1 /******************************************************************************
2 *
3 * Copyright (C) 2003-2014 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the action functions for device manager state
22 * machine.
23 *
24 ******************************************************************************/
25
26 #include "bt_target.h"
27 #include "bt_types.h"
28 #include "gki.h"
29 #include "bta_sys.h"
30 #include "bta_api.h"
31 #include "bta_dm_int.h"
32 #include "bta_dm_co.h"
33 #include "btm_api.h"
34 #include "btm_int.h"
35 #include "btu.h"
36 #include "sdp_api.h"
37 #include "l2c_api.h"
38 #include "utl.h"
39 #include "gap_api.h" /* For GAP_BleReadPeerPrefConnParams */
40 #include <string.h>
41
42 #define LOG_TAG "bt_bta_dm"
43 #include "osi/include/log.h"
44
45 #if (GAP_INCLUDED == TRUE)
46 #include "gap_api.h"
47 #endif
48
49 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
50 static void bta_dm_inq_cmpl_cb (void * p_result);
51 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name);
52 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name);
53 static void bta_dm_find_services ( BD_ADDR bd_addr);
54 static void bta_dm_discover_next_device(void);
55 static void bta_dm_sdp_callback (UINT16 sdp_status);
56 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator);
57 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, BOOLEAN min_16_digit);
58 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, LINK_KEY key, UINT8 key_type);
59 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result);
60 static void bta_dm_local_name_cback(BD_ADDR bd_addr);
61 static BOOLEAN bta_dm_check_av(UINT16 event);
62 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data);
63
64
65 #if BLE_INCLUDED == TRUE
66 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc,
67 BD_NAME p_bdn, UINT8 *features,
68 BOOLEAN is_new, UINT16 handle,
69 tBT_TRANSPORT transport);
70 #else
71 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc,
72 BD_NAME p_bdn, UINT8 *features,
73 BOOLEAN is_new);
74 #endif
75
76
77 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
78
79 /* Extended Inquiry Response */
80 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data);
81
82 static void bta_dm_set_eir (char *local_name);
83
84 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
85 tBTA_SERVICE_MASK *p_services_to_search,
86 tBTA_SERVICE_MASK *p_services_found);
87
88 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle);
89 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle);
90 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
91 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch);
92 static char *bta_dm_get_remname(void);
93 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result);
94
95 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr,tBT_TRANSPORT transport);
96 static void bta_dm_discover_device(BD_ADDR remote_bd_addr);
97
98 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status );
99 static void bta_dm_disable_search_and_disc(void);
100
101 #if ((defined BLE_INCLUDED) && (BLE_INCLUDED == TRUE))
102 #if ((defined SMP_INCLUDED) && (SMP_INCLUDED == TRUE))
103 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data);
104 #endif
105 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key);
106 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
107 static void bta_dm_gattc_register(void);
108 static void btm_dm_start_gatt_discovery(BD_ADDR bd_addr);
109 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr);
110 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data);
111 extern tBTA_DM_CONTRL_STATE bta_dm_pm_obtain_controller_state(void);
112 #endif
113
114 #if BLE_VND_INCLUDED == TRUE
115 static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result);
116 #endif
117
118 #ifndef BTA_DM_BLE_ADV_CHNL_MAP
119 #define BTA_DM_BLE_ADV_CHNL_MAP (BTM_BLE_ADV_CHNL_37|BTM_BLE_ADV_CHNL_38|BTM_BLE_ADV_CHNL_39)
120 #endif
121 #endif
122
123 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr);
124 static void bta_dm_observe_results_cb(tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir);
125 static void bta_dm_observe_cmpl_cb(void * p_result);
126 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle);
127 extern void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8* p_uuid128);
128 static void bta_dm_disable_timer_cback(TIMER_LIST_ENT *p_tle);
129
130
131 const UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID] =
132 {
133 UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */
134 UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
135 UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */
136 UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */
137 UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */
138 UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
139 UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
140 UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */
141 UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */
142 UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */
143 UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */
144 UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
145 UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */
146 UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */
147 UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */
148 UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */
149 UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */
150 UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */
151 UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */
152 UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */
153 UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */
154 UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */
155 UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */
156 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */
157 UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
158 UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */
159 UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */
160 UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */
161 UUID_SERVCLASS_PBAP_PCE /* BTA_PCE_SERVICE_ID */
162 #if BLE_INCLUDED && BTA_GATT_INCLUDED
163 ,UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */
164 #endif
165 };
166
167 /*
168 * NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should be matching with
169 * the value BTA_MAX_SERVICE_ID in bta_api.h
170 *
171 * i.e., If you add new Service ID for BTA, the correct security ID of the new service
172 * from Security service definitions (btm_api.h) should be added to this lookup table.
173 */
174 const UINT32 bta_service_id_to_btm_srv_id_lkup_tbl [BTA_MAX_SERVICE_ID] =
175 {
176 0, /* Reserved */
177 BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
178 BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */
179 BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */
180 BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */
181 BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */
182 BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
183 BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */
184 BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */
185 BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */
186 BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */
187 BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
188 BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */
189 BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */
190 BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */
191 BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */
192 BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */
193 BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */
194 BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */
195 BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */
196 BTM_SEC_SERVICE_HIDH_SEC_CTRL, /* BTA_HID_SERVICE_ID */
197 BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */
198 BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */
199 BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
200 BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
201 BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */
202 BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */
203 BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */
204 BTM_SEC_SERVICE_PBAP /* BTA_PCE_SERVICE_ID */
205 #if BLE_INCLUDED && BTA_GATT_INCLUDED
206 ,BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */
207 #endif
208
209 };
210
211 /* bta security callback */
212 const tBTM_APPL_INFO bta_security =
213 {
214 &bta_dm_authorize_cback,
215 &bta_dm_pin_cback,
216 &bta_dm_new_link_key_cback,
217 &bta_dm_authentication_complete_cback,
218 &bta_dm_bond_cancel_complete_cback,
219 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
220 &bta_dm_sp_cback
221 #else
222 NULL
223 #endif
224 #if BLE_INCLUDED == TRUE
225 #if SMP_INCLUDED == TRUE
226 ,&bta_dm_ble_smp_cback
227 #endif
228 ,&bta_dm_ble_id_key_cback
229 #endif
230
231 };
232
233 #define MAX_DISC_RAW_DATA_BUF (4096)
234 UINT8 g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF];
235
236 extern DEV_CLASS local_device_default_class;
237
238 /*******************************************************************************
239 **
240 ** Function bta_dm_enable
241 **
242 ** Description Initialises the BT device manager
243 **
244 **
245 ** Returns void
246 **
247 *******************************************************************************/
bta_dm_enable(tBTA_DM_MSG * p_data)248 void bta_dm_enable(tBTA_DM_MSG *p_data)
249 {
250 tBTA_SYS_HW_MSG *sys_enable_event;
251 tBTA_DM_ENABLE enable_event;
252
253 /* if already in use, return an error */
254 if( bta_dm_cb.is_bta_dm_active == TRUE )
255 {
256 APPL_TRACE_WARNING("%s Device already started by another application", __func__);
257 memset(&enable_event, 0, sizeof(tBTA_DM_ENABLE));
258 enable_event.status = BTA_FAILURE;
259 if (p_data->enable.p_sec_cback != NULL)
260 p_data->enable.p_sec_cback(BTA_DM_ENABLE_EVT, (tBTA_DM_SEC *)&enable_event);
261 return;
262 }
263
264 /* first, register our callback to SYS HW manager */
265 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
266
267 /* make sure security callback is saved - if no callback, do not erase the previous one,
268 it could be an error recovery mechanism */
269 if( p_data->enable.p_sec_cback != NULL )
270 bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback;
271 /* notify BTA DM is now active */
272 bta_dm_cb.is_bta_dm_active = TRUE;
273
274 /* send a message to BTA SYS */
275 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
276 {
277 sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT;
278 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
279
280 bta_sys_sendmsg(sys_enable_event);
281 }
282 }
283
284 /*******************************************************************************
285 **
286 ** Function bta_dm_sys_hw_cback
287 **
288 ** Description callback register to SYS to get HW status updates
289 **
290 **
291 ** Returns void
292 **
293 *******************************************************************************/
bta_dm_sys_hw_cback(tBTA_SYS_HW_EVT status)294 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status )
295 {
296 DEV_CLASS dev_class;
297 tBTA_DM_SEC_CBACK *temp_cback;
298 #if BLE_INCLUDED == TRUE
299 UINT8 key_mask = 0;
300 BT_OCTET16 er;
301 tBTA_BLE_LOCAL_ID_KEYS id_key;
302 #endif
303
304 APPL_TRACE_DEBUG("%s with event: %i", __func__, status);
305
306 /* On H/W error evt, report to the registered DM application callback */
307 if (status == BTA_SYS_HW_ERROR_EVT) {
308 if( bta_dm_cb.p_sec_cback != NULL )
309 bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL);
310 return;
311 }
312
313 if( status == BTA_SYS_HW_OFF_EVT )
314 {
315 if( bta_dm_cb.p_sec_cback != NULL )
316 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
317
318 /* reinitialize the control block */
319 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
320
321 /* unregister from SYS */
322 bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH );
323 /* notify BTA DM is now unactive */
324 bta_dm_cb.is_bta_dm_active = FALSE;
325 }
326 else
327 if( status == BTA_SYS_HW_ON_EVT )
328 {
329 /* FIXME: We should not unregister as the SYS shall invoke this callback on a H/W error.
330 * We need to revisit when this platform has more than one BLuetooth H/W chip */
331 //bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH);
332
333 /* save security callback */
334 temp_cback = bta_dm_cb.p_sec_cback;
335 /* make sure the control block is properly initialized */
336 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
337 /* and retrieve the callback */
338 bta_dm_cb.p_sec_cback=temp_cback;
339 bta_dm_cb.is_bta_dm_active = TRUE;
340
341 /* hw is ready, go on with BTA DM initialization */
342 memset(&bta_dm_search_cb, 0x00, sizeof(bta_dm_search_cb));
343 memset(&bta_dm_conn_srvcs, 0x00, sizeof(bta_dm_conn_srvcs));
344 memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB));
345
346 memcpy(dev_class, p_bta_dm_cfg->dev_class, sizeof(dev_class));
347 BTM_SetDeviceClass (dev_class);
348
349 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
350 /* load BLE local information: ID keys, ER if available */
351 bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key);
352
353 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER)
354 {
355 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER, (tBTM_BLE_LOCAL_KEYS *)&er);
356 }
357 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID)
358 {
359 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID, (tBTM_BLE_LOCAL_KEYS *)&id_key);
360 }
361 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
362 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
363 #endif
364 #endif
365
366 BTM_SecRegister((tBTM_APPL_INFO*)&bta_security);
367 BTM_SetDefaultLinkSuperTout(p_bta_dm_cfg->link_timeout);
368 BTM_WritePageTimeout(p_bta_dm_cfg->page_timeout);
369 bta_dm_cb.cur_policy = p_bta_dm_cfg->policy_settings;
370 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
371 BTM_RegBusyLevelNotif (bta_dm_bl_change_cback, NULL, BTM_BL_UPDATE_MASK|BTM_BL_ROLE_CHG_MASK);
372
373 #if BLE_VND_INCLUDED == TRUE
374 BTM_BleReadControllerFeatures (bta_dm_ctrl_features_rd_cmpl_cback);
375 #endif
376
377 /* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the bd_addr
378 from the control block and invoking the callback which was sending the DM_ENABLE_EVT.
