202 if ((p_dev_rec = btm_find_or_alloc_dev(
1203 btm_cb.ble_ctr_cb.inq_var.direct_bda.bda)) != NULL &&
1204 p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) {
1205 p_peer_addr_ptr = p_dev_rec->ble.identity_address_with_type.bda;
1206 *p_peer_addr_type = p_dev_rec->ble.identity_address_with_type.type;
1207 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
1208 return evt_type;
1209 }
1210 /* otherwise fall though as normal directed adv */
1211 }
1212 /* direct adv mode does not have privacy, if privacy is not enabled */
1213 *p_peer_addr_type = btm_cb.ble_ctr_cb.inq_var.direct_bda.type;
1214 p_peer_addr_ptr = btm_cb.ble_ctr_cb.inq_var.direct_bda.bda;
1215 return evt_type;
1216 }
1217 }
1218
1219 /* undirect adv mode or non-connectable mode*/
1220 /* when privacy 1.2 privacy only mode is used, or mixed mode */
1221 if ((btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 &&
1222 btm_cb.ble_ctr_cb.inq_var.afp != AP_SCAN_CONN_ALL) ||
1223 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED) {
1224 list_node_t* n =
1225 list_foreach(btm_sec_cb.sec_dev_rec, is_resolving_list_bit_set, NULL);
1226 if (n) {
1227 /* if enhanced privacy is required, set Identity address and matching IRK
1228 * peer */
1229 tBTM_SEC_DEV_REC* p_dev_rec =
1230 static_cast<tBTM_SEC_DEV_REC*>(list_node(n));
1231 p_peer_addr_ptr = p_dev_rec->ble.identity_address_with_type.bda;
1232 *p_peer_addr_type = p_dev_rec->ble.identity_address_with_type.type;
1233
1234 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
1235 } else {
1236 /* resolving list is empty, not enabled */
1237 *p_own_addr_type = BLE_ADDR_RANDOM;
1238 }
1239 }
1240 /* privacy 1.1, or privacy 1.2, general discoverable/connectable mode, disable
1241 privacy in */
1242 /* controller fall back to host based privacy */
1243 else if (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE) {
1244 *p_own_addr_type = BLE_ADDR_RANDOM;
1245 }
1246
1247 /* if no privacy,do not set any peer address,*/
1248 /* local address type go by global privacy setting */
1249 return evt_type;
1250 }
1251
1252 /*******************************************************************************
1253 *
1254 * Function btm_ble_select_adv_interval
1255 *
1256 * Description select adv interval based on device mode
1257 *
1258 * Returns void
1259 *
1260 ******************************************************************************/
btm_ble_select_adv_interval(uint8_t evt_type,uint16_t * p_adv_int_min,uint16_t * p_adv_int_max)1261 static void btm_ble_select_adv_interval(uint8_t evt_type,
1262 uint16_t* p_adv_int_min,
1263 uint16_t* p_adv_int_max) {
1264 switch (evt_type) {
1265 case BTM_BLE_CONNECT_EVT:
1266 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
1267 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_1;
1268 break;
1269
1270 case BTM_BLE_NON_CONNECT_EVT:
1271 case BTM_BLE_DISCOVER_EVT:
1272 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_2;
1273 break;
1274
1275 /* connectable directed event */
1276 case BTM_BLE_CONNECT_DIR_EVT:
1277 *p_adv_int_min = BTM_BLE_GAP_ADV_DIR_MIN_INT;
1278 *p_adv_int_max = BTM_BLE_GAP_ADV_DIR_MAX_INT;
1279 break;
1280
1281 default:
1282 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_SLOW_INT;
1283 break;
1284 }
1285 }
1286
1287 /*******************************************************************************
1288 *
1289 * Function btm_ble_update_dmt_flag_bits
1290 *
1291 * Description Obtain updated adv flag value based on connect and
1292 * discoverability mode. Also, setup DMT support value in the
1293 * flag based on whether the controller supports both LE and
1294 * BR/EDR.
1295 *
1296 * Parameters: flag_value (Input / Output) - flag value
1297 * connect_mode (Input) - Connect mode value
1298 * disc_mode (Input) - discoverability mode
1299 *
1300 * Returns void
1301 *
1302 ******************************************************************************/
btm_ble_update_dmt_flag_bits(uint8_t * adv_flag_value,const uint16_t connect_mode,const uint16_t disc_mode)1303 void btm_ble_update_dmt_flag_bits(uint8_t* adv_flag_value,
1304 const uint16_t connect_mode,
1305 const uint16_t disc_mode) {
1306 /* BR/EDR non-discoverable , non-connectable */
1307 if ((disc_mode & BTM_DISCOVERABLE_MASK) == 0 &&
1308 (connect_mode & BTM_CONNECTABLE_MASK) == 0)
1309 *adv_flag_value |= BTM_BLE_BREDR_NOT_SPT;
1310 else
1311 *adv_flag_value &= ~BTM_BLE_BREDR_NOT_SPT;
1312
1313 /* if local controller support, mark both controller and host support in flag
1314 */
1315 if (bluetooth::shim::GetController()->SupportsSimultaneousLeBrEdr())
1316 *adv_flag_value |= (BTM_BLE_DMT_CONTROLLER_SPT | BTM_BLE_DMT_HOST_SPT);
1317 else
1318 *adv_flag_value &= ~(BTM_BLE_DMT_CONTROLLER_SPT | BTM_BLE_DMT_HOST_SPT);
1319 }
1320
1321 /*******************************************************************************
1322 *
1323 * Function btm_ble_set_adv_flag
1324 *
1325 * Description Set adv flag in adv data.
1326 *
1327 * Parameters: connect_mode (Input)- Connect mode value
1328 * disc_mode (Input) - discoverability mode
1329 *
1330 * Returns void
1331 *
1332 ******************************************************************************/
btm_ble_set_adv_flag(uint16_t connect_mode,uint16_t disc_mode)1333 void btm_ble_set_adv_flag(uint16_t connect_mode, uint16_t disc_mode) {
1334 uint8_t flag = 0, old_flag = 0;
1335 tBTM_BLE_LOCAL_ADV_DATA* p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1336
1337 if (p_adv_data->p_flags != NULL) flag = old_flag = *(p_adv_data->p_flags);
1338
1339 btm_ble_update_dmt_flag_bits(&flag, connect_mode, disc_mode);
1340
1341 log::info("disc_mode {:04x}", disc_mode);
1342 /* update discoverable flag */
1343 if (disc_mode & BTM_BLE_LIMITED_DISCOVERABLE) {
1344 flag &= ~BTM_BLE_GEN_DISC_FLAG;
1345 flag |= BTM_BLE_LIMIT_DISC_FLAG;
1346 } else if (disc_mode & BTM_BLE_GENERAL_DISCOVERABLE) {
1347 flag |= BTM_BLE_GEN_DISC_FLAG;
1348 flag &= ~BTM_BLE_LIMIT_DISC_FLAG;
1349 } else /* remove all discoverable flags */
1350 {
1351 flag &= ~(BTM_BLE_LIMIT_DISC_FLAG | BTM_BLE_GEN_DISC_FLAG);
1352 }
1353
1354 if (flag != old_flag) {
1355 btm_ble_update_adv_flag(flag);
1356 }
1357 }
1358 /*******************************************************************************
1359 *
1360 * Function btm_ble_set_discoverability
1361 *
1362 * Description This function is called to set BLE discoverable mode.
1363 *
1364 * Parameters: combined_mode: discoverability mode.
1365 *
1366 * Returns BTM_SUCCESS is status set successfully; otherwise failure.
1367 *
1368 ******************************************************************************/
btm_ble_set_discoverability(uint16_t combined_mode)1369 tBTM_STATUS btm_ble_set_discoverability(uint16_t combined_mode) {
1370 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1371 uint16_t mode = (combined_mode & BTM_BLE_DISCOVERABLE_MASK);
1372 uint8_t new_mode = BTM_BLE_ADV_ENABLE;
1373 uint8_t evt_type;
1374 tBTM_STATUS status = BTM_SUCCESS;
1375 RawAddress address = RawAddress::kEmpty;
1376 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC,
1377 own_addr_type = p_addr_cb->own_addr_type;
1378 uint16_t adv_int_min, adv_int_max;
1379
1380 log::verbose("mode=0x{:0x} combined_mode=0x{:x}", mode, combined_mode);
1381
1382 /*** Check mode parameter ***/
1383 if (mode > BTM_BLE_MAX_DISCOVERABLE) return (BTM_ILLEGAL_VALUE);
1384
1385 btm_cb.ble_ctr_cb.inq_var.discoverable_mode = mode;
1386
1387 evt_type =
1388 btm_set_conn_mode_adv_init_addr(address, &init_addr_type, &own_addr_type);
1389
1390 if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_NON_CONNECTABLE &&
1391 mode == BTM_BLE_NON_DISCOVERABLE)
1392 new_mode = BTM_BLE_ADV_DISABLE;
1393
1394 btm_ble_select_adv_interval(evt_type, &adv_int_min, &adv_int_max);
1395
1396 alarm_cancel(btm_cb.ble_ctr_cb.inq_var.fast_adv_timer);
1397
1398 /* update adv params if start advertising */
1399 log::verbose("evt_type=0x{:x} p-cb->evt_type=0x{:x}", evt_type,
1400 btm_cb.ble_ctr_cb.inq_var.evt_type);
1401
1402 if (new_mode == BTM_BLE_ADV_ENABLE) {
1403 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode, combined_mode);
1404
1405 if (evt_type != btm_cb.ble_ctr_cb.inq_var.evt_type ||
1406 btm_cb.ble_ctr_cb.inq_var.adv_addr_type != own_addr_type ||
1407 !btm_cb.ble_ctr_cb.inq_var.fast_adv_on) {
1408 btm_ble_stop_adv();
1409
1410 /* update adv params */
1411 btsnd_hcic_ble_write_adv_params(adv_int_min, adv_int_max, evt_type,
1412 own_addr_type, init_addr_type, address,
1413 btm_cb.ble_ctr_cb.inq_var.adv_chnl_map,
1414 btm_cb.ble_ctr_cb.inq_var.afp);
1415 btm_cb.ble_ctr_cb.inq_var.evt_type = evt_type;
1416 btm_cb.ble_ctr_cb.inq_var.adv_addr_type = own_addr_type;
1417 }
1418 }
1419
1420 if (status == BTM_SUCCESS && btm_cb.ble_ctr_cb.inq_var.adv_mode != new_mode) {
1421 if (new_mode == BTM_BLE_ADV_ENABLE)
1422 status = btm_ble_start_adv();
1423 else
1424 status = btm_ble_stop_adv();
1425 }
1426
1427 if (btm_cb.ble_ctr_cb.inq_var.adv_mode == BTM_BLE_ADV_ENABLE) {
1428 btm_cb.ble_ctr_cb.inq_var.fast_adv_on = true;
1429 /* start initial GAP mode adv timer */
1430 alarm_set_on_mloop(btm_cb.ble_ctr_cb.inq_var.fast_adv_timer,
1431 BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1432 btm_ble_fast_adv_timer_timeout, NULL);
1433 }
1434
1435 /* set up stop advertising timer */
1436 if (status == BTM_SUCCESS && mode == BTM_BLE_LIMITED_DISCOVERABLE) {
1437 log::verbose("start timer for limited disc mode duration={} ms",
1438 BTM_BLE_GAP_LIM_TIMEOUT_MS);
1439 /* start Tgap(lim_timeout) */
1440 alarm_set_on_mloop(
1441 btm_cb.ble_ctr_cb.inq_var.inquiry_timer, BTM_BLE_GAP_LIM_TIMEOUT_MS,
1442 btm_ble_inquiry_timer_gap_limited_discovery_timeout, NULL);
1443 }
1444 return status;
1445 }
1446
1447 /*******************************************************************************
1448 *
1449 * Function btm_ble_set_connectability
1450 *
1451 * Description This function is called to set BLE connectability mode.