379 But then we have a few HCI commands being invoked above which were still in progress
380 when the ENABLE_EVT was sent. So modified this to fetch the local name which forces
381 the DM_ENABLE_EVT to be sent only after all the init steps are complete */
382 BTM_ReadLocalDeviceNameFromController((tBTM_CMPL_CB *)bta_dm_local_name_cback);
383
384 bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback);
385
386 /* initialize bluetooth low power manager */
387 bta_dm_init_pm();
388
389 bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback);
390
391 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
392 bta_dm_gattc_register();
393 #endif
394
395 }
396 else
397 APPL_TRACE_DEBUG(" --- ignored event");
398
399 }
400
401
402 /*******************************************************************************
403 **
404 ** Function bta_dm_disable
405 **
406 ** Description Disables the BT device manager
407 **
408 **
409 ** Returns void
410 **
411 *******************************************************************************/
bta_dm_disable(tBTA_DM_MSG * p_data)412 void bta_dm_disable (tBTA_DM_MSG *p_data)
413 {
414 UNUSED(p_data);
415
416 /* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after last channel is closed) */
417 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0, BT_TRANSPORT_BR_EDR);
418 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0, BT_TRANSPORT_LE);
419
420 /* disable all active subsystems */
421 bta_sys_disable(BTA_SYS_HW_BLUETOOTH);
422
423 BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0);
424 BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0);
425
426 bta_dm_disable_pm();
427 bta_dm_disable_search_and_disc();
428 bta_dm_cb.disabling = TRUE;
429
430 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
431 BTM_BleClearBgConnDev();
432 #endif
433
434 if(BTM_GetNumAclLinks()==0)
435 {
436 #if (defined(BTA_DISABLE_DELAY) && BTA_DISABLE_DELAY > 0)
437 /* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the shutdown by
438 * BTA_DISABLE_DELAY milliseconds
439 */
440 APPL_TRACE_WARNING("%s BTA_DISABLE_DELAY set to %d ms",
441 __FUNCTION__, BTA_DISABLE_DELAY);
442 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
443 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
444 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, BTA_DISABLE_DELAY);
445 #else
446 bta_dm_disable_conn_down_timer_cback(NULL);
447 #endif
448 }
449 else
450 {
451 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback;
452 bta_dm_cb.disable_timer.param = 0;
453 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 5000);
454 }
455
456 }
457
458 /*******************************************************************************
459 **
460 ** Function bta_dm_disable_timer_cback
461 **
462 ** Description Called if the disable timer expires
463 ** Used to close ACL connections which are still active
464 **
465 **
466 **
467 ** Returns void
468 **
469 *******************************************************************************/
bta_dm_disable_timer_cback(TIMER_LIST_ENT * p_tle)470 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle)
471 {
472 UNUSED(p_tle);
473 UINT8 i;
474 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
475 BOOLEAN trigger_disc = FALSE;
476
477
478 APPL_TRACE_EVENT(" bta_dm_disable_timer_cback trial %d ", p_tle->param);
479
480 if(BTM_GetNumAclLinks() && p_tle->param == 0)
481 {
482 for(i=0; i<bta_dm_cb.device_list.count; i++)
483 {
484 #if (BLE_INCLUDED == TRUE)
485 transport = bta_dm_cb.device_list.peer_device[i].transport;
486 #endif
487 btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr, transport);
488 trigger_disc = TRUE;
489 }
490
491 /* Retrigger disable timer in case ACL disconnect failed, DISABLE_EVT still need
492 to be sent out to avoid jave layer disable timeout */
493 if (trigger_disc)
494 {
495 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback;
496 bta_dm_cb.disable_timer.param = 1;
497 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1500);
498 }
499 }
500 else
501 {
502 bta_dm_cb.disabling = FALSE;
503
504 bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION);
505 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
506 }
507 }
508
509
510
511
512 /*******************************************************************************
513 **
514 ** Function bta_dm_set_dev_name
515 **
516 ** Description Sets local device name
517 **
518 **
519 ** Returns void
520 **
521 *******************************************************************************/
bta_dm_set_dev_name(tBTA_DM_MSG * p_data)522 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data)
523 {
524
525 BTM_SetLocalDeviceName((char*)p_data->set_name.name);
526 bta_dm_set_eir ((char*)p_data->set_name.name);
527 }
528
529 /*******************************************************************************
530 **
531 ** Function bta_dm_set_visibility
532 **
533 ** Description Sets discoverability, connectability and pairability
534 **
535 **
536 ** Returns void
537 **
538 *******************************************************************************/
bta_dm_set_visibility(tBTA_DM_MSG * p_data)539 void bta_dm_set_visibility(tBTA_DM_MSG *p_data)
540 {
541 UINT16 window, interval;
542 UINT16 le_disc_mode = BTM_BleReadDiscoverability();
543 UINT16 disc_mode = BTM_ReadDiscoverability(&window, &interval);
544 UINT16 le_conn_mode = BTM_BleReadConnectability();
545 UINT16 conn_mode = BTM_ReadConnectability(&window, &interval);
546
547 /* set modes for Discoverability and connectability if not ignore */
548 if (p_data->set_visibility.disc_mode != (BTA_DM_IGNORE | BTA_DM_LE_IGNORE))
549 {
550 if ((p_data->set_visibility.disc_mode & BTA_DM_LE_IGNORE) == BTA_DM_LE_IGNORE)
551 p_data->set_visibility.disc_mode =
552 ((p_data->set_visibility.disc_mode & ~BTA_DM_LE_IGNORE) | le_disc_mode);
553
554 if ((p_data->set_visibility.disc_mode & BTA_DM_IGNORE) == BTA_DM_IGNORE)
555 p_data->set_visibility.disc_mode =
556 ((p_data->set_visibility.disc_mode & ~BTA_DM_IGNORE) | disc_mode);
557
558 BTM_SetDiscoverability(p_data->set_visibility.disc_mode,
559 bta_dm_cb.inquiry_scan_window,
560 bta_dm_cb.inquiry_scan_interval);
561 }
562
563 if (p_data->set_visibility.conn_mode != (BTA_DM_IGNORE | BTA_DM_LE_IGNORE))
564 {
565 if ((p_data->set_visibility.conn_mode & BTA_DM_LE_IGNORE) == BTA_DM_LE_IGNORE)
566 p_data->set_visibility.conn_mode =
567 ((p_data->set_visibility.conn_mode & ~BTA_DM_LE_IGNORE) | le_conn_mode);
568
569 if ((p_data->set_visibility.conn_mode & BTA_DM_IGNORE) == BTA_DM_IGNORE)
570 p_data->set_visibility.conn_mode =
571 ((p_data->set_visibility.conn_mode & ~BTA_DM_IGNORE) | conn_mode);
572
573 BTM_SetConnectability(p_data->set_visibility.conn_mode,
574 bta_dm_cb.page_scan_window,
575 bta_dm_cb.page_scan_interval);
576 }
577
578 /* Send False or True if not ignore */
579 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE )
580 {
581
582 if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE)
583 bta_dm_cb.disable_pair_mode = TRUE;
584 else
585 bta_dm_cb.disable_pair_mode = FALSE;
586
587 }
588
589 /* Send False or True if not ignore */
590 if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
591 {
592
593 if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL)
594 bta_dm_cb.conn_paired_only = FALSE;
595 else
596 bta_dm_cb.conn_paired_only = TRUE;
597
598 }
599
600 /* Change mode if either mode is not ignore */
601 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE || p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
602 BTM_SetPairableMode((BOOLEAN)(!(bta_dm_cb.disable_pair_mode)),bta_dm_cb.conn_paired_only);
603
604 }
605
606 /*******************************************************************************
607 **
608 ** Function bta_dm_process_remove_device
609 **
610 ** Description Removes device, Disconnects ACL link if required.
611 ****
612 *******************************************************************************/
bta_dm_process_remove_device(BD_ADDR bd_addr)613 void bta_dm_process_remove_device(BD_ADDR bd_addr)
614 {
615 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
616 /* need to remove all pending background connection before unpair */
617 BTA_GATTC_CancelOpen(0, bd_addr, FALSE);
618 #endif
619
620 BTM_SecDeleteDevice(bd_addr);
621
622 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
623 /* remove all cached GATT information */
624 BTA_GATTC_Refresh(bd_addr);
625 #endif
626
627 if (bta_dm_cb.p_sec_cback)
628 {
629 tBTA_DM_SEC sec_event;
630 bdcpy(sec_event.link_down.bd_addr, bd_addr);
631 /* No connection, set status to success (acl disc code not valid) */
632 sec_event.link_down.status = HCI_SUCCESS;
633 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event);
634 }
635 }
636
637 /*******************************************************************************
638 **
639 ** Function bta_dm_remove_device
640 **
641 ** Description Removes device, disconnects ACL link if required.
642 ****
643 *******************************************************************************/
bta_dm_remove_device(tBTA_DM_MSG * p_data)644 void bta_dm_remove_device(tBTA_DM_MSG *p_data)
645 {
646 tBTA_DM_API_REMOVE_DEVICE *p_dev = &p_data->remove_dev;
647 if (p_dev == NULL)
648 return;
649
650 BD_ADDR other_address;
651 bdcpy(other_address, p_dev->bd_addr);
652
653 /* If ACL exists for the device in the remove_bond message*/
654 BOOLEAN continue_delete_dev = FALSE;
655 UINT8 other_transport = BT_TRANSPORT_INVALID;
656
657 if (BTM_IsAclConnectionUp(p_dev->bd_addr, BT_TRANSPORT_LE) ||
658 BTM_IsAclConnectionUp(p_dev->bd_addr, BT_TRANSPORT_BR_EDR))
659 {
660 APPL_TRACE_DEBUG("%s: ACL Up count %d", __func__, bta_dm_cb.device_list.count);
661 continue_delete_dev = FALSE;
662
663 /* Take the link down first, and mark the device for removal when disconnected */
664 for(int i=0; i < bta_dm_cb.device_list.count; i++)
665 {
666 if (!bdcmp(bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_dev->bd_addr))
667 {
668 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
669 btm_remove_acl( p_dev->bd_addr, bta_dm_cb.device_list.peer_device[i].transport);
670 APPL_TRACE_DEBUG("%s:transport = %d", __func__,
671 bta_dm_cb.device_list.peer_device[i].transport);
672
673 /* save the other transport to check if device is connected on other_transport */
674 if(bta_dm_cb.device_list.peer_device[i].transport == BT_TRANSPORT_LE)
675 other_transport = BT_TRANSPORT_BR_EDR;
676 else
677 other_transport = BT_TRANSPORT_LE;
678 break;
679 }
680 }
681 }
682 else
683 {
684 continue_delete_dev = TRUE;
685 }
686
687 // If it is DUMO device and device is paired as different address, unpair that device
688 // if different address
689 BOOLEAN continue_delete_other_dev = FALSE;
690 if ((other_transport && (BTM_ReadConnectedTransportAddress(other_address, other_transport))) ||
691 (!other_transport && (BTM_ReadConnectedTransportAddress(other_address, BT_TRANSPORT_BR_EDR) ||
692 BTM_ReadConnectedTransportAddress(other_address, BT_TRANSPORT_LE))))
693 {
694 continue_delete_other_dev = FALSE;
695 /* Take the link down first, and mark the device for removal when disconnected */
696 for(int i=0; i < bta_dm_cb.device_list.count; i++)
697 {
698 if (!bdcmp(bta_dm_cb.device_list.peer_device[i].peer_bdaddr, other_address))
699 {
700 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
701 btm_remove_acl(other_address,bta_dm_cb.device_list.peer_device[i].transport);
702 break;
703 }
704 }
705 }
706 else
707 {
708 APPL_TRACE_DEBUG("%s: continue to delete the other dev ", __func__);
709 continue_delete_other_dev = TRUE;
710 }
711
712 /* Delete the device mentioned in the msg */
713 if (continue_delete_dev)
714 bta_dm_process_remove_device(p_dev->bd_addr);
715
716 /* Delete the other paired device too */
717 BD_ADDR dummy_bda = {0};
718 if (continue_delete_other_dev && (bdcmp(other_address, dummy_bda) != 0))
719 bta_dm_process_remove_device(other_address);
720 }
721
722 /*******************************************************************************
723 **
724 ** Function bta_dm_add_device
725 **
726 ** Description This function adds a Link Key to an security database entry.
727 ** It is normally called during host startup to restore all required information
728 ** stored in the NVRAM.
729 ****
730 *******************************************************************************/
bta_dm_add_device(tBTA_DM_MSG * p_data)731 void bta_dm_add_device (tBTA_DM_MSG *p_data)
732 {
733 tBTA_DM_API_ADD_DEVICE *p_dev = &p_data->add_dev;
734 UINT8 *p_dc = NULL;
735 UINT8 *p_lc = NULL;
736 UINT32 trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
737 UINT8 index = 0;
738 UINT8 btm_mask_index = 0;
739
740 memset (trusted_services_mask, 0, sizeof(trusted_services_mask));
741
742 /* If not all zeros, the device class has been specified */
743 if (p_dev->dc_known)
744 p_dc = (UINT8 *)p_dev->dc;
745
746 if (p_dev->link_key_known)
747 p_lc = (UINT8 *)p_dev->link_key;
748
749 if (p_dev->is_trusted)
750 {
751 /* covert BTA service mask to BTM mask */
752 while (p_dev->tm && (index < BTA_MAX_SERVICE_ID))
753 {
754 if (p_dev->tm & (UINT32)(1<<index))
755 {
756
757 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS;
758 trusted_services_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] - (UINT32)(btm_mask_index * 32)));
759
760 p_dev->tm &= (UINT32)(~(1<<index));
761
762 }
763 index++;
764 }
765 }
766
767 if (!BTM_SecAddDevice (p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features,
768 trusted_services_mask, p_lc, p_dev->key_type, p_dev->io_cap,
769 p_dev->pin_length))
770 {
771 APPL_TRACE_ERROR ("BTA_DM: Error adding device %08x%04x",
772 (p_dev->bd_addr[0]<<24)+(p_dev->bd_addr[1]<<16)+(p_dev->bd_addr[2]<<8)+p_dev->bd_addr[3],
773 (p_dev->bd_addr[4]<<8)+p_dev->bd_addr[5]);
774 }
775 }
776
777 /*******************************************************************************
778 **
779 ** Function bta_dm_close_acl
780 **
781 ** Description This function forces to close the connection to a remote device
782 ** and optionaly remove the device from security database if
783 ** required.
784 ****
785 *******************************************************************************/
bta_dm_close_acl(tBTA_DM_MSG * p_data)786 void bta_dm_close_acl(tBTA_DM_MSG *p_data)
787 {
788 tBTA_DM_API_REMOVE_ACL *p_remove_acl = &p_data->remove_acl;
789 UINT8 index;
790
791 APPL_TRACE_DEBUG("bta_dm_close_acl");
792
793 if (BTM_IsAclConnectionUp(p_remove_acl->bd_addr, p_remove_acl->transport))
794 {
795 for (index = 0; index < bta_dm_cb.device_list.count; index ++)
796 {
797 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, p_remove_acl->bd_addr))
798 break;
799 }
800 if (index != bta_dm_cb.device_list.count)
801 {
802 if (p_remove_acl->remove_dev)
803 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE;
804 }
805 else
806 {
807 APPL_TRACE_ERROR("unknown device, remove ACL failed");
808 }
809 /* Disconnect the ACL link */
810 btm_remove_acl(p_remove_acl->bd_addr, p_remove_acl->transport);
811 }
812 /* if to remove the device from security database ? do it now */
813 else if (p_remove_acl->remove_dev)
814 {
815 if (!BTM_SecDeleteDevice(p_remove_acl->bd_addr))
816 {
817 APPL_TRACE_ERROR("delete device from security database failed.");
818 }
819 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
820 /* need to remove all pending background connection if any */
821 BTA_GATTC_CancelOpen(0, p_remove_acl->bd_addr, FALSE);
822 /* remove all cached GATT information */
823 BTA_GATTC_Refresh(p_remove_acl->bd_addr);
824 #endif
825 }
826 /* otherwise, no action needed */
827
828 }
829
830 /*******************************************************************************
831 **
832 ** Function bta_dm_remove_all_acl
833 **
834 ** Description This function forces to close all the ACL links specified by link type
835 ****
836 *******************************************************************************/
bta_dm_remove_all_acl(tBTA_DM_MSG * p_data)837 void bta_dm_remove_all_acl(tBTA_DM_MSG *p_data)
838 {
839 const tBTA_DM_LINK_TYPE link_type = p_data->remove_all_acl.link_type;
840 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
841
842 APPL_TRACE_DEBUG("%s link type = %d", __func__, link_type);
843
844 for (UINT8 i=0; i < bta_dm_cb.device_list.count; i++)
845 {
846 BD_ADDR addr = {0};
847 bdcpy(addr, bta_dm_cb.device_list.peer_device[i].peer_bdaddr);
848 #if defined (BLE_INCLUDED) && (BLE_INCLUDED == TRUE)
849 transport = bta_dm_cb.device_list.peer_device[i].transport;
850 #endif
851 if ((link_type == BTA_DM_LINK_TYPE_ALL) ||
852 ((link_type == BTA_DM_LINK_TYPE_LE) && (transport == BT_TRANSPORT_LE)) ||
853 ((link_type == BTA_DM_LINK_TYPE_BR_EDR) && (transport == BT_TRANSPORT_BR_EDR)))
854 {
855 /* Disconnect the ACL link */
856 btm_remove_acl(addr, transport);
857 }
858 }
859 }
860
861
862 /*******************************************************************************
863 **
864 ** Function bta_dm_bond
865 **
866 ** Description Bonds with peer device
867 **
868 **
869 ** Returns void
870 **
871 *******************************************************************************/
bta_dm_bond(tBTA_DM_MSG * p_data)872 void bta_dm_bond (tBTA_DM_MSG *p_data)
873 {
874 tBTM_STATUS status;
875 tBTA_DM_SEC sec_event;
876 char *p_name;
877
878 if (p_data->bond.transport == BTA_TRANSPORT_UNKNOWN)
879 status = BTM_SecBond ( p_data->bond.bd_addr, 0, NULL, 0 );
880 else
881 status = BTM_SecBondByTransport ( p_data->bond.bd_addr, p_data->bond.transport, 0, NULL, 0 );
882
883
884 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED))
885 {
886
887 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
888 bdcpy(sec_event.auth_cmpl.bd_addr, p_data->bond.bd_addr);
889 p_name = BTM_SecReadDevName(p_data->bond.bd_addr);
890 if (p_name != NULL)
891 {
892 memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1));
893 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
894 }
895
896 /* taken care of by memset [above]
897 sec_event.auth_cmpl.key_present = FALSE;
898 sec_event.auth_cmpl.success = FALSE;
899 */
900 sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND;
901 if (status == BTM_SUCCESS)
902 {
903 sec_event.auth_cmpl.success = TRUE;
904 }
905 else
906 {
907 /* delete this device entry from Sec Dev DB */
908 bta_dm_remove_sec_dev_entry(p_data->bond.bd_addr);
909 }
910 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
911 }
912
913 }
914
915 /*******************************************************************************
916 **
917 ** Function bta_dm_bond_cancel
918 **
919 ** Description Cancels bonding with a peer device
920 **
921 **
922 ** Returns void
923 **
924 *******************************************************************************/
bta_dm_bond_cancel(tBTA_DM_MSG * p_data)925 void bta_dm_bond_cancel (tBTA_DM_MSG *p_data)
926 {
927 tBTM_STATUS status;
928 tBTA_DM_SEC sec_event;
929
930 APPL_TRACE_EVENT(" bta_dm_bond_cancel ");
931 status = BTM_SecBondCancel ( p_data->bond_cancel.bd_addr );
932
933 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED && status != BTM_SUCCESS))
934 {
935 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
936
937 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
938 }
939
940 }
941
942 /*******************************************************************************
943 **
944 ** Function bta_dm_pin_reply
945 **
946 ** Description Send the pin_reply to a request from BTM
947 **
948 **
949 ** Returns void
950 **
951 *******************************************************************************/
bta_dm_pin_reply(tBTA_DM_MSG * p_data)952 void bta_dm_pin_reply (tBTA_DM_MSG *p_data)
953 {
954 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
955 UINT32 * current_trusted_mask;
956
957 current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr);
958
959 if(current_trusted_mask)
960 {
961 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
962 }
963 else
964 {
965 memset(trusted_mask, 0, sizeof(trusted_mask));
966 }
967
968 if(p_data->pin_reply.accept)
969 {
970
971 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS, p_data->pin_reply.pin_len, p_data->pin_reply.p_pin, trusted_mask );
972 }
973 else
974 {
975 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL, trusted_mask );
976 }
977
978 }
979
980 /*******************************************************************************
981 **
982 ** Function bta_dm_policy_cback
983 **
984 ** Description process the link policy changes
985 **
986 ** Returns void
987 **
988 *******************************************************************************/
bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status,UINT8 id,UINT8 app_id,BD_ADDR peer_addr)989 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
990 {
991 tBTA_DM_PEER_DEVICE *p_dev = NULL;
992 UINT16 policy = app_id;
993 UINT32 mask = (UINT32)(1 << id);
994
995 if(peer_addr)
996 p_dev = bta_dm_find_peer_device(peer_addr);
997
998 APPL_TRACE_DEBUG(" bta_dm_policy_cback cmd:%d, policy:0x%x",
999 status, policy);
1000 switch(status)
1001 {
1002 case BTA_SYS_PLCY_SET:
1003 if(!p_dev)
1004 return;
1005 /* restore the default link policy */
1006 p_dev->link_policy |= policy;
1007 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
1008 break;
1009
1010 case BTA_SYS_PLCY_CLR:
1011 if(!p_dev)
1012 return;
1013 /* clear the policy from the default link policy */
1014 p_dev->link_policy &= (~policy);
1015 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
1016
1017 if(policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE))
1018 {
1019 /* if clearing sniff/park, wake the link */
1020 bta_dm_pm_active(p_dev->peer_bdaddr);
1021 }
1022 break;
1023
1024 case BTA_SYS_PLCY_DEF_SET:
1025 /* want to restore/set the role switch policy */
1026 bta_dm_cb.role_policy_mask &= ~mask;
1027 if(0 == bta_dm_cb.role_policy_mask)
1028 {
1029 /* if nobody wants to insist on the role */
1030 bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH;
1031 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
1032 }
1033 break;
1034
1035 case BTA_SYS_PLCY_DEF_CLR:
1036 /* want to remove the role switch policy */
1037 bta_dm_cb.role_policy_mask |= mask;
1038 bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH;
1039 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
1040 break;
1041 }
1042 }
1043
1044 /*******************************************************************************
1045 **
1046 ** Function bta_dm_confirm
1047 **
1048 ** Description Send the user confirm request reply in response to a
1049 ** request from BTM
1050 **
1051 ** Returns void
1052 **
1053 *******************************************************************************/
bta_dm_confirm(tBTA_DM_MSG * p_data)1054 void bta_dm_confirm(tBTA_DM_MSG *p_data)
1055 {
1056 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1057
1058 if(p_data->confirm.accept == TRUE)
1059 res = BTM_SUCCESS;
1060 BTM_ConfirmReqReply(res, p_data->confirm.bd_addr);
1061 }
1062
1063 /*******************************************************************************
1064 **
1065 ** Function bta_dm_loc_oob
1066 **
1067 ** Description Retrieve the OOB data from the local LM
1068 **
1069 ** Returns void
1070 **
1071 *******************************************************************************/
1072 #if (BTM_OOB_INCLUDED == TRUE)
bta_dm_loc_oob(tBTA_DM_MSG * p_data)1073 void bta_dm_loc_oob(tBTA_DM_MSG *p_data)
1074 {
1075 UNUSED(p_data);
1076 BTM_ReadLocalOobData();
1077 }
1078
1079 /*******************************************************************************
1080 **
1081 ** Function bta_dm_ci_io_req_act
1082 **
1083 ** Description respond to the IO capabilities request from BTM
1084 **
1085 ** Returns void
1086 **
1087 *******************************************************************************/