1452 *
1453 * Parameters: combined_mode: connectability mode.
1454 *
1455 * Returns BTM_SUCCESS is status set successfully; otherwise failure.
1456 *
1457 ******************************************************************************/
btm_ble_set_connectability(uint16_t combined_mode)1458 tBTM_STATUS btm_ble_set_connectability(uint16_t combined_mode) {
1459 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1460 uint16_t mode = (combined_mode & BTM_BLE_CONNECTABLE_MASK);
1461 uint8_t new_mode = BTM_BLE_ADV_ENABLE;
1462 uint8_t evt_type;
1463 tBTM_STATUS status = BTM_SUCCESS;
1464 RawAddress address = RawAddress::kEmpty;
1465 tBLE_ADDR_TYPE peer_addr_type = BLE_ADDR_PUBLIC,
1466 own_addr_type = p_addr_cb->own_addr_type;
1467 uint16_t adv_int_min, adv_int_max;
1468
1469 log::verbose("mode=0x{:0x} combined_mode=0x{:x}", mode, combined_mode);
1470
1471 /*** Check mode parameter ***/
1472 if (mode > BTM_BLE_MAX_CONNECTABLE) return (BTM_ILLEGAL_VALUE);
1473
1474 btm_cb.ble_ctr_cb.inq_var.connectable_mode = mode;
1475
1476 evt_type =
1477 btm_set_conn_mode_adv_init_addr(address, &peer_addr_type, &own_addr_type);
1478
1479 if (mode == BTM_BLE_NON_CONNECTABLE &&
1480 btm_cb.ble_ctr_cb.inq_var.discoverable_mode == BTM_BLE_NON_DISCOVERABLE)
1481 new_mode = BTM_BLE_ADV_DISABLE;
1482
1483 btm_ble_select_adv_interval(evt_type, &adv_int_min, &adv_int_max);
1484
1485 alarm_cancel(btm_cb.ble_ctr_cb.inq_var.fast_adv_timer);
1486 /* update adv params if needed */
1487 if (new_mode == BTM_BLE_ADV_ENABLE) {
1488 btm_ble_set_adv_flag(combined_mode, btm_cb.btm_inq_vars.discoverable_mode);
1489 if (btm_cb.ble_ctr_cb.inq_var.evt_type != evt_type ||
1490 btm_cb.ble_ctr_cb.inq_var.adv_addr_type != p_addr_cb->own_addr_type ||
1491 !btm_cb.ble_ctr_cb.inq_var.fast_adv_on) {
1492 btm_ble_stop_adv();
1493
1494 btsnd_hcic_ble_write_adv_params(adv_int_min, adv_int_max, evt_type,
1495 own_addr_type, peer_addr_type, address,
1496 btm_cb.ble_ctr_cb.inq_var.adv_chnl_map,
1497 btm_cb.ble_ctr_cb.inq_var.afp);
1498 btm_cb.ble_ctr_cb.inq_var.evt_type = evt_type;
1499 btm_cb.ble_ctr_cb.inq_var.adv_addr_type = own_addr_type;
1500 }
1501 }
1502
1503 /* update advertising mode */
1504 if (status == BTM_SUCCESS && new_mode != btm_cb.ble_ctr_cb.inq_var.adv_mode) {
1505 if (new_mode == BTM_BLE_ADV_ENABLE)
1506 status = btm_ble_start_adv();
1507 else
1508 status = btm_ble_stop_adv();
1509 }
1510
1511 if (btm_cb.ble_ctr_cb.inq_var.adv_mode == BTM_BLE_ADV_ENABLE) {
1512 btm_cb.ble_ctr_cb.inq_var.fast_adv_on = true;
1513 /* start initial GAP mode adv timer */
1514 alarm_set_on_mloop(btm_cb.ble_ctr_cb.inq_var.fast_adv_timer,
1515 BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1516 btm_ble_fast_adv_timer_timeout, NULL);
1517 }
1518 return status;
1519 }
1520
btm_send_hci_scan_enable(uint8_t enable,uint8_t filter_duplicates)1521 static void btm_send_hci_scan_enable(uint8_t enable,
1522 uint8_t filter_duplicates) {
1523 if (bluetooth::shim::GetController()->SupportsBleExtendedAdvertising()) {
1524 btsnd_hcic_ble_set_extended_scan_enable(enable, filter_duplicates, 0x0000,
1525 0x0000);
1526 } else {
1527 btsnd_hcic_ble_set_scan_enable(enable, filter_duplicates);
1528 }
1529 }
1530
btm_send_hci_set_scan_params(uint8_t scan_type,uint16_t scan_int,uint16_t scan_win,uint8_t scan_phy,tBLE_ADDR_TYPE addr_type_own,uint8_t scan_filter_policy)1531 void btm_send_hci_set_scan_params(uint8_t scan_type, uint16_t scan_int,
1532 uint16_t scan_win, uint8_t scan_phy,
1533 tBLE_ADDR_TYPE addr_type_own,
1534 uint8_t scan_filter_policy) {
1535 if (bluetooth::shim::GetController()->SupportsBleExtendedAdvertising()) {
1536 scanning_phy_cfg phy_cfg;
1537 phy_cfg.scan_type = scan_type;
1538 phy_cfg.scan_int = scan_int;
1539 phy_cfg.scan_win = scan_win;
1540
1541 if (com::android::bluetooth::flags::phy_to_native()) {
1542 btsnd_hcic_ble_set_extended_scan_params(addr_type_own, scan_filter_policy,
1543 scan_phy, &phy_cfg);
1544 } else {
1545 btsnd_hcic_ble_set_extended_scan_params(addr_type_own, scan_filter_policy,
1546 1, &phy_cfg);
1547 }
1548 } else {
1549 btsnd_hcic_ble_set_scan_params(scan_type, scan_int, scan_win, addr_type_own,
1550 scan_filter_policy);
1551 }
1552 }
1553
1554 /* Scan filter param config event */
btm_ble_scan_filt_param_cfg_evt(uint8_t,tBTM_BLE_SCAN_COND_OP,tBTM_STATUS btm_status)1555 static void btm_ble_scan_filt_param_cfg_evt(
1556 uint8_t /* avbl_space */, tBTM_BLE_SCAN_COND_OP /* action_type */,
1557 tBTM_STATUS btm_status) {
1558 if (btm_status != btm_status_value(BTM_SUCCESS)) {
1559 log::error("{}", btm_status);
1560 } else {
1561 log::verbose("");
1562 }
1563 }
1564
1565 /*******************************************************************************
1566 *
1567 * Function btm_ble_start_inquiry
1568 *
1569 * Description This function is called to start BLE inquiry procedure.
1570 * If the duration is zero, the periodic inquiry mode is
1571 * cancelled.