bta_dm_ci_io_req_act(tBTA_DM_MSG * p_data)1088 void bta_dm_ci_io_req_act(tBTA_DM_MSG *p_data)
1089 {
1090 tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO;
1091 if(p_data->ci_io_req.auth_req)
1092 auth_req = BTM_AUTH_AP_YES;
1093 BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap,
1094 p_data->ci_io_req.oob_data, auth_req);
1095 }
1096
1097 /*******************************************************************************
1098 **
1099 ** Function bta_dm_ci_rmt_oob_act
1100 **
1101 ** Description respond to the OOB data request for the remote device from BTM
1102 **
1103 **
1104 ** Returns void
1105 **
1106 *******************************************************************************/
bta_dm_ci_rmt_oob_act(tBTA_DM_MSG * p_data)1107 void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG *p_data)
1108 {
1109 tBTM_STATUS res = BTM_NOT_AUTHORIZED;
1110
1111 if(p_data->ci_rmt_oob.accept == TRUE)
1112 res = BTM_SUCCESS;
1113 BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr,
1114 p_data->ci_rmt_oob.c, p_data->ci_rmt_oob.r );
1115 }
1116 #endif /* BTM_OOB_INCLUDED */
1117
1118 /*******************************************************************************
1119 **
1120 ** Function bta_dm_search_start
1121 **
1122 ** Description Starts an inquiry
1123 **
1124 **
1125 ** Returns void
1126 **
1127 *******************************************************************************/
bta_dm_search_start(tBTA_DM_MSG * p_data)1128 void bta_dm_search_start (tBTA_DM_MSG *p_data)
1129 {
1130 tBTM_INQUIRY_CMPL result;
1131
1132 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1133 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->search.num_uuid);
1134 bta_dm_gattc_register();
1135 #endif
1136
1137 APPL_TRACE_DEBUG("%s avoid_scatter=%d", __func__, p_bta_dm_cfg->avoid_scatter);
1138
1139 if (p_bta_dm_cfg->avoid_scatter &&
1140 (p_data->search.rs_res == BTA_DM_RS_NONE) && bta_dm_check_av(BTA_DM_API_SEARCH_EVT))
1141 {
1142 memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH));
1143 return;
1144 }
1145
1146 BTM_ClearInqDb(NULL);
1147 /* save search params */
1148 bta_dm_search_cb.p_search_cback = p_data->search.p_cback;
1149 bta_dm_search_cb.services = p_data->search.services;
1150
1151 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1152 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1153
1154 if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 &&
1155 p_data->search.p_uuid != NULL)
1156 {
1157 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1158 {
1159 APPL_TRACE_ERROR("%s no resources", __func__);
1160
1161 result.status = BTA_FAILURE;
1162 result.num_resp = 0;
1163 bta_dm_inq_cmpl_cb ((void *)&result);
1164 return;
1165 }
1166
1167 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len);
1168 }
1169 #endif
1170 result.status = BTM_StartInquiry( (tBTM_INQ_PARMS*)&p_data->search.inq_params,
1171 bta_dm_inq_results_cb,
1172 (tBTM_CMPL_CB*) bta_dm_inq_cmpl_cb);
1173
1174 APPL_TRACE_EVENT("%s status=%d", __func__, result.status);
1175 if (result.status != BTM_CMD_STARTED)
1176 {
1177 result.num_resp = 0;
1178 bta_dm_inq_cmpl_cb ((void *)&result);
1179 }
1180 }
1181
1182 /*******************************************************************************
1183 **
1184 ** Function bta_dm_search_cancel
1185 **
1186 ** Description Cancels an ongoing search for devices
1187 **
1188 **
1189 ** Returns void
1190 **
1191 *******************************************************************************/
bta_dm_search_cancel(tBTA_DM_MSG * p_data)1192 void bta_dm_search_cancel (tBTA_DM_MSG *p_data)
1193 {
1194 UNUSED(p_data);
1195 tBTA_DM_MSG * p_msg;
1196
1197 if (BTM_IsInquiryActive())
1198 {
1199 if (BTM_CancelInquiry() != BTM_CMD_STARTED)
1200 {
1201 bta_dm_search_cancel_notify(NULL);
1202 p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG));
1203 if (p_msg != NULL)
1204 {
1205 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1206 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1207 bta_sys_sendmsg(p_msg);
1208 }
1209 } else {
1210 /* flag a search cancel is pending */
1211 bta_dm_search_cb.cancel_pending = TRUE;
1212 }
1213 }
1214 /* If no Service Search going on then issue cancel remote name in case it is active */
1215 else if (!bta_dm_search_cb.name_discover_done)
1216 {
1217 BTM_CancelRemoteDeviceName();
1218
1219 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1220 {
1221 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1222 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1223 bta_sys_sendmsg(p_msg);
1224 }
1225
1226 }
1227 else {
1228 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1229 {
1230 p_msg->hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
1231 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1232 bta_sys_sendmsg(p_msg);
1233 }
1234 }
1235
1236 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1237 if (bta_dm_search_cb.gatt_disc_active)
1238 {
1239 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
1240 }
1241 #endif
1242 }
1243
1244 /*******************************************************************************
1245 **
1246 ** Function bta_dm_discover
1247 **
1248 ** Description Discovers services on a remote device
1249 **
1250 **
1251 ** Returns void
1252 **
1253 *******************************************************************************/
bta_dm_discover(tBTA_DM_MSG * p_data)1254 void bta_dm_discover (tBTA_DM_MSG *p_data)
1255 {
1256 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1257 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->discover.num_uuid);
1258 #endif
1259 APPL_TRACE_EVENT("%s services_to_search=0x%04X, sdp_search=%d", __func__,
1260 p_data->discover.services, p_data->discover.sdp_search);
1261
1262 /* save the search condition */
1263 bta_dm_search_cb.services = p_data->discover.services;
1264
1265 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1266 bta_dm_gattc_register();
1267 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1268 if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 &&
1269 p_data->discover.p_uuid != NULL)
1270 {
1271 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL)
1272 {
1273 p_data->discover.p_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1274 return;
1275 }
1276 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len);
1277 }
1278 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
1279 #endif
1280
1281 bta_dm_search_cb.p_search_cback = p_data->discover.p_cback;
1282 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1283 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
1284 bta_dm_search_cb.service_index = 0;
1285 bta_dm_search_cb.services_found = 0;
1286 bta_dm_search_cb.peer_name[0] = 0;
1287 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
1288 bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr);
1289 bta_dm_search_cb.transport = p_data->discover.transport;
1290
1291 bta_dm_search_cb.name_discover_done = FALSE;
1292 memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID));
1293 bta_dm_discover_device(p_data->discover.bd_addr);
1294 }
1295
1296 /*******************************************************************************
1297 **
1298 ** Function bta_dm_di_disc_cmpl
1299 **
1300 ** Description Sends event to application when DI discovery complete
1301 **
1302 ** Returns void
1303 **
1304 *******************************************************************************/
bta_dm_di_disc_cmpl(tBTA_DM_MSG * p_data)1305 void bta_dm_di_disc_cmpl(tBTA_DM_MSG *p_data)
1306 {
1307 tBTA_DM_DI_DISC_CMPL di_disc;
1308
1309 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1310 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1311
1312 if((p_data->hdr.offset == SDP_SUCCESS)
1313 || (p_data->hdr.offset == SDP_DB_FULL))
1314 {
1315 di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db);
1316 }
1317 else
1318 di_disc.result = BTA_FAILURE;
1319
1320 bta_dm_di_cb.p_di_db = NULL;
1321 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, (tBTA_DM_SEARCH *) &di_disc);
1322 }
1323
1324 /*******************************************************************************
1325 **
1326 ** Function bta_dm_di_disc_callback
1327 **
1328 ** Description This function queries a remote device for DI information.
1329 **
1330 **
1331 ** Returns void
1332 **
1333 *******************************************************************************/
bta_dm_di_disc_callback(UINT16 result)1334 static void bta_dm_di_disc_callback(UINT16 result)
1335 {
1336 tBTA_DM_MSG * p_msg;
1337
1338 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1339 {
1340 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1341 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1342 p_msg->hdr.offset = result;
1343 bta_sys_sendmsg(p_msg);
1344 }
1345 }
1346
1347 /*******************************************************************************
1348 **
1349 ** Function bta_dm_disable_search_and_disc
1350 **
1351 ** Description Cancels an ongoing search or discovery for devices in case of
1352 ** a Bluetooth disable
1353 **
1354 **
1355 ** Returns void
1356 **
1357 *******************************************************************************/
bta_dm_disable_search_and_disc(void)1358 static void bta_dm_disable_search_and_disc (void)
1359 {
1360 tBTA_DM_DI_DISC_CMPL di_disc;
1361
1362 if (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
1363 bta_dm_search_cancel(NULL);
1364
1365 if (bta_dm_di_cb.p_di_db != NULL)
1366 {
1367 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
1368 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr);
1369 di_disc.result = BTA_FAILURE;
1370
1371 bta_dm_di_cb.p_di_db = NULL;
1372 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, NULL);
1373 }
1374 }
1375
1376 /*******************************************************************************
1377 **
1378 ** Function bta_dm_di_disc
1379 **
1380 ** Description This function queries a remote device for DI information.
1381 **
1382 **
1383 ** Returns void
1384 **
1385 *******************************************************************************/
bta_dm_di_disc(tBTA_DM_MSG * p_data)1386 void bta_dm_di_disc (tBTA_DM_MSG *p_data)
1387 {
1388 UINT16 result = BTA_FAILURE;
1389 tBTA_DM_MSG *p_msg;
1390
1391 bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback;
1392 bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.bd_addr);
1393 bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db;
1394
1395 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
1396 {
1397 if ( SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db,
1398 p_data->di_disc.len, bta_dm_di_disc_callback) == SDP_SUCCESS)
1399 {
1400 result = BTA_SUCCESS;
1401 }
1402 }
1403 else
1404 {
1405 APPL_TRACE_ERROR("No buffer to start DI discovery");
1406 }
1407
1408 if ( result == BTA_FAILURE &&
1409 (p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1410 {
1411 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1412 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
1413 p_data->hdr.offset = result;
1414 bta_sys_sendmsg(p_msg);
1415 }
1416 }
1417
1418 /*******************************************************************************
1419 **
1420 ** Function bta_dm_read_remote_device_name
1421 **
1422 ** Description Initiate to get remote device name
1423 **
1424 ** Returns TRUE if started to get remote name
1425 **
1426 *******************************************************************************/
bta_dm_read_remote_device_name(BD_ADDR bd_addr,tBT_TRANSPORT transport)1427 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr,tBT_TRANSPORT transport)
1428 {
1429 tBTM_STATUS btm_status;
1430
1431 APPL_TRACE_DEBUG("bta_dm_read_remote_device_name");
1432
1433 bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr);
1434 bta_dm_search_cb.peer_name[0] = 0;
1435
1436 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
1437 (tBTM_CMPL_CB *) bta_dm_remname_cback,
1438 transport);
1439
1440 if ( btm_status == BTM_CMD_STARTED )
1441 {
1442 APPL_TRACE_DEBUG("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is started");
1443
1444 return (TRUE);
1445 }
1446 else if ( btm_status == BTM_BUSY )
1447 {
1448 APPL_TRACE_DEBUG("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is busy");
1449
1450 /* Remote name discovery is on going now so BTM cannot notify through "bta_dm_remname_cback" */
1451 /* adding callback to get notified that current reading remore name done */
1452 BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1453
1454 return (TRUE);
1455 }
1456 else
1457 {
1458 APPL_TRACE_WARNING("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
1459
1460 return (FALSE);
1461 }
1462 }
1463
1464 /*******************************************************************************
1465 **
1466 ** Function bta_dm_inq_cmpl
1467 **
1468 ** Description Process the inquiry complete event from BTM
1469 **
1470 ** Returns void
1471 **
1472 *******************************************************************************/
bta_dm_inq_cmpl(tBTA_DM_MSG * p_data)1473 void bta_dm_inq_cmpl (tBTA_DM_MSG *p_data)
1474 {
1475 tBTA_DM_MSG * p_msg;
1476 tBTA_DM_SEARCH data;
1477
1478 APPL_TRACE_DEBUG("bta_dm_inq_cmpl");
1479
1480 data.inq_cmpl.num_resps = p_data->inq_cmpl.num;
1481 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data);
1482
1483 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst()) != NULL)
1484 {
1485 /* start name and service discovery from the first device on inquiry result */
1486 bta_dm_search_cb.name_discover_done = FALSE;
1487 bta_dm_search_cb.peer_name[0] = 0;
1488 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
1489 }
1490 else
1491 {
1492 /* no devices, search complete */
1493 bta_dm_search_cb.services = 0;
1494
1495 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1496 {
1497 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1498 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1499 bta_sys_sendmsg(p_msg);
1500 }
1501 }
1502 }
1503
1504 /*******************************************************************************
1505 **
1506 ** Function bta_dm_rmt_name
1507 **
1508 ** Description Process the remote name result from BTM
1509 **
1510 ** Returns void
1511 **
1512 *******************************************************************************/
bta_dm_rmt_name(tBTA_DM_MSG * p_data)1513 void bta_dm_rmt_name (tBTA_DM_MSG *p_data)
1514 {
1515 APPL_TRACE_DEBUG("bta_dm_rmt_name");
1516
1517 if( p_data->rem_name.result.disc_res.bd_name[0] && bta_dm_search_cb.p_btm_inq_info)
1518 {
1519 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = TRUE;
1520 }
1521
1522 bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr);
1523 }
1524
1525 /*******************************************************************************
1526 **
1527 ** Function bta_dm_disc_rmt_name
1528 **
1529 ** Description Process the remote name result from BTM when application
1530 ** wants to find the name for a bdaddr
1531 **
1532 ** Returns void
1533 **
1534 *******************************************************************************/
bta_dm_disc_rmt_name(tBTA_DM_MSG * p_data)1535 void bta_dm_disc_rmt_name (tBTA_DM_MSG *p_data)
1536 {
1537 tBTM_INQ_INFO *p_btm_inq_info;
1538
1539 APPL_TRACE_DEBUG("bta_dm_disc_rmt_name");
1540
1541 p_btm_inq_info = BTM_InqDbRead (p_data->rem_name.result.disc_res.bd_addr);
1542 if( p_btm_inq_info )
1543 {
1544 if( p_data->rem_name.result.disc_res.bd_name[0] )
1545 {
1546 p_btm_inq_info->appl_knows_rem_name = TRUE;
1547 }
1548 }
1549
1550 bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr);
1551 }
1552
1553 /*******************************************************************************
1554 **
1555 ** Function bta_dm_sdp_result
1556 **
1557 ** Description Process the discovery result from sdp
1558 **
1559 ** Returns void
1560 **
1561 *******************************************************************************/
bta_dm_sdp_result(tBTA_DM_MSG * p_data)1562 void bta_dm_sdp_result (tBTA_DM_MSG *p_data)
1563 {
1564
1565 tSDP_DISC_REC *p_sdp_rec = NULL;
1566 tBTA_DM_MSG *p_msg;
1567 BOOLEAN scn_found = FALSE;
1568 UINT16 service = 0xFFFF;
1569 tSDP_PROTOCOL_ELEM pe;
1570
1571 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1572 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid;
1573 tBTA_DM_SEARCH result;
1574 tBT_UUID service_uuid;
1575 #endif
1576
1577 UINT32 num_uuids = 0;
1578 UINT8 uuid_list[32][MAX_UUID_SIZE]; // assuming a max of 32 services
1579
1580 if((p_data->sdp_event.sdp_result == SDP_SUCCESS)
1581 || (p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH)
1582 || (p_data->sdp_event.sdp_result == SDP_DB_FULL))
1583 {
1584 APPL_TRACE_DEBUG("sdp_result::0x%x", p_data->sdp_event.sdp_result);
1585 do
1586 {
1587
1588 p_sdp_rec = NULL;
1589 if( bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID+1) )
1590 {
1591 p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db, &bta_dm_search_cb.uuid, p_sdp_rec);
1592
1593 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe))
1594 {
1595 bta_dm_search_cb.peer_scn = (UINT8) pe.params[0];
1596 scn_found = TRUE;
1597 }
1598 }
1599 else
1600 {
1601 service = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1602 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec);
1603 }
1604 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1605 /* finished with BR/EDR services, now we check the result for GATT based service UUID */
1606 if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID)
1607 {
1608 if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL)
1609 {
1610 p_uuid += (bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search);
1611 /* only support 16 bits UUID for now */
1612 service = p_uuid->uu.uuid16;
1613
1614 }
1615 /* all GATT based services */
1616 do
1617 {
1618 /* find a service record, report it */
1619 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db,
1620 0, p_sdp_rec);
1621 if (p_sdp_rec)
1622 {
1623 if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid))
1624 {
1625 /* send result back to app now, one by one */
1626 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1627 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN));
1628 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
1629 result.disc_ble_res.service.len = service_uuid.len;
1630 result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16;
1631
1632 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
1633 }
1634 }
1635
1636 if (bta_dm_search_cb.uuid_to_search > 0)
1637 break;
1638
1639 } while (p_sdp_rec);
1640 }
1641 else
1642 #endif
1643 {
1644 /* SDP_DB_FULL means some records with the
1645 required attributes were received */
1646 if (((p_data->sdp_event.sdp_result == SDP_DB_FULL) &&
1647 bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) ||
1648 (p_sdp_rec != NULL))
1649 {
1650 if (service != UUID_SERVCLASS_PNP_INFORMATION)
1651 {
1652 UINT16 tmp_svc = 0xFFFF;
1653 bta_dm_search_cb.services_found |=
1654 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index-1));
1655 tmp_svc = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1];
1656 /* Add to the list of UUIDs */
1657 sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]);
1658 num_uuids++;
1659 }
1660 }
1661 }
1662
1663 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK &&
1664 bta_dm_search_cb.services_to_search == 0)
1665 {
1666 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1667 if ( bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
1668 bta_dm_search_cb.uuid_to_search > 0)
1669 bta_dm_search_cb.uuid_to_search --;
1670
1671 if (bta_dm_search_cb.uuid_to_search == 0 ||
1672 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
1673 #endif
1674 bta_dm_search_cb.service_index++;
1675 }
1676 else /* regular one service per search or PNP search */
1677 break;
1678
1679 }
1680 while(bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID);
1681
1682 // GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1683 // bta_dm_search_cb.p_sdp_db = NULL;
1684 APPL_TRACE_DEBUG("%s services_found = %04x", __FUNCTION__,
1685 bta_dm_search_cb.services_found);
1686
1687 /* Collect the 128-bit services here and put them into the list */
1688 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK)
1689 {
1690 p_sdp_rec = NULL;
1691 do
1692 {
1693 tBT_UUID temp_uuid;
1694 /* find a service record, report it */
1695 p_sdp_rec = SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec);
1696 if (p_sdp_rec)
1697 {
1698 if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid))
1699 {
1700 memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE);
1701 num_uuids++;
1702 }
1703 }
1704 } while (p_sdp_rec);
1705 }
1706 /* if there are more services to search for */
1707 if(bta_dm_search_cb.services_to_search)
1708 {
1709 /* Free up the p_sdp_db before checking the next one */
1710 bta_dm_free_sdp_db(NULL);
1711 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
1712 }
1713 else
1714 {
1715 /* callbacks */
1716 /* start next bd_addr if necessary */
1717
1718 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1719
1720
1721 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1722 {
1723 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1724 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
1725 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
1726 p_msg->disc_result.result.disc_res.raw_data_size = 0;
1727 p_msg->disc_result.result.disc_res.num_uuids = num_uuids;
1728 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
1729 if (num_uuids > 0) {
1730 p_msg->disc_result.result.disc_res.p_uuid_list = (UINT8*)GKI_getbuf(num_uuids*MAX_UUID_SIZE);
1731 if (p_msg->disc_result.result.disc_res.p_uuid_list) {
1732 memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list,
1733 num_uuids*MAX_UUID_SIZE);
1734 } else {
1735 p_msg->disc_result.result.disc_res.num_uuids = 0;
1736 APPL_TRACE_ERROR("%s: Unable to allocate memory for uuid_list", __func__);
1737 }
1738 }
1739 //copy the raw_data to the discovery result structure
1740 //
1741
1742 if ( bta_dm_search_cb.p_sdp_db != NULL && bta_dm_search_cb.p_sdp_db->raw_used != 0 &&
1743 bta_dm_search_cb.p_sdp_db->raw_data != NULL) {
1744 APPL_TRACE_DEBUG(
1745 "%s raw_data used = 0x%x raw_data_ptr = 0x%x", __func__,
1746 bta_dm_search_cb.p_sdp_db->raw_used,
1747 bta_dm_search_cb.p_sdp_db->raw_data);
1748
1749 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.p_sdp_db->raw_used);
1750 if ( NULL != p_msg->disc_result.result.disc_res.p_raw_data ) {
1751 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
1752 bta_dm_search_cb.p_sdp_db->raw_data,
1753 bta_dm_search_cb.p_sdp_db->raw_used );
1754
1755 p_msg->disc_result.result.disc_res.raw_data_size =
1756 bta_dm_search_cb.p_sdp_db->raw_used;
1757
1758 } else {
1759 APPL_TRACE_DEBUG("%s GKI Alloc failed to allocate %d bytes !!", __func__,
1760 bta_dm_search_cb.p_sdp_db->raw_used);
1761 }
1762
1763 bta_dm_search_cb.p_sdp_db->raw_data = NULL; //no need to free this - it is a global assigned.