1572 *
1573 * Parameters: duration - Duration of inquiry in seconds
1574 *
1575 * Returns BTM_CMD_STARTED if successfully started
1576 * BTM_BUSY - if an inquiry is already active
1577 *
1578 ******************************************************************************/
btm_ble_start_inquiry(uint8_t duration)1579 tBTM_STATUS btm_ble_start_inquiry(uint8_t duration) {
1580 log::verbose("btm_ble_start_inquiry: inq_active = 0x{:02x}",
1581 btm_cb.btm_inq_vars.inq_active);
1582
1583 /* if selective connection is active, or inquiry is already active, reject it
1584 */
1585 if (btm_cb.ble_ctr_cb.is_ble_inquiry_active()) {
1586 log::error("LE Inquiry is active, can not start inquiry");
1587 return (BTM_BUSY);
1588 }
1589
1590 /* Cleanup anything remaining on index 0 */
1591 BTM_BleAdvFilterParamSetup(BTM_BLE_SCAN_COND_DELETE,
1592 static_cast<tBTM_BLE_PF_FILT_INDEX>(0), nullptr,
1593 base::Bind(btm_ble_scan_filt_param_cfg_evt));
1594
1595 auto adv_filt_param = std::make_unique<btgatt_filt_param_setup_t>();
1596 /* Add an allow-all filter on index 0*/
1597 adv_filt_param->dely_mode = IMMEDIATE_DELY_MODE;
1598 adv_filt_param->feat_seln = ALLOW_ALL_FILTER;
1599 adv_filt_param->filt_logic_type = BTA_DM_BLE_PF_FILT_LOGIC_OR;
1600 adv_filt_param->list_logic_type = BTA_DM_BLE_PF_LIST_LOGIC_OR;
1601 adv_filt_param->rssi_low_thres = LOWEST_RSSI_VALUE;
1602 adv_filt_param->rssi_high_thres = LOWEST_RSSI_VALUE;
1603 BTM_BleAdvFilterParamSetup(BTM_BLE_SCAN_COND_ADD, static_cast<tBTM_BLE_PF_FILT_INDEX>(0),
1604 std::move(adv_filt_param), base::Bind(btm_ble_scan_filt_param_cfg_evt));
1605
1606 uint16_t scan_interval, scan_window;
1607
1608 std::tie(scan_interval, scan_window) = get_low_latency_scan_params();
1609 uint8_t scan_phy = BTM_BLE_DEFAULT_PHYS;
1610
1611 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) {
1612 cache.ClearAll();
1613 btm_send_hci_set_scan_params(
1614 BTM_BLE_SCAN_MODE_ACTI, scan_interval, scan_window, scan_phy,
1615 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, SP_ADV_ALL);
1616 btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_ACTI;
1617 btm_ble_start_scan();
1618 } else if ((btm_cb.ble_ctr_cb.inq_var.scan_interval != scan_interval) ||
1619 (btm_cb.ble_ctr_cb.inq_var.scan_window != scan_window)) {
1620 log::verbose("restart LE scan with low latency scan params");
1621 btm_cb.ble_ctr_cb.inq_var.scan_interval = scan_interval;
1622 btm_cb.ble_ctr_cb.inq_var.scan_window = scan_window;
1623 btm_send_hci_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
1624 btm_send_hci_set_scan_params(
1625 BTM_BLE_SCAN_MODE_ACTI, scan_interval, scan_window, scan_phy,
1626 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type, SP_ADV_ALL);
1627 btm_send_hci_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
1628 }
1629
1630 btm_cb.btm_inq_vars.inq_active |= BTM_BLE_GENERAL_INQUIRY;
1631 btm_cb.ble_ctr_cb.set_ble_inquiry_active();
1632
1633 log::verbose("btm_ble_start_inquiry inq_active = 0x{:02x}",
1634 btm_cb.btm_inq_vars.inq_active);
1635
1636 if (duration != 0) {
1637 /* start inquiry timer */
1638 uint64_t duration_ms = duration * 1000;
1639 alarm_set_on_mloop(btm_cb.ble_ctr_cb.inq_var.inquiry_timer, duration_ms,
1640 btm_ble_inquiry_timer_timeout, NULL);
1641 }
1642
1643 btm_cb.neighbor.le_inquiry = {
1644 .start_time_ms = timestamper_in_milliseconds.GetTimestamp(),
1645 .results = 0,
1646 };
1647 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Le inquiry started");
1648
1649 return BTM_CMD_STARTED;
1650 }
1651
1652 /*******************************************************************************
1653 *
1654 * Function btm_ble_read_remote_name_cmpl
1655 *
1656 * Description This function is called when BLE remote name is received.
1657 *
1658 * Returns void
1659 *
1660 ******************************************************************************/
btm_ble_read_remote_name_cmpl(bool status,const RawAddress & bda,uint16_t length,char * p_name)1661 void btm_ble_read_remote_name_cmpl(bool status, const RawAddress& bda,
1662 uint16_t length, char* p_name) {
1663 tHCI_STATUS hci_status = HCI_SUCCESS;
1664 BD_NAME bd_name;
1665 bd_name_from_char_pointer(bd_name, p_name);
1666
1667 if ((!status) || (length == 0)) {
1668 hci_status = HCI_ERR_HOST_TIMEOUT;
1669 }
1670
1671 btm_process_remote_name(&bda, bd_name, length + 1, hci_status);
1672 btm_sec_rmt_name_request_complete(&bda, (const uint8_t*)p_name, hci_status);
1673 }
1674
1675 /*******************************************************************************
1676 *
1677 * Function btm_ble_read_remote_name
1678 *
1679 * Description This function read remote LE device name using GATT read
1680 * procedure.
1681 *
1682 * Parameters: None.
1683 *
1684 * Returns void
1685 *
1686 ******************************************************************************/
btm_ble_read_remote_name(const RawAddress & remote_bda,tBTM_NAME_CMPL_CB * p_cb)1687 tBTM_STATUS btm_ble_read_remote_name(const RawAddress& remote_bda,
1688 tBTM_NAME_CMPL_CB* p_cb) {
1689 if (!bluetooth::shim::GetController()->SupportsBle())
1690 return BTM_ERR_PROCESSING;
1691
1692 tINQ_DB_ENT* p_i = btm_inq_db_find(remote_bda);
1693 if (p_i && !ble_evt_type_is_connectable(p_i->inq_info.results.ble_evt_type)) {
1694 log::verbose("name request to non-connectable device failed.");
1695 return BTM_ERR_PROCESSING;
1696 }
1697
1698 /* read remote device name using GATT procedure */
1699 if (btm_cb.btm_inq_vars.remname_active) {
1700 log::warn(
1701 "Unable to start GATT RNR procedure for peer:{} busy with peer:{}",
1702 remote_bda, btm_cb.btm_inq_vars.remname_bda);
1703 return BTM_BUSY;
1704 }
1705 if (!GAP_BleReadPeerDevName(remote_bda, btm_ble_read_remote_name_cmpl))
1706 return BTM_BUSY;
1707
1708 btm_cb.btm_inq_vars.p_remname_cmpl_cb = p_cb;
1709 btm_cb.btm_inq_vars.remname_active = true;
1710 btm_cb.btm_inq_vars.remname_bda = remote_bda;
1711 btm_cb.btm_inq_vars.remname_dev_type = BT_DEVICE_TYPE_BLE;
1712
1713 alarm_set_on_mloop(btm_cb.btm_inq_vars.remote_name_timer,
1714 BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS,
1715 btm_inq_remote_name_timer_timeout, NULL);
1716
1717 return BTM_CMD_STARTED;
1718 }
1719
1720 /*******************************************************************************
1721 *
1722 * Function btm_ble_cancel_remote_name
1723 *
1724 * Description This function cancel read remote LE device name.
1725 *
1726 * Parameters: None.
1727 *
1728 * Returns void
1729 *
1730 ******************************************************************************/
btm_ble_cancel_remote_name(const RawAddress & remote_bda)1731 bool btm_ble_cancel_remote_name(const RawAddress& remote_bda) {
1732 bool status;
1733
1734 status = GAP_BleCancelReadPeerDevName(remote_bda);
1735
1736 btm_cb.btm_inq_vars.remname_active = false;
1737 btm_cb.btm_inq_vars.remname_bda = RawAddress::kEmpty;
1738 btm_cb.btm_inq_vars.remname_dev_type = BT_DEVICE_TYPE_UNKNOWN;
1739 alarm_cancel(btm_cb.btm_inq_vars.remote_name_timer);
1740
1741 return status;
1742 }
1743
1744 /*******************************************************************************
1745 *
1746 * Function btm_ble_update_adv_flag
1747 *
1748 * Description This function update the limited discoverable flag in the
1749 * adv data.
1750 *
1751 * Parameters: None.
1752 *
1753 * Returns void
1754 *
1755 ******************************************************************************/
btm_ble_update_adv_flag(uint8_t flag)1756 static void btm_ble_update_adv_flag(uint8_t flag) {
1757 tBTM_BLE_LOCAL_ADV_DATA* p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1758 uint8_t* p;
1759
1760 log::verbose("btm_ble_update_adv_flag new=0x{:x}", flag);
1761
1762 if (p_adv_data->p_flags != NULL) {
1763 log::verbose("btm_ble_update_adv_flag old=0x{:x}", *p_adv_data->p_flags);
1764 *p_adv_data->p_flags = flag;
1765 } else /* no FLAGS in ADV data*/
1766 {
1767 p = (p_adv_data->p_pad == NULL) ? p_adv_data->ad_data : p_adv_data->p_pad;
1768 /* need 3 bytes space to stuff in the flags, if not */
1769 /* erase all written data, just for flags */
1770 if ((BTM_BLE_AD_DATA_LEN - (p - p_adv_data->ad_data)) < 3) {
1771 p = p_adv_data->p_pad = p_adv_data->ad_data;
1772 memset(p_adv_data->ad_data, 0, BTM_BLE_AD_DATA_LEN);
1773 }
1774
1775 *p++ = 2;
1776 *p++ = BTM_BLE_AD_TYPE_FLAG;
1777 p_adv_data->p_flags = p;
1778 *p++ = flag;
1779 p_adv_data->p_pad = p;
1780 }
1781
1782 btsnd_hcic_ble_set_adv_data(
1783 (uint8_t)(p_adv_data->p_pad - p_adv_data->ad_data), p_adv_data->ad_data);
1784 p_adv_data->data_mask |= BTM_BLE_AD_BIT_FLAGS;
1785 }
1786
1787 /**
1788 * Check ADV flag to make sure device is discoverable and match the search
1789 * condition
1790 */
btm_ble_is_discoverable(const RawAddress &,std::vector<uint8_t> const & adv_data)1791 static uint8_t btm_ble_is_discoverable(const RawAddress& /* bda */,
1792 std::vector<uint8_t> const& adv_data) {
1793 uint8_t scan_state = BTM_BLE_NOT_SCANNING;
1794
1795 /* for observer, always "discoverable */
1796 if (btm_cb.ble_ctr_cb.is_ble_observe_active())
1797 scan_state |= BTM_BLE_OBS_RESULT;
1798
1799 if (!adv_data.empty()) {
1800 uint8_t flag = 0;
1801 uint8_t data_len;
1802 const uint8_t* p_flag = AdvertiseDataParser::GetFieldByType(
1803 adv_data, BTM_BLE_AD_TYPE_FLAG, &data_len);
1804 if (p_flag != NULL && data_len != 0) {
1805 flag = *p_flag;
1806
1807 if ((btm_cb.btm_inq_vars.inq_active & BTM_BLE_GENERAL_INQUIRY) &&
1808 (flag & (BTM_BLE_LIMIT_DISC_FLAG | BTM_BLE_GEN_DISC_FLAG)) != 0) {
1809 scan_state |= BTM_BLE_INQ_RESULT;
1810 }
1811 }
1812 }
1813 return scan_state;
1814 }
1815
btm_ble_appearance_to_cod(uint16_t appearance)1816 static DEV_CLASS btm_ble_appearance_to_cod(uint16_t appearance) {
1817 DEV_CLASS dev_class = kDevClassEmpty;
1818
1819 switch (appearance) {
1820 case BTM_BLE_APPEARANCE_GENERIC_PHONE:
1821 dev_class[1] = BTM_COD_MAJOR_PHONE;
1822 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1823 break;
1824 case BTM_BLE_APPEARANCE_GENERIC_COMPUTER:
1825 dev_class[1] = BTM_COD_MAJOR_COMPUTER;
1826 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1827 break;
1828 case BTM_BLE_APPEARANCE_GENERIC_REMOTE:
1829 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1830 dev_class[2] = BTM_COD_MINOR_REMOTE_CONTROL;
1831 break;
1832 case BTM_BLE_APPEARANCE_GENERIC_THERMOMETER:
1833 case BTM_BLE_APPEARANCE_THERMOMETER_EAR:
1834 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1835 dev_class[2] = BTM_COD_MINOR_THERMOMETER;
1836 break;
1837 case BTM_BLE_APPEARANCE_GENERIC_HEART_RATE:
1838 case BTM_BLE_APPEARANCE_HEART_RATE_BELT:
1839 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1840 dev_class[2] = BTM_COD_MINOR_HEART_PULSE_MONITOR;
1841 break;
1842 case BTM_BLE_APPEARANCE_GENERIC_BLOOD_PRESSURE:
1843 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_ARM:
1844 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_WRIST:
1845 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1846 dev_class[2] = BTM_COD_MINOR_BLOOD_MONITOR;
1847 break;
1848 case BTM_BLE_APPEARANCE_GENERIC_PULSE_OXIMETER:
1849 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_FINGERTIP:
1850 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_WRIST:
1851 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1852 dev_class[2] = BTM_COD_MINOR_PULSE_OXIMETER;
1853 break;
1854 case BTM_BLE_APPEARANCE_GENERIC_GLUCOSE:
1855 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1856 dev_class[2] = BTM_COD_MINOR_GLUCOSE_METER;
1857 break;
1858 case BTM_BLE_APPEARANCE_GENERIC_WEIGHT:
1859 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1860 dev_class[2] = BTM_COD_MINOR_WEIGHING_SCALE;
1861 break;
1862 case BTM_BLE_APPEARANCE_GENERIC_WALKING:
1863 case BTM_BLE_APPEARANCE_WALKING_IN_SHOE:
1864 case BTM_BLE_APPEARANCE_WALKING_ON_SHOE:
1865 case BTM_BLE_APPEARANCE_WALKING_ON_HIP:
1866 dev_class[1] = BTM_COD_MAJOR_HEALTH;
1867 dev_class[2] = BTM_COD_MINOR_STEP_COUNTER;
1868 break;
1869 case BTM_BLE_APPEARANCE_GENERIC_WATCH:
1870 case BTM_BLE_APPEARANCE_SPORTS_WATCH:
1871 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
1872 dev_class[2] = BTM_COD_MINOR_WRIST_WATCH;
1873 break;
1874 case BTM_BLE_APPEARANCE_GENERIC_EYEGLASSES:
1875 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
1876 dev_class[2] = BTM_COD_MINOR_GLASSES;
1877 break;
1878 case BTM_BLE_APPEARANCE_GENERIC_DISPLAY:
1879 dev_class[1] = BTM_COD_MAJOR_IMAGING;
1880 dev_class[2] = BTM_COD_MINOR_DISPLAY;
1881 break;
1882 case BTM_BLE_APPEARANCE_GENERIC_MEDIA_PLAYER:
1883 dev_class[1] = BTM_COD_MAJOR_AUDIO;
1884 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1885 break;
1886 case BTM_BLE_APPEARANCE_GENERIC_WEARABLE_AUDIO_DEVICE:
1887 case BTM_BLE_APPEARANCE_WEARABLE_AUDIO_DEVICE_EARBUD:
1888 case BTM_BLE_APPEARANCE_WEARABLE_AUDIO_DEVICE_HEADSET:
1889 case BTM_BLE_APPEARANCE_WEARABLE_AUDIO_DEVICE_HEADPHONES:
1890 case BTM_BLE_APPEARANCE_WEARABLE_AUDIO_DEVICE_NECK_BAND:
1891 dev_class[0] = (BTM_COD_SERVICE_AUDIO | BTM_COD_SERVICE_RENDERING) >> 8;
1892 dev_class[1] = (BTM_COD_MAJOR_AUDIO | BTM_COD_SERVICE_LE_AUDIO);
1893 dev_class[2] = BTM_COD_MINOR_WEARABLE_HEADSET;
1894 break;
1895 case BTM_BLE_APPEARANCE_GENERIC_BARCODE_SCANNER:
1896 case BTM_BLE_APPEARANCE_HID_BARCODE_SCANNER:
1897 case BTM_BLE_APPEARANCE_GENERIC_HID:
1898 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1899 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1900 break;
1901 case BTM_BLE_APPEARANCE_HID_KEYBOARD:
1902 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1903 dev_class[2] = BTM_COD_MINOR_KEYBOARD;
1904 break;
1905 case BTM_BLE_APPEARANCE_HID_MOUSE:
1906 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1907 dev_class[2] = BTM_COD_MINOR_POINTING;
1908 break;
1909 case BTM_BLE_APPEARANCE_HID_JOYSTICK:
1910 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1911 dev_class[2] = BTM_COD_MINOR_JOYSTICK;
1912 break;
1913 case BTM_BLE_APPEARANCE_HID_GAMEPAD:
1914 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1915 dev_class[2] = BTM_COD_MINOR_GAMEPAD;
1916 break;
1917 case BTM_BLE_APPEARANCE_HID_DIGITIZER_TABLET:
1918 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1919 dev_class[2] = BTM_COD_MINOR_DIGITIZING_TABLET;
1920 break;
1921 case BTM_BLE_APPEARANCE_HID_CARD_READER:
1922 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1923 dev_class[2] = BTM_COD_MINOR_CARD_READER;
1924 break;
1925 case BTM_BLE_APPEARANCE_HID_DIGITAL_PEN:
1926 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1927 dev_class[2] = BTM_COD_MINOR_DIGITAL_PAN;
1928 break;
1929 case BTM_BLE_APPEARANCE_UKNOWN:
1930 case BTM_BLE_APPEARANCE_GENERIC_CLOCK:
1931 case BTM_BLE_APPEARANCE_GENERIC_TAG:
1932 case BTM_BLE_APPEARANCE_GENERIC_KEYRING:
1933 case BTM_BLE_APPEARANCE_GENERIC_CYCLING:
1934 case BTM_BLE_APPEARANCE_CYCLING_COMPUTER:
1935 case BTM_BLE_APPEARANCE_CYCLING_SPEED:
1936 case BTM_BLE_APPEARANCE_CYCLING_CADENCE:
1937 case BTM_BLE_APPEARANCE_CYCLING_POWER:
1938 case BTM_BLE_APPEARANCE_CYCLING_SPEED_CADENCE:
1939 case BTM_BLE_APPEARANCE_GENERIC_OUTDOOR_SPORTS:
1940 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION:
1941 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_AND_NAV:
1942 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD:
1943 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD_AND_NAV:
1944 default:
1945 dev_class[1] = BTM_COD_MAJOR_UNCLASSIFIED;
1946 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
1947 };
1948 return dev_class;
1949 }
1950
btm_ble_get_appearance_as_cod(std::vector<uint8_t> const & data)1951 DEV_CLASS btm_ble_get_appearance_as_cod(std::vector<uint8_t> const& data) {
1952 /* Check to see the BLE device has the Appearance UUID in the advertising
1953 * data. If it does then try to convert the appearance value to a class of
1954 * device value Fluoride can use. Otherwise fall back to trying to infer if
1955 * it is a HID device based on the service class.
1956 */
1957 uint8_t len;
1958 const uint8_t* p_uuid16 = AdvertiseDataParser::GetFieldByType(
1959 data, BTM_BLE_AD_TYPE_APPEARANCE, &len);
1960 if (p_uuid16 && len == 2) {
1961 return btm_ble_appearance_to_cod((uint16_t)p_uuid16[0] |
1962 (p_uuid16[1] << 8));
1963 }
1964
1965 p_uuid16 = AdvertiseDataParser::GetFieldByType(
1966 data, BTM_BLE_AD_TYPE_16SRV_CMPL, &len);
1967 if (p_uuid16 == NULL) {
1968 return kDevClassUnclassified;
1969 }
1970
1971 for (uint8_t i = 0; i + 2 <= len; i = i + 2) {
1972 /* if this BLE device supports HID over LE, set HID Major in class of
1973 * device */
1974 if ((p_uuid16[i] | (p_uuid16[i + 1] << 8)) == UUID_SERVCLASS_LE_HID) {
1975 DEV_CLASS dev_class;
1976 dev_class[0] = 0;
1977 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
1978 dev_class[2] = 0;
1979 return dev_class;
1980 }
1981 }
1982
1983 return kDevClassUnclassified;
1984 }
1985
1986 /**
1987 * Update adv packet information into inquiry result.