1764 bta_dm_search_cb.p_sdp_db->raw_used = 0;
1765 bta_dm_search_cb.p_sdp_db->raw_size = 0;
1766 }
1767 else {
1768 APPL_TRACE_DEBUG("%s raw data size is 0 or raw_data is null!!", __func__);
1769 }
1770 /* Done with p_sdp_db. Free it */
1771 bta_dm_free_sdp_db(NULL);
1772 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1773
1774 //Piggy back the SCN over result field
1775 if( scn_found )
1776 {
1777 p_msg->disc_result.result.disc_res.result = (3 + bta_dm_search_cb.peer_scn);
1778 p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK;
1779
1780 APPL_TRACE_EVENT(" Piggy back the SCN over result field SCN=%d", bta_dm_search_cb.peer_scn);
1781
1782 }
1783 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1784 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1785 bta_dm_get_remname(), (BD_NAME_LEN-1));
1786
1787 /* make sure the string is null terminated */
1788 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1789
1790 bta_sys_sendmsg(p_msg);
1791 }
1792 }
1793 } else {
1794 /* conn failed. No need for timer */
1795 if(p_data->sdp_event.sdp_result == SDP_CONN_FAILED || p_data->sdp_event.sdp_result == SDP_CONN_REJECTED
1796 || p_data->sdp_event.sdp_result == SDP_SECURITY_ERR)
1797 bta_dm_search_cb.wait_disc = FALSE;
1798
1799 /* not able to connect go to next device */
1800 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1801 bta_dm_search_cb.p_sdp_db = NULL;
1802
1803 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
1804
1805 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
1806 {
1807 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
1808 p_msg->disc_result.result.disc_res.result = BTA_FAILURE;
1809 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
1810 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
1811 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
1812 bta_dm_get_remname(), (BD_NAME_LEN-1));
1813
1814 /* make sure the string is null terminated */
1815 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
1816
1817 bta_sys_sendmsg(p_msg);
1818 }
1819 }
1820 }
1821
1822 /*******************************************************************************
1823 **
1824 ** Function bta_dm_search_cmpl
1825 **
1826 ** Description Sends event to application
1827 **
1828 ** Returns void
1829 **
1830 *******************************************************************************/
bta_dm_search_cmpl(tBTA_DM_MSG * p_data)1831 void bta_dm_search_cmpl (tBTA_DM_MSG *p_data)
1832 {
1833 APPL_TRACE_EVENT("%s", __func__);
1834
1835 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
1836 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid);
1837 #endif
1838
1839 if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT)
1840 bta_dm_di_disc_cmpl(p_data);
1841 else
1842 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL);
1843 }
1844
1845 /*******************************************************************************
1846 **
1847 ** Function bta_dm_disc_result
1848 **
1849 ** Description Service discovery result when discovering services on a device
1850 **
1851 ** Returns void
1852 **
1853 *******************************************************************************/
bta_dm_disc_result(tBTA_DM_MSG * p_data)1854 void bta_dm_disc_result (tBTA_DM_MSG *p_data)
1855 {
1856 APPL_TRACE_EVENT("%s", __func__);
1857
1858 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
1859 /* if any BR/EDR service discovery has been done, report the event */
1860 if ((bta_dm_search_cb.services & ((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK ) & ~BTA_BLE_SERVICE_MASK)))
1861 #endif
1862 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1863
1864 tBTA_DM_MSG *p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG));
1865
1866 /* send a message to change state */
1867 if (p_msg != NULL)
1868 {
1869 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
1870 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
1871 bta_sys_sendmsg(p_msg);
1872 }
1873 }
1874
1875 /*******************************************************************************
1876 **
1877 ** Function bta_dm_search_result
1878 **
1879 ** Description Service discovery result while searching for devices
1880 **
1881 ** Returns void
1882 **
1883 *******************************************************************************/
bta_dm_search_result(tBTA_DM_MSG * p_data)1884 void bta_dm_search_result (tBTA_DM_MSG *p_data)
1885 {
1886 APPL_TRACE_DEBUG("%s searching:0x%04x, result:0x%04x", __func__,
1887 bta_dm_search_cb.services,
1888 p_data->disc_result.result.disc_res.services);
1889
1890 /* call back if application wants name discovery or found services that application is searching */
1891 if (( !bta_dm_search_cb.services )
1892 ||(( bta_dm_search_cb.services ) && ( p_data->disc_result.result.disc_res.services )))
1893 {
1894 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result);
1895 }
1896
1897 /* if searching did not initiate to create link */
1898 if(!bta_dm_search_cb.wait_disc )
1899 {
1900 /* if service searching is done with EIR, don't search next device */
1901 if( bta_dm_search_cb.p_btm_inq_info )
1902 bta_dm_discover_next_device();
1903 }
1904 else
1905 {
1906 /* wait until link is disconnected or timeout */
1907 bta_dm_search_cb.sdp_results = TRUE;
1908 bta_dm_search_cb.search_timer.p_cback = (TIMER_CBACK*)&bta_dm_search_timer_cback;
1909 bta_sys_start_timer(&bta_dm_search_cb.search_timer, 0, 1000*(L2CAP_LINK_INACTIVITY_TOUT+1) );
1910 }
1911
1912 }
1913
1914 /*******************************************************************************
1915 **
1916 ** Function bta_dm_search_timer_cback
1917 **
1918 ** Description Called when ACL disconnect time is over
1919 **
1920 **
1921 ** Returns void
1922 **
1923 *******************************************************************************/
bta_dm_search_timer_cback(TIMER_LIST_ENT * p_tle)1924 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle)
1925 {
1926 UNUSED(p_tle);
1927
1928 APPL_TRACE_EVENT("%s", __func__);
1929 bta_dm_search_cb.wait_disc = FALSE;
1930
1931 /* proceed with next device */
1932 bta_dm_discover_next_device();
1933
1934 }
1935
1936
1937 /*******************************************************************************
1938 **
1939 ** Function bta_dm_free_sdp_db
1940 **
1941 ** Description Frees SDP data base
1942 **
1943 ** Returns void
1944 **
1945 *******************************************************************************/
bta_dm_free_sdp_db(tBTA_DM_MSG * p_data)1946 void bta_dm_free_sdp_db (tBTA_DM_MSG *p_data)
1947 {
1948 UNUSED(p_data);
1949 if(bta_dm_search_cb.p_sdp_db)
1950 {
1951 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
1952 bta_dm_search_cb.p_sdp_db = NULL;
1953 }
1954
1955 }
1956
1957 /*******************************************************************************
1958 **
1959 ** Function bta_dm_queue_search
1960 **
1961 ** Description Queues search command while search is being cancelled
1962 **
1963 ** Returns void
1964 **
1965 *******************************************************************************/
bta_dm_queue_search(tBTA_DM_MSG * p_data)1966 void bta_dm_queue_search (tBTA_DM_MSG *p_data)
1967 {
1968 if(bta_dm_search_cb.p_search_queue)
1969 {
1970 GKI_freebuf(bta_dm_search_cb.p_search_queue);
1971 }
1972
1973 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_SEARCH));
1974 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH));
1975
1976 }
1977
1978 /*******************************************************************************
1979 **
1980 ** Function bta_dm_queue_disc
1981 **
1982 ** Description Queues discovery command while search is being cancelled
1983 **
1984 ** Returns void
1985 **
1986 *******************************************************************************/
bta_dm_queue_disc(tBTA_DM_MSG * p_data)1987 void bta_dm_queue_disc (tBTA_DM_MSG *p_data)
1988 {
1989 if(bta_dm_search_cb.p_search_queue)
1990 {
1991 GKI_freebuf(bta_dm_search_cb.p_search_queue);
1992 }
1993
1994 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_DISCOVER));
1995 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER));
1996
1997 }
1998
1999 /*******************************************************************************
2000 **
2001 ** Function bta_dm_search_clear_queue
2002 **
2003 ** Description Clears the queue if API search cancel is called
2004 **
2005 ** Returns void
2006 **
2007 *******************************************************************************/
bta_dm_search_clear_queue(tBTA_DM_MSG * p_data)2008 void bta_dm_search_clear_queue (tBTA_DM_MSG *p_data)
2009 {
2010 UNUSED(p_data);
2011 if(bta_dm_search_cb.p_search_queue)
2012 {
2013 GKI_freebuf(bta_dm_search_cb.p_search_queue);
2014 bta_dm_search_cb.p_search_queue = NULL;
2015 }
2016 }
2017
2018 /*******************************************************************************
2019 **
2020 ** Function bta_dm_search_cancel_cmpl
2021 **
2022 ** Description Search cancel is complete
2023 **
2024 ** Returns void
2025 **
2026 *******************************************************************************/
bta_dm_search_cancel_cmpl(tBTA_DM_MSG * p_data)2027 void bta_dm_search_cancel_cmpl (tBTA_DM_MSG *p_data)
2028 {
2029 UNUSED(p_data);
2030 if(bta_dm_search_cb.p_search_queue)
2031 {
2032 bta_sys_sendmsg(bta_dm_search_cb.p_search_queue);
2033 bta_dm_search_cb.p_search_queue = NULL;
2034 }
2035
2036 }
2037
2038 /*******************************************************************************
2039 **
2040 ** Function bta_dm_search_cancel_transac_cmpl
2041 **
2042 ** Description Current Service Discovery or remote name procedure is
2043 ** completed after search cancellation
2044 **
2045 ** Returns void
2046 **
2047 *******************************************************************************/
bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG * p_data)2048 void bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG *p_data)
2049 {
2050 UNUSED(p_data);
2051 if(bta_dm_search_cb.p_sdp_db)
2052 {
2053 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2054 bta_dm_search_cb.p_sdp_db = NULL;
2055 }
2056
2057 bta_dm_search_cancel_notify(NULL);
2058 }
2059
2060
2061 /*******************************************************************************
2062 **
2063 ** Function bta_dm_search_cancel_notify
2064 **
2065 ** Description Notify application that search has been cancelled
2066 **
2067 ** Returns void
2068 **
2069 *******************************************************************************/
bta_dm_search_cancel_notify(tBTA_DM_MSG * p_data)2070 void bta_dm_search_cancel_notify (tBTA_DM_MSG *p_data)
2071 {
2072 UNUSED(p_data);
2073 if (bta_dm_search_cb.p_search_cback)
2074 {
2075 bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL);
2076 }
2077 if (!bta_dm_search_cb.name_discover_done)
2078 {
2079 BTM_CancelRemoteDeviceName();
2080 }
2081 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE)
2082 if (bta_dm_search_cb.gatt_disc_active)
2083 {
2084 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2085 }
2086 #endif
2087
2088 }
2089
2090 /*******************************************************************************
2091 **
2092 ** Function bta_dm_find_services
2093 **
2094 ** Description Starts discovery on a device
2095 **
2096 ** Returns void
2097 **
2098 *******************************************************************************/
bta_dm_find_services(BD_ADDR bd_addr)2099 static void bta_dm_find_services ( BD_ADDR bd_addr)
2100 {
2101
2102 tSDP_UUID uuid;
2103 UINT16 num_attrs = 1;
2104 tBTA_DM_MSG *p_msg;
2105
2106 memset (&uuid, 0, sizeof(tSDP_UUID));
2107
2108 while(bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID)
2109 {
2110 if( bta_dm_search_cb.services_to_search
2111 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)))
2112 {
2113 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL)
2114 {
2115 APPL_TRACE_DEBUG("bta_dm_search_cb.services = %04x***********", bta_dm_search_cb.services);
2116 /* try to search all services by search based on L2CAP UUID */
2117 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK )
2118 {
2119 LOG_INFO("%s services_to_search=%08x", __func__, bta_dm_search_cb.services_to_search);
2120 if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK)
2121 {
2122 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0];
2123 bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK;
2124 }
2125 else
2126 {
2127 uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP;
2128 bta_dm_search_cb.services_to_search = 0;
2129 }
2130 }
2131 else
2132 {
2133 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2134 /* for LE only profile */
2135 if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID)
2136 {
2137 if (bta_dm_search_cb.uuid_to_search > 0 && bta_dm_search_cb.p_srvc_uuid)
2138 {
2139 memcpy(&uuid,
2140 (const void *)(bta_dm_search_cb.p_srvc_uuid + \
2141 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search),
2142 sizeof(tBT_UUID));
2143
2144 bta_dm_search_cb.uuid_to_search -- ;
2145 }
2146 else
2147 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2148
2149 /* last one? clear the BLE service bit if all discovery has been done */
2150 if (bta_dm_search_cb.uuid_to_search == 0)
2151 bta_dm_search_cb.services_to_search &=
2152 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2153
2154 }
2155 else
2156 #endif
2157 {
2158 /* remove the service from services to be searched */
2159 bta_dm_search_cb.services_to_search &=
2160 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
2161 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
2162 }
2163 }
2164
2165 if (uuid.len == 0)
2166 uuid.len = LEN_UUID_16;
2167
2168 if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID)
2169 {
2170 memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID));
2171 }
2172
2173 LOG_INFO("%s search UUID = %04x", __func__, uuid.uu.uuid16);
2174 SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, 0, NULL);
2175