1988 */
btm_ble_update_inq_result(tINQ_DB_ENT * p_i,uint8_t addr_type,const RawAddress &,uint16_t evt_type,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,std::vector<uint8_t> const & data)1989 static void btm_ble_update_inq_result(tINQ_DB_ENT* p_i, uint8_t addr_type,
1990 const RawAddress& /* bda */,
1991 uint16_t evt_type, uint8_t primary_phy,
1992 uint8_t secondary_phy,
1993 uint8_t advertising_sid, int8_t tx_power,
1994 int8_t rssi, uint16_t periodic_adv_int,
1995 std::vector<uint8_t> const& data) {
1996 tBTM_INQ_RESULTS* p_cur = &p_i->inq_info.results;
1997 uint8_t len;
1998
1999 /* Save the info */
2000 p_cur->inq_result_type |= BT_DEVICE_TYPE_BLE;
2001 p_cur->ble_addr_type = static_cast<tBLE_ADDR_TYPE>(addr_type);
2002 p_cur->rssi = rssi;
2003 p_cur->ble_primary_phy = primary_phy;
2004 p_cur->ble_secondary_phy = secondary_phy;
2005 p_cur->ble_advertising_sid = advertising_sid;
2006 p_cur->ble_tx_power = tx_power;
2007 p_cur->ble_periodic_adv_int = periodic_adv_int;
2008
2009 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI &&
2010 ble_evt_type_is_scannable(evt_type) &&
2011 !ble_evt_type_is_scan_resp(evt_type)) {
2012 p_i->scan_rsp = false;
2013 } else
2014 p_i->scan_rsp = true;
2015
2016 if (p_i->inq_count != btm_cb.btm_inq_vars.inq_counter)
2017 p_cur->device_type = BT_DEVICE_TYPE_BLE;
2018 else
2019 p_cur->device_type |= BT_DEVICE_TYPE_BLE;
2020
2021 if (evt_type != BTM_BLE_SCAN_RSP_EVT) p_cur->ble_evt_type = evt_type;
2022
2023 p_i->inq_count =
2024 btm_cb.btm_inq_vars.inq_counter; /* Mark entry for current inquiry */
2025
2026 bool has_advertising_flags = false;
2027 if (!data.empty()) {
2028 uint8_t local_flag = 0;
2029 const uint8_t* p_flag =
2030 AdvertiseDataParser::GetFieldByType(data, BTM_BLE_AD_TYPE_FLAG, &len);
2031 if (p_flag != NULL && len != 0) {
2032 has_advertising_flags = true;
2033 p_cur->flag = *p_flag;
2034 local_flag = *p_flag;
2035 }
2036
2037 p_cur->dev_class = btm_ble_get_appearance_as_cod(data);
2038
2039 const uint8_t* p_rsi =
2040 AdvertiseDataParser::GetFieldByType(data, BTM_BLE_AD_TYPE_RSI, &len);
2041 if (p_rsi != nullptr && len == 6) {
2042 STREAM_TO_BDADDR(p_cur->ble_ad_rsi, p_rsi);
2043 }
2044
2045 const uint8_t* p_service_data = data.data();
2046 uint8_t service_data_len = 0;
2047
2048 while ((p_service_data = AdvertiseDataParser::GetFieldByType(
2049 p_service_data + service_data_len,
2050 data.size() - (p_service_data - data.data()) - service_data_len,
2051 BTM_BLE_AD_TYPE_SERVICE_DATA_TYPE, &service_data_len))) {
2052 uint16_t uuid;
2053 const uint8_t* p_uuid = p_service_data;
2054 if (service_data_len < 2) {
2055 continue;
2056 }
2057 STREAM_TO_UINT16(uuid, p_uuid);
2058
2059 if (uuid == 0x184E /* Audio Stream Control service */ ||
2060 uuid == 0x184F /* Broadcast Audio Scan service */ ||
2061 uuid == 0x1850 /* Published Audio Capabilities service */ ||
2062 uuid == 0x1853 /* Common Audio service */) {
2063 p_cur->ble_ad_is_le_audio_capable = true;
2064 break;
2065 }
2066 }
2067 if (com::android::bluetooth::flags::ensure_valid_adv_flag()) {
2068 // Non-connectable packets may omit flags entirely, in which case nothing
2069 // should be assumed about their values (CSSv10, 1.3.1). Thus, do not
2070 // interpret the device type unless this packet has the flags set or is
2071 // connectable.
2072 if (ble_evt_type_is_connectable(evt_type) && !has_advertising_flags) {
2073 // Assume that all-zero flags were received
2074 has_advertising_flags = true;
2075 local_flag = 0;
2076 }
2077 if (has_advertising_flags && (local_flag & BTM_BLE_BREDR_NOT_SPT) == 0) {
2078 if (p_cur->ble_addr_type != BLE_ADDR_RANDOM) {
2079 log::verbose("NOT_BR_EDR support bit not set, treat device as DUMO");
2080 p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
2081 } else {
2082 log::verbose("Random address, treat device as LE only");
2083 }
2084 } else {
2085 log::verbose("NOT_BR/EDR support bit set, treat device as LE only");
2086 }
2087 }
2088 }
2089
2090 if (!com::android::bluetooth::flags::ensure_valid_adv_flag()) {
2091 // Non-connectable packets may omit flags entirely, in which case nothing
2092 // should be assumed about their values (CSSv10, 1.3.1). Thus, do not
2093 // interpret the device type unless this packet has the flags set or is
2094 // connectable.
2095 bool should_process_flags =
2096 has_advertising_flags || ble_evt_type_is_connectable(evt_type);
2097 if (should_process_flags && (p_cur->flag & BTM_BLE_BREDR_NOT_SPT) == 0 &&
2098 !ble_evt_type_is_directed(evt_type)) {
2099 if (p_cur->ble_addr_type != BLE_ADDR_RANDOM) {
2100 log::verbose("NOT_BR_EDR support bit not set, treat device as DUMO");
2101 p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
2102 } else {
2103 log::verbose("Random address, treat device as LE only");
2104 }
2105 } else {
2106 log::verbose("NOT_BR/EDR support bit set, treat device as LE only");
2107 }
2108 }
2109 }
2110
btm_ble_process_adv_addr(RawAddress & bda,tBLE_ADDR_TYPE * addr_type)2111 void btm_ble_process_adv_addr(RawAddress& bda, tBLE_ADDR_TYPE* addr_type) {
2112 /* map address to security record */
2113 bool match = btm_identity_addr_to_random_pseudo(&bda, addr_type, false);
2114
2115 log::verbose("bda={}", bda);
2116 /* always do RRA resolution on host */
2117 if (!match && BTM_BLE_IS_RESOLVE_BDA(bda)) {
2118 tBTM_SEC_DEV_REC* match_rec = btm_ble_resolve_random_addr(bda);
2119 if (match_rec) {
2120 match_rec->ble.active_addr_type = BTM_BLE_ADDR_RRA;
2121 match_rec->ble.cur_rand_addr = bda;
2122
2123 if (btm_ble_init_pseudo_addr(match_rec, bda)) {
2124 bda = match_rec->bd_addr;
2125 } else {
2126 // Assign the original address to be the current report address
2127 bda = match_rec->ble.pseudo_addr;
2128 *addr_type = match_rec->ble.AddressType();
2129 }
2130 }
2131 }
2132 }
2133
2134 /**
2135 * This function is called after random address resolution is done, and proceed
2136 * to process adv packet.
2137 */
btm_ble_process_adv_pkt_cont(uint16_t evt_type,tBLE_ADDR_TYPE addr_type,const RawAddress & bda,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,uint8_t data_len,const uint8_t * data,const RawAddress & original_bda)2138 void btm_ble_process_adv_pkt_cont(uint16_t evt_type, tBLE_ADDR_TYPE addr_type,
2139 const RawAddress& bda, uint8_t primary_phy,
2140 uint8_t secondary_phy,
2141 uint8_t advertising_sid, int8_t tx_power,
2142 int8_t rssi, uint16_t periodic_adv_int,
2143 uint8_t data_len, const uint8_t* data,
2144 const RawAddress& original_bda) {
2145 bool update = true;
2146
2147 std::vector<uint8_t> tmp;
2148 if (data_len != 0) tmp.insert(tmp.begin(), data, data + data_len);
2149
2150 bool is_scannable = ble_evt_type_is_scannable(evt_type);
2151 bool is_scan_resp = ble_evt_type_is_scan_resp(evt_type);
2152 bool is_legacy = ble_evt_type_is_legacy(evt_type);
2153
2154 // We might receive a legacy scan response without receving a ADV_IND
2155 // or ADV_SCAN_IND before. Only parsing the scan response data which
2156 // has no ad flag, the device will be set to DUMO mode. The createbond
2157 // procedure will use the wrong device mode.
2158 // In such case no necessary to report scan response
2159 if (is_legacy && is_scan_resp && !cache.Exist(addr_type, bda)) return;
2160
2161 bool is_start = is_legacy && is_scannable && !is_scan_resp;
2162
2163 if (is_legacy) AdvertiseDataParser::RemoveTrailingZeros(tmp);
2164
2165 // We might have send scan request to this device before, but didn't get the
2166 // response. In such case make sure data is put at start, not appended to
2167 // already existing data.
2168 std::vector<uint8_t> const& adv_data =
2169 is_start ? cache.Set(addr_type, bda, std::move(tmp))
2170 : cache.Append(addr_type, bda, std::move(tmp));
2171
2172 bool data_complete = (ble_evt_type_data_status(evt_type) != 0x01);
2173
2174 if (!data_complete) {
2175 // If we didn't receive whole adv data yet, don't report the device.
2176 log::verbose("Data not complete yet, waiting for more {}", bda);
2177 return;
2178 }
2179
2180 bool is_active_scan =
2181 btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI;
2182 if (is_active_scan && is_scannable && !is_scan_resp) {
2183 // If we didn't receive scan response yet, don't report the device.
2184 log::verbose("Waiting for scan response {}", bda);
2185 return;
2186 }
2187
2188 if (!AdvertiseDataParser::IsValid(adv_data)) {
2189 log::verbose("Dropping bad advertisement packet: {}",
2190 base::HexEncode(adv_data.data(), adv_data.size()));
2191 cache.Clear(addr_type, bda);
2192 return;
2193 }
2194
2195 bool include_rsi = false;
2196 uint8_t len;
2197 if (AdvertiseDataParser::GetFieldByType(adv_data, BTM_BLE_AD_TYPE_RSI,
2198 &len)) {
2199 include_rsi = true;
2200 }
2201
2202 tINQ_DB_ENT* p_i = btm_inq_db_find(bda);
2203
2204 /* Check if this address has already been processed for this inquiry */
2205 if (btm_inq_find_bdaddr(bda)) {
2206 /* never been report as an LE device */
2207 if (p_i && (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2208 /* scan response to be updated */
2209 (!p_i->scan_rsp) ||
2210 (!p_i->inq_info.results.include_rsi && include_rsi))) {
2211 update = true;
2212 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
2213 update = false;
2214 } else {
2215 /* if yes, skip it */
2216 cache.Clear(addr_type, bda);
2217 return; /* assumption: one result per event */
2218 }
2219 }
2220 /* If existing entry, use that, else get a new one (possibly reusing the
2221 * oldest) */
2222 if (p_i == NULL) {
2223 p_i = btm_inq_db_new(bda, true);
2224 if (p_i != NULL) {
2225 btm_cb.btm_inq_vars.inq_cmpl_info.num_resp++;
2226 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2227 } else
2228 return;
2229 } else if (p_i->inq_count !=
2230 btm_cb.btm_inq_vars
2231 .inq_counter) /* first time seen in this inquiry */
2232 {
2233 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2234 btm_cb.btm_inq_vars.inq_cmpl_info.num_resp++;
2235 }
2236
2237 /* update the LE device information in inquiry database */
2238 btm_ble_update_inq_result(p_i, addr_type, bda, evt_type, primary_phy,
2239 secondary_phy, advertising_sid, tx_power, rssi,
2240 periodic_adv_int, adv_data);
2241
2242 if (include_rsi) {
2243 (&p_i->inq_info.results)->include_rsi = true;
2244 }
2245
2246 tBTM_INQ_RESULTS_CB* p_opportunistic_obs_results_cb =
2247 btm_cb.ble_ctr_cb.p_opportunistic_obs_results_cb;
2248 if (p_opportunistic_obs_results_cb) {
2249 (p_opportunistic_obs_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2250 const_cast<uint8_t*>(adv_data.data()),
2251 adv_data.size());
2252 }
2253
2254 tBTM_INQ_RESULTS_CB* p_target_announcement_obs_results_cb =
2255 btm_cb.ble_ctr_cb.p_target_announcement_obs_results_cb;
2256 if (p_target_announcement_obs_results_cb) {
2257 (p_target_announcement_obs_results_cb)(
2258 (tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2259 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
2260 }
2261
2262 uint8_t result = btm_ble_is_discoverable(bda, adv_data);
2263 if (result == 0) {
2264 // Device no longer discoverable so discard outstanding advertising packet
2265 cache.Clear(addr_type, bda);
2266 return;
2267 }
2268
2269 if (!update) result &= ~BTM_BLE_INQ_RESULT;
2270
2271 tBTM_INQ_RESULTS_CB* p_inq_results_cb = btm_cb.btm_inq_vars.p_inq_results_cb;
2272 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT)) {
2273 (p_inq_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2274 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
2275 }
2276
2277 // Pass address up to GattService#onScanResult
2278 p_i->inq_info.results.original_bda = original_bda;
2279
2280 tBTM_INQ_RESULTS_CB* p_obs_results_cb = btm_cb.ble_ctr_cb.p_obs_results_cb;
2281 if (p_obs_results_cb && (result & BTM_BLE_OBS_RESULT)) {
2282 (p_obs_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2283 const_cast<uint8_t*>(adv_data.data()), adv_data.size());
2284 }
2285
2286 cache.Clear(addr_type, bda);
2287 }
2288
2289 /**
2290 * This function copy from btm_ble_process_adv_pkt_cont to process adv packet
2291 * from gd scanning module to handle inquiry result callback.
2292 */
btm_ble_process_adv_pkt_cont_for_inquiry(uint16_t evt_type,tBLE_ADDR_TYPE addr_type,const RawAddress & bda,uint8_t primary_phy,uint8_t secondary_phy,uint8_t advertising_sid,int8_t tx_power,int8_t rssi,uint16_t periodic_adv_int,std::vector<uint8_t> advertising_data)2293 void btm_ble_process_adv_pkt_cont_for_inquiry(
2294 uint16_t evt_type, tBLE_ADDR_TYPE addr_type, const RawAddress& bda,
2295 uint8_t primary_phy, uint8_t secondary_phy, uint8_t advertising_sid,
2296 int8_t tx_power, int8_t rssi, uint16_t periodic_adv_int,
2297 std::vector<uint8_t> advertising_data) {
2298 bool update = true;
2299
2300 bool include_rsi = false;
2301 uint8_t len;
2302 if (AdvertiseDataParser::GetFieldByType(advertising_data, BTM_BLE_AD_TYPE_RSI,
2303 &len)) {
2304 include_rsi = true;
2305 }
2306
2307 const uint8_t* p_flag = AdvertiseDataParser::GetFieldByType(
2308 advertising_data, BTM_BLE_AD_TYPE_FLAG, &len);
2309
2310 tINQ_DB_ENT* p_i = btm_inq_db_find(bda);
2311
2312 /* Check if this address has already been processed for this inquiry */
2313 if (btm_inq_find_bdaddr(bda)) {
2314 /* never been report as an LE device */
2315 if (p_i && (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2316 /* scan response to be updated */
2317 (!p_i->scan_rsp) ||
2318 (!p_i->inq_info.results.include_rsi && include_rsi) ||
2319 (com::android::bluetooth::flags::
2320 update_inquiry_result_on_flag_change() &&
2321 !p_i->inq_info.results.flag && p_flag && *p_flag))) {
2322 update = true;
2323 } else if (btm_cb.ble_ctr_cb.is_ble_observe_active()) {
2324 btm_cb.neighbor.le_observe.results++;
2325 update = false;
2326 } else {
2327 /* if yes, skip it */
2328 return; /* assumption: one result per event */
2329 }
2330 }
2331
2332 /* If existing entry, use that, else get a new one (possibly reusing the
2333 * oldest) */
2334 if (p_i == NULL) {
2335 p_i = btm_inq_db_new(bda, true);
2336 if (p_i != NULL) {
2337 btm_cb.btm_inq_vars.inq_cmpl_info.num_resp++;
2338 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2339 btm_cb.neighbor.le_inquiry.results++;
2340 btm_cb.neighbor.le_legacy_scan.results++;
2341 } else {
2342 log::warn("Unable to allocate entry for inquiry result");
2343 return;
2344 }
2345 } else if (p_i->inq_count !=
2346 btm_cb.btm_inq_vars
2347 .inq_counter) /* first time seen in this inquiry */
2348 {
2349 p_i->time_of_resp = bluetooth::common::time_get_os_boottime_ms();
2350 btm_cb.btm_inq_vars.inq_cmpl_info.num_resp++;
2351 }
2352
2353 /* update the LE device information in inquiry database */
2354 btm_ble_update_inq_result(p_i, addr_type, bda, evt_type, primary_phy,
2355 secondary_phy, advertising_sid, tx_power, rssi,
2356 periodic_adv_int, advertising_data);
2357
2358 if (include_rsi) {
2359 (&p_i->inq_info.results)->include_rsi = true;
2360 }
2361
2362 tBTM_INQ_RESULTS_CB* p_opportunistic_obs_results_cb =
2363 btm_cb.ble_ctr_cb.p_opportunistic_obs_results_cb;
2364 if (p_opportunistic_obs_results_cb) {
2365 (p_opportunistic_obs_results_cb)(
2366 (tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2367 const_cast<uint8_t*>(advertising_data.data()), advertising_data.size());
2368 }
2369
2370 tBTM_INQ_RESULTS_CB* p_target_announcement_obs_results_cb =
2371 btm_cb.ble_ctr_cb.p_target_announcement_obs_results_cb;
2372 if (p_target_announcement_obs_results_cb) {
2373 (p_target_announcement_obs_results_cb)(
2374 (tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2375 const_cast<uint8_t*>(advertising_data.data()), advertising_data.size());
2376 }
2377
2378 uint8_t result = btm_ble_is_discoverable(bda, advertising_data);
2379 if (result == 0) {
2380 return;
2381 }
2382
2383 if (!update) result &= ~BTM_BLE_INQ_RESULT;
2384
2385 tBTM_INQ_RESULTS_CB* p_inq_results_cb = btm_cb.btm_inq_vars.p_inq_results_cb;
2386 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT)) {
2387 (p_inq_results_cb)((tBTM_INQ_RESULTS*)&p_i->inq_info.results,
2388 const_cast<uint8_t*>(advertising_data.data()),
2389 advertising_data.size());
2390 }
2391 }
2392
2393 /*******************************************************************************
2394 *
2395 * Function btm_ble_start_scan
2396 *
2397 * Description Start the BLE scan.
2398 *
2399 * Returns void
2400 *
2401 ******************************************************************************/
btm_ble_start_scan()2402 static void btm_ble_start_scan() {
2403 btm_cb.neighbor.le_legacy_scan = {
2404 .start_time_ms = timestamper_in_milliseconds.GetTimestamp(),
2405 .results = 0,
2406 };
2407 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Le legacy scan started",
2408 "Duplicates:disable");
2409
2410 /* start scan, disable duplicate filtering */
2411 btm_send_hci_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
2412
2413 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI)
2414 btm_ble_set_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2415 else
2416 btm_ble_set_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2417 }
2418
2419 /*******************************************************************************
2420 *
2421 * Function btm_ble_stop_scan
2422 *
2423 * Description Stop the BLE scan.
2424 *
2425 * Returns void
2426 *
2427 ******************************************************************************/
btm_ble_stop_scan(void)2428 static void btm_ble_stop_scan(void) {
2429 if (btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI)
2430 btm_ble_clear_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2431 else
2432 btm_ble_clear_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2433
2434 /* Clear the inquiry callback if set */
2435 btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2436
2437 /* stop discovery now */
2438 const unsigned long long duration_timestamp =
2439 timestamper_in_milliseconds.GetTimestamp() -
2440 btm_cb.neighbor.le_legacy_scan.start_time_ms;
2441 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Le legacy scan stopped",
2442 base::StringPrintf("duration_s:%6.3f results:%-3lu",
2443 (double)duration_timestamp / 1000.0,
2444 btm_cb.neighbor.le_legacy_scan.results));
2445 btm_send_hci_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2446
2447 btm_update_scanner_filter_policy(SP_ADV_ALL);
2448 }
2449 /*******************************************************************************
2450 *
2451 * Function btm_ble_stop_inquiry
2452 *
2453 * Description Stop the BLE Inquiry.