2176 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2177 bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf;
2178
2179 bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF;
2180
2181 if (!SDP_ServiceSearchAttributeRequest (bd_addr, bta_dm_search_cb.p_sdp_db, &bta_dm_sdp_callback))
2182 {
2183 /* if discovery not successful with this device
2184 proceed to next one */
2185 GKI_freebuf(bta_dm_search_cb.p_sdp_db);
2186 bta_dm_search_cb.p_sdp_db = NULL;
2187 bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID;
2188
2189 }
2190 else
2191 {
2192 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2193 if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
2194 bta_dm_search_cb.uuid_to_search == 0) ||
2195 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
2196 #endif
2197 bta_dm_search_cb.service_index++;
2198 return;
2199 }
2200 }
2201 else
2202 {
2203 APPL_TRACE_ERROR("#### Failed to allocate SDP DB buffer! ####");
2204 }
2205 }
2206
2207 bta_dm_search_cb.service_index++;
2208 }
2209
2210 /* no more services to be discovered */
2211 if(bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID)
2212 {
2213 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2214 {
2215 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2216 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2217 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2218 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2219 bta_dm_get_remname(), (BD_NAME_LEN-1));
2220
2221 /* make sure the string is terminated */
2222 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2223
2224 bta_sys_sendmsg(p_msg);
2225 }
2226 }
2227 }
2228
2229 /*******************************************************************************
2230 **
2231 ** Function bta_dm_discover_next_device
2232 **
2233 ** Description Starts discovery on the next device in Inquiry data base
2234 **
2235 ** Returns void
2236 **
2237 *******************************************************************************/
bta_dm_discover_next_device(void)2238 static void bta_dm_discover_next_device(void)
2239 {
2240
2241 tBTA_DM_MSG * p_msg;
2242
2243 APPL_TRACE_DEBUG("bta_dm_discover_next_device");
2244
2245 /* searching next device on inquiry result */
2246 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info)) != NULL)
2247 {
2248 bta_dm_search_cb.name_discover_done = FALSE;
2249 bta_dm_search_cb.peer_name[0] = 0;
2250 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
2251 }
2252 else
2253 {
2254 /* no devices, search complete */
2255 bta_dm_search_cb.services = 0;
2256
2257 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2258 {
2259 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
2260 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
2261 bta_sys_sendmsg(p_msg);
2262 }
2263 }
2264 }
2265
2266 /*******************************************************************************
2267 **
2268 ** Function bta_dm_discover_device
2269 **
2270 ** Description Starts name and service discovery on the device
2271 **
2272 ** Returns void
2273 **
2274 *******************************************************************************/
bta_dm_discover_device(BD_ADDR remote_bd_addr)2275 static void bta_dm_discover_device(BD_ADDR remote_bd_addr)
2276 {
2277 tBTA_DM_MSG * p_msg;
2278 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
2279
2280 #if BLE_INCLUDED == TRUE
2281 if (bta_dm_search_cb.transport == BTA_TRANSPORT_UNKNOWN)
2282 {
2283 tBT_DEVICE_TYPE dev_type;
2284 tBLE_ADDR_TYPE addr_type;
2285
2286 BTM_ReadDevInfo(remote_bd_addr, &dev_type, &addr_type);
2287 if (dev_type == BT_DEVICE_TYPE_BLE || addr_type == BLE_ADDR_RANDOM)
2288 transport = BT_TRANSPORT_LE;
2289 } else {
2290 transport = bta_dm_search_cb.transport;
2291 }
2292 #endif
2293
2294 /* Reset transport state for next discovery */
2295 bta_dm_search_cb.transport = BTA_TRANSPORT_UNKNOWN;
2296
2297 APPL_TRACE_DEBUG("%s BDA:0x%02X%02X%02X%02X%02X%02X", __func__,
2298 remote_bd_addr[0],remote_bd_addr[1],
2299 remote_bd_addr[2],remote_bd_addr[3],
2300 remote_bd_addr[4],remote_bd_addr[5]);
2301
2302 bdcpy(bta_dm_search_cb.peer_bdaddr, remote_bd_addr);
2303
2304 APPL_TRACE_DEBUG("%s name_discover_done = %d p_btm_inq_info 0x%x state = %d, transport=%d",
2305 __func__,
2306 bta_dm_search_cb.name_discover_done,
2307 bta_dm_search_cb.p_btm_inq_info,
2308 bta_dm_search_cb.state,
2309 transport);
2310
2311 if (bta_dm_search_cb.p_btm_inq_info)
2312 {
2313 APPL_TRACE_DEBUG("%s appl_knows_rem_name %d", __func__,
2314 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name);
2315 }
2316
2317 if((bta_dm_search_cb.p_btm_inq_info)
2318 && (bta_dm_search_cb.p_btm_inq_info->results.device_type == BT_DEVICE_TYPE_BLE)
2319 && (bta_dm_search_cb.state == BTA_DM_SEARCH_ACTIVE))
2320 {
2321 /* Do not perform RNR for LE devices at inquiry complete*/
2322 bta_dm_search_cb.name_discover_done = TRUE;
2323 }
2324
2325 /* if name discovery is not done and application needs remote name */
2326 if ((!bta_dm_search_cb.name_discover_done)
2327 && (( bta_dm_search_cb.p_btm_inq_info == NULL )
2328 ||(bta_dm_search_cb.p_btm_inq_info && (!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name))))
2329 {
2330 if (bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr, transport) == TRUE)
2331 return;
2332
2333 /* starting name discovery failed */
2334 bta_dm_search_cb.name_discover_done = TRUE;
2335 }
2336
2337 /* if application wants to discover service */
2338 if ( bta_dm_search_cb.services )
2339 {
2340 /* initialize variables */
2341 bta_dm_search_cb.service_index = 0;
2342 bta_dm_search_cb.services_found = 0;
2343 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
2344 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
2345 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
2346 #endif
2347 if ((bta_dm_search_cb.p_btm_inq_info != NULL) &&
2348 bta_dm_search_cb.services != BTA_USER_SERVICE_MASK
2349 &&(bta_dm_search_cb.sdp_search == FALSE))
2350 {
2351 /* check if EIR provides the information of supported services */
2352 bta_dm_eir_search_services( &bta_dm_search_cb.p_btm_inq_info->results,
2353 &bta_dm_search_cb.services_to_search,
2354 &bta_dm_search_cb.services_found );
2355 }
2356
2357 /* if seaching with EIR is not completed */
2358 if(bta_dm_search_cb.services_to_search)
2359 {
2360 /* check whether connection already exists to the device
2361 if connection exists, we don't have to wait for ACL
2362 link to go down to start search on next device */
2363 if (BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr, BT_TRANSPORT_BR_EDR))
2364 bta_dm_search_cb.wait_disc = FALSE;
2365 else
2366 bta_dm_search_cb.wait_disc = TRUE;
2367
2368 #if (BLE_INCLUDED == TRUE && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
2369 if ( bta_dm_search_cb.p_btm_inq_info )
2370 {
2371 APPL_TRACE_DEBUG("%s p_btm_inq_info 0x%x results.device_type 0x%x services_to_search 0x%x",
2372 __func__,
2373 bta_dm_search_cb.p_btm_inq_info,
2374 bta_dm_search_cb.p_btm_inq_info->results.device_type,
2375 bta_dm_search_cb.services_to_search);
2376 }
2377
2378 if (transport == BT_TRANSPORT_LE)
2379 {
2380 if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK)
2381 {
2382 //set the raw data buffer here
2383 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
2384 bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf;
2385
2386 bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF;
2387 bta_dm_search_cb.ble_raw_used = 0;
2388
2389 /* start GATT for service discovery */
2390 btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
2391 return;
2392 }
2393 }
2394 else
2395 #endif
2396 {
2397 bta_dm_search_cb.sdp_results = FALSE;
2398 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
2399 return;
2400 }
2401 }
2402 }
2403
2404 /* name discovery and service discovery are done for this device */
2405 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
2406 {
2407 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
2408 /* initialize the data structure - includes p_raw_data and raw_data_size */
2409 memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES));
2410 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
2411 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
2412 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2413 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
2414 (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1));
2415
2416 /* make sure the string is terminated */
2417 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
2418
2419 bta_sys_sendmsg(p_msg);
2420 }
2421 }
2422
2423 /*******************************************************************************
2424 **
2425 ** Function bta_dm_sdp_callback
2426 **
2427 ** Description Callback from sdp with discovery status
2428 **
2429 ** Returns void
2430 **
2431 *******************************************************************************/
bta_dm_sdp_callback(UINT16 sdp_status)2432 static void bta_dm_sdp_callback (UINT16 sdp_status)
2433 {
2434
2435 tBTA_DM_SDP_RESULT * p_msg;
2436
2437 if ((p_msg = (tBTA_DM_SDP_RESULT *) GKI_getbuf(sizeof(tBTA_DM_SDP_RESULT))) != NULL)
2438 {
2439 p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT;
2440 p_msg->sdp_result = sdp_status;
2441 bta_sys_sendmsg(p_msg);
2442
2443 }
2444 }
2445
2446 /*******************************************************************************
2447 **
2448 ** Function bta_dm_inq_results_cb
2449 **
2450 ** Description Inquiry results callback from BTM
2451 **
2452 ** Returns void
2453 **
2454 *******************************************************************************/
bta_dm_inq_results_cb(tBTM_INQ_RESULTS * p_inq,UINT8 * p_eir)2455 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
2456 {
2457
2458 tBTA_DM_SEARCH result;
2459 tBTM_INQ_INFO *p_inq_info;
2460 UINT16 service_class;
2461
2462 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
2463 memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN);
2464 BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class);
2465 result.inq_res.is_limited = (service_class & BTM_COD_SERVICE_LMTD_DISCOVER)?TRUE:FALSE;
2466 result.inq_res.rssi = p_inq->rssi;
2467
2468 #if (BLE_INCLUDED == TRUE)
2469 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
2470 result.inq_res.inq_result_type = p_inq->inq_result_type;
2471 result.inq_res.device_type = p_inq->device_type;
2472 result.inq_res.flag = p_inq->flag;
2473 #endif
2474
2475 /* application will parse EIR to find out remote device name */
2476 result.inq_res.p_eir = p_eir;
2477
2478 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
2479 {
2480 /* initialize remt_name_not_required to FALSE so that we get the name by default */
2481 result.inq_res.remt_name_not_required = FALSE;
2482
2483 }
2484
2485 if(bta_dm_search_cb.p_search_cback)
2486 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result);
2487
2488 if(p_inq_info)
2489 {
2490 /* application indicates if it knows the remote name, inside the callback
2491 copy that to the inquiry data base*/
2492 if(result.inq_res.remt_name_not_required)
2493 p_inq_info->appl_knows_rem_name = TRUE;
2494
2495 }
2496
2497
2498 }
2499
2500
2501 /*******************************************************************************
2502 **
2503 ** Function bta_dm_inq_cmpl_cb
2504 **
2505 ** Description Inquiry complete callback from BTM
2506 **
2507 ** Returns void
2508 **
2509 *******************************************************************************/
bta_dm_inq_cmpl_cb(void * p_result)2510 static void bta_dm_inq_cmpl_cb (void * p_result)
2511 {
2512 tBTA_DM_MSG * p_msg;
2513
2514 if (bta_dm_search_cb.cancel_pending == FALSE)
2515 {
2516 APPL_TRACE_DEBUG("%s", __FUNCTION__);
2517 p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG));
2518 if (p_msg != NULL) {
2519 p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
2520 p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
2521 bta_sys_sendmsg(p_msg);
2522 }
2523 }
2524 else
2525 {
2526 bta_dm_search_cb.cancel_pending = FALSE;
2527 bta_dm_search_cancel_notify(NULL);
2528
2529 p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG));
2530 if (p_msg != NULL) {
2531 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
2532 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
2533 bta_sys_sendmsg(p_msg);
2534 }
2535 }
2536 }
2537
2538 /*******************************************************************************
2539 **
2540 ** Function bta_dm_service_search_remname_cback
2541 **
2542 ** Description Remote name call back from BTM during service discovery
2543 **
2544 ** Returns void
2545 **
2546 *******************************************************************************/
bta_dm_service_search_remname_cback(BD_ADDR bd_addr,DEV_CLASS dc,BD_NAME bd_name)2547 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name)
2548 {
2549 tBTM_REMOTE_DEV_NAME rem_name;
2550 tBTM_STATUS btm_status;
2551 UNUSED(dc);
2552
2553 APPL_TRACE_DEBUG("bta_dm_service_search_remname_cback name=<%s>", bd_name);
2554
2555 /* if this is what we are looking for */
2556 if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr))
2557 {
2558 rem_name.length = strlen((char*)bd_name);
2559 if (rem_name.length > (BD_NAME_LEN-1))
2560 {
2561 rem_name.length = (BD_NAME_LEN-1);
2562 rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0;
2563 }
2564 BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2565 rem_name.status = BTM_SUCCESS;
2566
2567 bta_dm_remname_cback(&rem_name);
2568 }
2569 else
2570 {
2571 /* get name of device */
2572 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr,
2573 (tBTM_CMPL_CB *) bta_dm_remname_cback,
2574 BT_TRANSPORT_BR_EDR);
2575 if ( btm_status == BTM_BUSY )
2576 {
2577 /* wait for next chance(notification of remote name discovery done) */
2578 APPL_TRACE_DEBUG("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName is busy");
2579 }
2580 else if ( btm_status != BTM_CMD_STARTED )
2581 {
2582 /* if failed to start getting remote name then continue */
2583 APPL_TRACE_WARNING("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status);