2454 *
2455 * Returns void
2456 *
2457 ******************************************************************************/
btm_ble_stop_inquiry(void)2458 void btm_ble_stop_inquiry(void) {
2459 alarm_cancel(btm_cb.ble_ctr_cb.inq_var.inquiry_timer);
2460
2461 const unsigned long long duration_timestamp =
2462 timestamper_in_milliseconds.GetTimestamp() -
2463 btm_cb.neighbor.le_inquiry.start_time_ms;
2464 BTM_LogHistory(kBtmLogTag, RawAddress::kEmpty, "Le inquiry stopped",
2465 base::StringPrintf("duration_s:%6.3f results:%-3lu",
2466 (double)duration_timestamp / 1000.0,
2467 btm_cb.neighbor.le_inquiry.results));
2468 btm_cb.ble_ctr_cb.reset_ble_inquiry();
2469
2470 /* Cleanup anything remaining on index 0 */
2471 BTM_BleAdvFilterParamSetup(BTM_BLE_SCAN_COND_DELETE,
2472 static_cast<tBTM_BLE_PF_FILT_INDEX>(0), nullptr,
2473 base::Bind(btm_ble_scan_filt_param_cfg_evt));
2474
2475 /* If no more scan activity, stop LE scan now */
2476 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) {
2477 btm_ble_stop_scan();
2478 } else if (get_low_latency_scan_params() !=
2479 std::pair(btm_cb.ble_ctr_cb.inq_var.scan_interval,
2480 btm_cb.ble_ctr_cb.inq_var.scan_window)) {
2481 log::verbose("setting default params for ongoing observe");
2482 btm_ble_stop_scan();
2483 btm_ble_start_scan();
2484 }
2485
2486 /* If we have a callback registered for inquiry complete, call it */
2487 log::verbose("BTM Inq Compl Callback: status 0x{:02x}, num results {}",
2488 btm_cb.btm_inq_vars.inq_cmpl_info.status,
2489 btm_cb.btm_inq_vars.inq_cmpl_info.num_resp);
2490
2491 // TODO: remove this call and make btm_process_inq_complete static
2492 btm_process_inq_complete(
2493 HCI_SUCCESS,
2494 (uint8_t)(btm_cb.btm_inq_vars.inqparms.mode & BTM_BLE_GENERAL_INQUIRY));
2495 }
2496
2497 /*******************************************************************************
2498 *
2499 * Function btm_ble_stop_observe
2500 *
2501 * Description Stop the BLE Observe.
2502 *
2503 * Returns void
2504 *
2505 ******************************************************************************/
btm_ble_stop_observe(void)2506 static void btm_ble_stop_observe(void) {
2507 tBTM_CMPL_CB* p_obs_cb = btm_cb.ble_ctr_cb.p_obs_cmpl_cb;
2508
2509 alarm_cancel(btm_cb.ble_ctr_cb.observer_timer);
2510
2511 btm_cb.ble_ctr_cb.reset_ble_observe();
2512
2513 btm_cb.ble_ctr_cb.p_obs_results_cb = NULL;
2514 btm_cb.ble_ctr_cb.p_obs_cmpl_cb = NULL;
2515
2516 if (!btm_cb.ble_ctr_cb.is_ble_scan_active()) {
2517 btm_ble_stop_scan();
2518 }
2519
2520 if (p_obs_cb) (p_obs_cb)(&btm_cb.btm_inq_vars.inq_cmpl_info);
2521 }
2522 /*******************************************************************************
2523 *
2524 * Function btm_ble_adv_states_operation
2525 *
2526 * Description Set or clear adv states in topology mask
2527 *
2528 * Returns operation status. true if sucessful, false otherwise.
2529 *
2530 ******************************************************************************/
2531 typedef bool(BTM_TOPOLOGY_FUNC_PTR)(tBTM_BLE_STATE_MASK);
btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR * p_handler,uint8_t adv_evt)2532 static bool btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR* p_handler,
2533 uint8_t adv_evt) {
2534 bool rt = false;
2535
2536 switch (adv_evt) {
2537 case BTM_BLE_CONNECT_EVT:
2538 rt = (*p_handler)(BTM_BLE_STATE_CONN_ADV_BIT);
2539 break;
2540
2541 case BTM_BLE_NON_CONNECT_EVT:
2542 rt = (*p_handler)(BTM_BLE_STATE_NON_CONN_ADV_BIT);
2543 break;
2544 case BTM_BLE_CONNECT_DIR_EVT:
2545 rt = (*p_handler)(BTM_BLE_STATE_HI_DUTY_DIR_ADV_BIT);
2546 break;
2547
2548 case BTM_BLE_DISCOVER_EVT:
2549 rt = (*p_handler)(BTM_BLE_STATE_SCAN_ADV_BIT);
2550 break;
2551
2552 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
2553 rt = (*p_handler)(BTM_BLE_STATE_LO_DUTY_DIR_ADV_BIT);
2554 break;
2555
2556 default:
2557 log::error("unknown adv event : {}", adv_evt);
2558 break;
2559 }
2560
2561 return rt;
2562 }
2563
2564 /*******************************************************************************
2565 *
2566 * Function btm_ble_start_adv
2567 *
2568 * Description start the BLE advertising.
2569 *
2570 * Returns void
2571 *
2572 ******************************************************************************/
btm_ble_start_adv(void)2573 static tBTM_STATUS btm_ble_start_adv(void) {
2574 if (!btm_ble_adv_states_operation(btm_ble_topology_check,
2575 btm_cb.ble_ctr_cb.inq_var.evt_type))
2576 return BTM_WRONG_MODE;
2577
2578 btsnd_hcic_ble_set_adv_enable(BTM_BLE_ADV_ENABLE);
2579 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_ENABLE;
2580 btm_ble_adv_states_operation(btm_ble_set_topology_mask,
2581 btm_cb.ble_ctr_cb.inq_var.evt_type);
2582 power_telemetry::GetInstance().LogBleAdvStarted();
2583
2584 return BTM_SUCCESS;
2585 }
2586
2587 /*******************************************************************************
2588 *
2589 * Function btm_ble_stop_adv
2590 *
2591 * Description Stop the BLE advertising.
2592 *
2593 * Returns void
2594 *
2595 ******************************************************************************/
btm_ble_stop_adv(void)2596 static tBTM_STATUS btm_ble_stop_adv(void) {
2597 if (btm_cb.ble_ctr_cb.inq_var.adv_mode == BTM_BLE_ADV_ENABLE) {
2598 btsnd_hcic_ble_set_adv_enable(BTM_BLE_ADV_DISABLE);
2599
2600 btm_cb.ble_ctr_cb.inq_var.fast_adv_on = false;
2601 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2602 /* clear all adv states */
2603 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2604 power_telemetry::GetInstance().LogBleAdvStopped();
2605 }
2606 return BTM_SUCCESS;
2607 }
2608
btm_ble_fast_adv_timer_timeout(void *)2609 static void btm_ble_fast_adv_timer_timeout(void* /* data */) {
2610 /* fast adv is completed, fall back to slow adv interval */
2611 btm_ble_start_slow_adv();
2612 }
2613
2614 /*******************************************************************************
2615 *
2616 * Function btm_ble_start_slow_adv
2617 *
2618 * Description Restart adv with slow adv interval
2619 *
2620 * Returns void
2621 *
2622 ******************************************************************************/
btm_ble_start_slow_adv(void)2623 static void btm_ble_start_slow_adv(void) {
2624 if (btm_cb.ble_ctr_cb.inq_var.adv_mode == BTM_BLE_ADV_ENABLE) {
2625 tBTM_LE_RANDOM_CB* p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
2626 RawAddress address = RawAddress::kEmpty;
2627 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
2628 tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
2629
2630 btm_ble_stop_adv();
2631
2632 btm_cb.ble_ctr_cb.inq_var.evt_type = btm_set_conn_mode_adv_init_addr(
2633 address, &init_addr_type, &own_addr_type);
2634
2635 /* slow adv mode never goes into directed adv */
2636 btsnd_hcic_ble_write_adv_params(
2637 BTM_BLE_GAP_ADV_SLOW_INT, BTM_BLE_GAP_ADV_SLOW_INT,
2638 btm_cb.ble_ctr_cb.inq_var.evt_type, own_addr_type, init_addr_type,
2639 address, btm_cb.ble_ctr_cb.inq_var.adv_chnl_map,
2640 btm_cb.ble_ctr_cb.inq_var.afp);
2641
2642 btm_ble_start_adv();
2643 }
2644 }
2645
btm_ble_inquiry_timer_gap_limited_discovery_timeout(void *)2646 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(
2647 void* /* data */) {
2648 /* lim_timeout expired, limited discovery should exit now */
2649 btm_cb.btm_inq_vars.discoverable_mode &= ~BTM_BLE_LIMITED_DISCOVERABLE;
2650 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode,
2651 btm_cb.btm_inq_vars.discoverable_mode);
2652 }
2653
btm_ble_inquiry_timer_timeout(void *)2654 static void btm_ble_inquiry_timer_timeout(void* /* data */) {
2655 btm_ble_stop_inquiry();
2656 }
2657
btm_ble_observer_timer_timeout(void *)2658 static void btm_ble_observer_timer_timeout(void* /* data */) {
2659 btm_ble_stop_observe();
2660 }
2661
2662 /*******************************************************************************
2663 *
2664 * Function btm_ble_read_remote_features_complete
2665 *
2666 * Description This function is called when the command complete message
2667 * is received from the HCI for the read LE remote feature
2668 * supported complete event.
2669 *
2670 * Returns void
2671 *
2672 ******************************************************************************/
btm_ble_read_remote_features_complete(uint8_t * p,uint8_t length)2673 void btm_ble_read_remote_features_complete(uint8_t* p, uint8_t length) {
2674 uint16_t handle;
2675 uint8_t status;
2676
2677 if (length < 3) {
2678 goto err_out;
2679 }
2680
2681 STREAM_TO_UINT8(status, p);
2682 STREAM_TO_UINT16(handle, p);
2683 handle = handle & 0x0FFF; // only 12 bits meaningful
2684
2685 if (status != HCI_SUCCESS) {
2686 if (status != HCI_ERR_UNSUPPORTED_REM_FEATURE) {
2687 log::error("Failed to read remote features status:{}",
2688 hci_error_code_text(static_cast<tHCI_STATUS>(status)));
2689 return;
2690 }
2691 log::warn("Remote does not support reading remote feature");
2692 }
2693
2694 if (status == HCI_SUCCESS) {
2695 // BD_FEATURES_LEN additional bytes are read
2696 // in acl_set_peer_le_features_from_handle
2697 if (length < 3 + BD_FEATURES_LEN) {
2698 goto err_out;
2699 }
2700
2701 if (!acl_set_peer_le_features_from_handle(handle, p)) {
2702 log::error(
2703 "Unable to find existing connection after read remote features");
2704 return;
2705 }
2706 }
2707
2708 btsnd_hcic_rmt_ver_req(handle);
2709
2710 return;
2711
2712 err_out:
2713 log::error("Bogus event packet, too short");
2714 }
2715
2716 /*******************************************************************************
2717 *
2718 * Function btm_ble_write_adv_enable_complete
2719 *
2720 * Description This function process the write adv enable command complete.
2721 *
2722 * Returns void
2723 *
2724 ******************************************************************************/
btm_ble_write_adv_enable_complete(uint8_t * p,uint16_t evt_len)2725 void btm_ble_write_adv_enable_complete(uint8_t* p, uint16_t evt_len) {
2726 /* if write adv enable/disbale not succeed */
2727 if (evt_len < 1 || *p != HCI_SUCCESS) {
2728 /* toggle back the adv mode */
2729 btm_cb.ble_ctr_cb.inq_var.adv_mode = !btm_cb.ble_ctr_cb.inq_var.adv_mode;
2730 }
2731 }
2732
2733 /*******************************************************************************
2734 *
2735 * Function btm_ble_set_topology_mask
2736 *
2737 * Description set BLE topology mask
2738 *
2739 * Returns true is request is allowed, false otherwise.
2740 *
2741 ******************************************************************************/
btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)2742 bool btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask) {
2743 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
2744 btm_cb.ble_ctr_cb.cur_states |= (request_state_mask & BTM_BLE_STATE_ALL_MASK);
2745 return true;
2746 }
2747
2748 /*******************************************************************************
2749 *
2750 * Function btm_ble_clear_topology_mask
2751 *
2752 * Description Clear BLE topology bit mask
2753 *
2754 * Returns true is request is allowed, false otherwise.
2755 *
2756 ******************************************************************************/
btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)2757 bool btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask) {
2758 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
2759 btm_cb.ble_ctr_cb.cur_states &= ~request_state_mask;
2760 return true;
2761 }
2762
2763 /*******************************************************************************
2764 *
2765 * Function btm_ble_update_link_topology_mask
2766 *
2767 * Description This function update the link topology mask
2768 *
2769 * Returns void
2770 *
2771 ******************************************************************************/
btm_ble_update_link_topology_mask(uint8_t link_role,bool increase)2772 static void btm_ble_update_link_topology_mask(uint8_t link_role,
2773 bool increase) {
2774 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_CONN_MASK);
2775
2776 if (increase)
2777 btm_cb.ble_ctr_cb.link_count[link_role]++;
2778 else if (btm_cb.ble_ctr_cb.link_count[link_role] > 0)
2779 btm_cb.ble_ctr_cb.link_count[link_role]--;
2780
2781 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_CENTRAL])
2782 btm_ble_set_topology_mask(BTM_BLE_STATE_CENTRAL_BIT);
2783
2784 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_PERIPHERAL])
2785 btm_ble_set_topology_mask(BTM_BLE_STATE_PERIPHERAL_BIT);
2786
2787 if (link_role == HCI_ROLE_PERIPHERAL && increase) {
2788 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2789 /* make device fall back into undirected adv mode by default */
2790 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2791 /* clear all adv states */
2792 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2793 }
2794 }
2795
btm_ble_increment_link_topology_mask(uint8_t link_role)2796 void btm_ble_increment_link_topology_mask(uint8_t link_role) {
2797 btm_ble_update_link_topology_mask(link_role, true);
2798 }
2799
btm_ble_decrement_link_topology_mask(uint8_t link_role)2800 void btm_ble_decrement_link_topology_mask(uint8_t link_role) {
2801 btm_ble_update_link_topology_mask(link_role, false);
2802 }
2803
2804 /*******************************************************************************
2805 *
2806 * Function btm_ble_update_mode_operation
2807 *
2808 * Description This function update the GAP role operation when a link
2809 * status is updated.
2810 *
2811 * Returns void
2812 *
2813 ******************************************************************************/
btm_ble_update_mode_operation(uint8_t,const RawAddress *,tHCI_STATUS status)2814 void btm_ble_update_mode_operation(uint8_t /* link_role */,
2815 const RawAddress* /* bd_addr */,
2816 tHCI_STATUS status) {
2817 if (status == HCI_ERR_ADVERTISING_TIMEOUT) {
2818 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2819 /* make device fall back into undirected adv mode by default */
2820 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_ADV_IND_EVT;
2821 /* clear all adv states */
2822 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
2823 }
2824
2825 if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_CONNECTABLE) {
2826 btm_ble_set_connectability(btm_cb.btm_inq_vars.connectable_mode |
2827 btm_cb.ble_ctr_cb.inq_var.connectable_mode);
2828 }
2829 }
2830
2831 /*******************************************************************************
2832 *
2833 * Function btm_ble_init
2834 *
2835 * Description Initialize the control block variable values.
2836 *
2837 * Returns void
2838 *
2839 ******************************************************************************/
btm_ble_init(void)2840 void btm_ble_init(void) {
2841 log::verbose("");
2842
2843 alarm_free(btm_cb.ble_ctr_cb.observer_timer);
2844 alarm_free(btm_cb.ble_ctr_cb.inq_var.fast_adv_timer);
2845 memset(&btm_cb.ble_ctr_cb, 0, sizeof(tBTM_BLE_CB));
2846 memset(&(btm_cb.cmn_ble_vsc_cb), 0, sizeof(tBTM_BLE_VSC_CB));
2847 btm_cb.cmn_ble_vsc_cb.values_read = false;
2848
2849 btm_cb.ble_ctr_cb.observer_timer = alarm_new("btm_ble.observer_timer");
2850 btm_cb.ble_ctr_cb.cur_states = 0;
2851
2852 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
2853 btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2854 btm_cb.ble_ctr_cb.inq_var.adv_chnl_map = BTM_BLE_DEFAULT_ADV_CHNL_MAP;
2855 btm_cb.ble_ctr_cb.inq_var.afp = BTM_BLE_DEFAULT_AFP;
2856 btm_cb.ble_ctr_cb.inq_var.sfp = BTM_BLE_DEFAULT_SFP;
2857 btm_cb.ble_ctr_cb.inq_var.connectable_mode = BTM_BLE_NON_CONNECTABLE;
2858 btm_cb.ble_ctr_cb.inq_var.discoverable_mode = BTM_BLE_NON_DISCOVERABLE;
2859 btm_cb.ble_ctr_cb.inq_var.fast_adv_timer =
2860 alarm_new("btm_ble_inq.fast_adv_timer");
2861 btm_cb.ble_ctr_cb.inq_var.inquiry_timer =
2862 alarm_new("btm_ble_inq.inquiry_timer");
2863
2864 btm_cb.ble_ctr_cb.inq_var.evt_type = BTM_BLE_NON_CONNECT_EVT;
2865
2866 btm_cb.ble_ctr_cb.addr_mgnt_cb.refresh_raddr_timer =
2867 alarm_new("btm_ble_addr.refresh_raddr_timer");
2868 btm_ble_pa_sync_cb = {};
2869 sync_timeout_alarm = alarm_new("btm.sync_start_task");
2870 if (!ble_vnd_is_included()) {
2871 btm_ble_adv_filter_init();
2872 }
2873 }
2874
2875 // Clean up btm ble control block
btm_ble_free()2876 void btm_ble_free() {
2877 alarm_free(btm_cb.ble_ctr_cb.addr_mgnt_cb.refresh_raddr_timer);
2878 }
2879
2880 /*******************************************************************************
2881 *
2882 * Function btm_ble_topology_check
2883 *
2884 * Description check to see requested state is supported. One state check
2885 * at a time is supported
2886 *
2887 * Returns true is request is allowed, false otherwise.
2888 *
2889 ******************************************************************************/
btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)2890 bool btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask) {
2891 bool rt = false;
2892
2893 uint8_t state_offset = 0;
2894 uint16_t cur_states = btm_cb.ble_ctr_cb.cur_states;
2895 uint8_t request_state = 0;
2896
2897 /* check only one bit is set and within valid range */
2898 if (request_state_mask == BTM_BLE_STATE_INVALID ||
2899 request_state_mask > BTM_BLE_STATE_SCAN_ADV_BIT ||
2900 (request_state_mask & (request_state_mask - 1)) != 0) {
2901 log::error("illegal state requested: {}", request_state_mask);
2902 return rt;
2903 }
2904
2905 while (request_state_mask) {
2906 request_state_mask >>= 1;
2907 request_state++;
2908 }
2909
2910 /* check if the requested state is supported or not */
2911 uint8_t bit_num = btm_le_state_combo_tbl[0][request_state - 1];
2912 uint64_t ble_supported_states =
2913 bluetooth::shim::GetController()->GetLeSupportedStates();
2914
2915 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, bit_num)) {
2916 log::error("state requested not supported: {}", request_state);
2917 return rt;
2918 }
2919
2920 rt = true;
2921 /* make sure currently active states are all supported in conjunction with the
2922 requested state. If the bit in table is UNSUPPORTED, the combination is not
2923 supported */
2924 while (cur_states != 0) {
2925 if (cur_states & 0x01) {
2926 uint8_t bit_num = btm_le_state_combo_tbl[request_state][state_offset];
2927 if (bit_num != UNSUPPORTED) {
2928 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, bit_num)) {
2929 rt = false;
2930 break;
2931 }
2932 }
2933 }
2934 cur_states >>= 1;
2935 state_offset++;
2936 }
2937 return rt;
2938 }
2939