2584
2585 rem_name.length = 0;
2586 rem_name.remote_bd_name[0] = 0;
2587 rem_name.status = btm_status;
2588 bta_dm_remname_cback(&rem_name);
2589 }
2590 }
2591 }
2592
2593
2594 /*******************************************************************************
2595 **
2596 ** Function bta_dm_remname_cback
2597 **
2598 ** Description Remote name complete call back from BTM
2599 **
2600 ** Returns void
2601 **
2602 *******************************************************************************/
bta_dm_remname_cback(tBTM_REMOTE_DEV_NAME * p_remote_name)2603 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name)
2604 {
2605 tBTA_DM_REM_NAME * p_msg;
2606
2607 APPL_TRACE_DEBUG("bta_dm_remname_cback len = %d name=<%s>", p_remote_name->length,
2608 p_remote_name->remote_bd_name);
2609
2610 /* remote name discovery is done but it could be failed */
2611 bta_dm_search_cb.name_discover_done = TRUE;
2612 BCM_STRNCPY_S((char*)bta_dm_search_cb.peer_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN));
2613 bta_dm_search_cb.peer_name[BD_NAME_LEN]=0;
2614
2615 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
2616
2617 #if BLE_INCLUDED == TRUE
2618 if (bta_dm_search_cb.transport == BT_TRANSPORT_LE )
2619 {
2620 GAP_BleReadPeerPrefConnParams (bta_dm_search_cb.peer_bdaddr);
2621 }
2622 #endif
2623
2624 if ((p_msg = (tBTA_DM_REM_NAME *) GKI_getbuf(sizeof(tBTA_DM_REM_NAME))) != NULL)
2625 {
2626 bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
2627 BCM_STRNCPY_S((char*)p_msg->result.disc_res.bd_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN));
2628
2629 /* make sure the string is null terminated */
2630 p_msg->result.disc_res.bd_name[BD_NAME_LEN] = 0;
2631
2632 p_msg->hdr.event = BTA_DM_REMT_NAME_EVT;
2633 bta_sys_sendmsg(p_msg);
2634
2635 }
2636 }
2637
2638 /*******************************************************************************
2639 **
2640 ** Function bta_dm_authorize_cback
2641 **
2642 ** Description cback requesting authorization
2643 **
2644 ** Returns void
2645 **
2646 *******************************************************************************/
bta_dm_authorize_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,UINT8 * service_name,UINT8 service_id,BOOLEAN is_originator)2647 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
2648 UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator)
2649 {
2650 tBTA_DM_SEC sec_event;
2651 UINT8 index = 1;
2652 UNUSED(service_name);
2653 UNUSED(is_originator);
2654
2655 bdcpy(sec_event.authorize.bd_addr, bd_addr);
2656 memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
2657
2658 BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2659
2660 /* make sure the string is null terminated */
2661 sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0;
2662
2663 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2664 sec_event.authorize.service = service_id;
2665 #endif
2666
2667 while(index < BTA_MAX_SERVICE_ID)
2668 {
2669 /* get the BTA service id corresponding to BTM id */
2670 if(bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id)
2671 {
2672 sec_event.authorize.service = index;
2673 break;
2674 }
2675 index++;
2676 }
2677
2678
2679 /* if supported service callback otherwise not authorized */
2680 if(bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID
2681 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE )
2682 /* pass through JV service ID */
2683 || (service_id >= BTA_FIRST_JV_SERVICE_ID && service_id <= BTA_LAST_JV_SERVICE_ID)
2684 #endif
2685 ))
2686 {
2687 bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event);
2688 return BTM_CMD_STARTED;
2689 }
2690 else
2691 {
2692 return BTM_NOT_AUTHORIZED;
2693 }
2694 }
2695
2696
2697
2698
2699
2700 /*******************************************************************************
2701 **
2702 ** Function bta_dm_pinname_cback
2703 **
2704 ** Description Callback requesting pin_key
2705 **
2706 ** Returns void
2707 **
2708 *******************************************************************************/
bta_dm_pinname_cback(void * p_data)2709 static void bta_dm_pinname_cback (void *p_data)
2710 {
2711 tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data;
2712 tBTA_DM_SEC sec_event;
2713 UINT32 bytes_to_copy;
2714 tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt;
2715
2716 if (BTA_DM_SP_CFM_REQ_EVT == event)
2717 {
2718 /* Retrieved saved device class and bd_addr */
2719 bdcpy(sec_event.cfm_req.bd_addr, bta_dm_cb.pin_bd_addr);
2720 BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class);
2721
2722 if (p_result && p_result->status == BTM_SUCCESS)
2723 {
2724 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2725 ? p_result->length : (BD_NAME_LEN-1);
2726 memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2727 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2728 }
2729 else /* No name found */
2730 sec_event.cfm_req.bd_name[0] = 0;
2731
2732 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2733
2734 /* 1 additional event data fields for this event */
2735 sec_event.cfm_req.just_works = bta_dm_cb.just_works;
2736 }
2737 else
2738 {
2739 /* Retrieved saved device class and bd_addr */
2740 bdcpy(sec_event.pin_req.bd_addr, bta_dm_cb.pin_bd_addr);
2741 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class);
2742
2743 if (p_result && p_result->status == BTM_SUCCESS)
2744 {
2745 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1))
2746 ? p_result->length : (BD_NAME_LEN-1);
2747 memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy);
2748 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2749 }
2750 else /* No name found */
2751 sec_event.pin_req.bd_name[0] = 0;
2752
2753 event = bta_dm_cb.pin_evt;
2754 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */
2755 }
2756
2757 if( bta_dm_cb.p_sec_cback )
2758 bta_dm_cb.p_sec_cback(event, &sec_event);
2759 }
2760
2761 /*******************************************************************************
2762 **
2763 ** Function bta_dm_pin_cback
2764 **
2765 ** Description Callback requesting pin_key
2766 **
2767 ** Returns void
2768 **
2769 *******************************************************************************/
bta_dm_pin_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,BOOLEAN min_16_digit)2770 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
2771 BOOLEAN min_16_digit)
2772 {
2773 tBTA_DM_SEC sec_event;
2774
2775 if (!bta_dm_cb.p_sec_cback)
2776 return BTM_NOT_AUTHORIZED;
2777
2778 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
2779 if (bd_name[0] == 0)
2780 {
2781 bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT;
2782 bdcpy(bta_dm_cb.pin_bd_addr, bd_addr);
2783 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class);
2784 if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback, BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
2785 return BTM_CMD_STARTED;
2786
2787 APPL_TRACE_WARNING(" bta_dm_pin_cback() -> Failed to start Remote Name Request ");
2788 }
2789
2790 bdcpy(sec_event.pin_req.bd_addr, bd_addr);
2791 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
2792 BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1));
2793 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0;
2794 sec_event.pin_req.min_16_digit = min_16_digit;
2795
2796 bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
2797 return BTM_CMD_STARTED;
2798 }
2799
2800 /*******************************************************************************
2801 **
2802 ** Function bta_dm_new_link_key_cback
2803 **
2804 ** Description Callback from BTM to notify new link key
2805 **
2806 ** Returns void
2807 **
2808 *******************************************************************************/
bta_dm_new_link_key_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,LINK_KEY key,UINT8 key_type)2809 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,
2810 BD_NAME bd_name, LINK_KEY key, UINT8 key_type)
2811 {
2812 tBTA_DM_SEC sec_event;
2813 tBTA_DM_AUTH_CMPL *p_auth_cmpl;
2814 UINT8 event;
2815 UNUSED(dev_class);
2816
2817 memset (&sec_event, 0, sizeof(tBTA_DM_SEC));
2818
2819 /* Not AMP Key type */
2820 if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB)
2821 {
2822 event = BTA_DM_AUTH_CMPL_EVT;
2823 p_auth_cmpl = &sec_event.auth_cmpl;
2824
2825 bdcpy(p_auth_cmpl->bd_addr, bd_addr);
2826
2827 memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1));
2828 p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0;
2829
2830 p_auth_cmpl->key_present = TRUE;
2831 p_auth_cmpl->key_type = key_type;
2832 p_auth_cmpl->success = TRUE;
2833
2834 memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN);
2835 sec_event.auth_cmpl.fail_reason = HCI_SUCCESS;
2836
2837 #if BLE_INCLUDED == TRUE
2838 // Report the BR link key based on the BR/EDR address and type
2839 BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type, &sec_event.auth_cmpl.addr_type);
2840 #endif
2841 if(bta_dm_cb.p_sec_cback)
2842 bta_dm_cb.p_sec_cback(event, &sec_event);
2843 }
2844 else
2845 {
2846 APPL_TRACE_WARNING("%s() Received AMP Key", __func__);
2847 }
2848
2849 return BTM_CMD_STARTED;
2850 }
2851
2852
2853 /*******************************************************************************
2854 **
2855 ** Function bta_dm_authentication_complete_cback
2856 **
2857 ** Description Authentication complete callback from BTM
2858 **
2859 ** Returns void
2860 **
2861 *******************************************************************************/
bta_dm_authentication_complete_cback(BD_ADDR bd_addr,DEV_CLASS dev_class,BD_NAME bd_name,int result)2862 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result)
2863 {
2864 tBTA_DM_SEC sec_event;
2865 UNUSED(dev_class);
2866
2867 if(result != BTM_SUCCESS)
2868 {
2869 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
2870 bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr);
2871
2872 memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1));
2873 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0;
2874
2875 #if BLE_INCLUDED == TRUE
2876 // Report the BR link key based on the BR/EDR address and type
2877 BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type, &sec_event.auth_cmpl.addr_type);
2878 #endif
2879 sec_event.auth_cmpl.fail_reason = (UINT8)result;
2880
2881 if(bta_dm_cb.p_sec_cback)
2882 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
2883
2884 bta_dm_remove_sec_dev_entry(bd_addr);
2885 }
2886
2887 return BTM_SUCCESS;
2888 }
2889
2890 /*******************************************************************************
2891 **
2892 ** Function bta_dm_sp_cback
2893 **
2894 ** Description simple pairing callback from BTM
2895 **
2896 ** Returns void
2897 **
2898 *******************************************************************************/
bta_dm_sp_cback(tBTM_SP_EVT event,tBTM_SP_EVT_DATA * p_data)2899 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data)
2900 {
2901 tBTM_STATUS status = BTM_CMD_STARTED;
2902 tBTA_DM_SEC sec_event;
2903 tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT;
2904
2905 APPL_TRACE_EVENT("bta_dm_sp_cback: %d", event);
2906 if (!bta_dm_cb.p_sec_cback)
2907 return BTM_NOT_AUTHORIZED;
2908
2909 /* TODO_SP */
2910 switch(event)
2911 {
2912 case BTM_SP_IO_REQ_EVT:
2913 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2914 /* translate auth_req */
2915 bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap,
2916 &p_data->io_req.oob_data, &p_data->io_req.auth_req, p_data->io_req.is_orig);
2917 #endif
2918 #if BTM_OOB_INCLUDED == FALSE
2919 status = BTM_SUCCESS;
2920 #endif
2921
2922 APPL_TRACE_EVENT("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
2923 break;
2924 case BTM_SP_IO_RSP_EVT:
2925 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2926 bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap,
2927 p_data->io_rsp.oob_data, p_data->io_rsp.auth_req );
2928 #endif
2929 break;
2930
2931 case BTM_SP_CFM_REQ_EVT:
2932 pin_evt = BTA_DM_SP_CFM_REQ_EVT;
2933 bta_dm_cb.just_works = sec_event.cfm_req.just_works = p_data->cfm_req.just_works;
2934 sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req;
2935 sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req;
2936 sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps;
2937 sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps;
2938
2939 /* continue to next case */
2940 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
2941 /* Passkey entry mode, mobile device with output capability is very
2942 unlikely to receive key request, so skip this event */
2943 /*case BTM_SP_KEY_REQ_EVT: */
2944 case BTM_SP_KEY_NOTIF_EVT:
2945 #endif
2946 if(BTM_SP_CFM_REQ_EVT == event)
2947 {
2948 /* Due to the switch case falling through below to BTM_SP_KEY_NOTIF_EVT,
2949 call remote name request using values from cfm_req */
2950 if(p_data->cfm_req.bd_name[0] == 0)
2951 {
2952 bta_dm_cb.pin_evt = pin_evt;
2953 bdcpy(bta_dm_cb.pin_bd_addr, p_data->cfm_req.bd_addr);
2954 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->cfm_req.dev_class);
2955 if ((BTM_ReadRemoteDeviceName(p_data->cfm_req.bd_addr, bta_dm_pinname_cback,
2956 BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
2957 return BTM_CMD_STARTED;
2958 APPL_TRACE_WARNING(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
2959 }
2960 else
2961 {
2962 /* Due to the switch case falling through below to BTM_SP_KEY_NOTIF_EVT,
2963 copy these values into key_notif from cfm_req */
2964 bdcpy(sec_event.key_notif.bd_addr, p_data->cfm_req.bd_addr);
2965 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->cfm_req.dev_class);
2966 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME),
2967 (char*)p_data->cfm_req.bd_name, (BD_NAME_LEN-1));
2968 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0;
2969 }
2970 }
2971
2972 bta_dm_cb.num_val = sec_event.key_notif.passkey = p_data->key_notif.passkey;
2973 if (BTM_SP_KEY_NOTIF_EVT == event)
2974 {
2975 /* If the device name is not known, save bdaddr and devclass
2976 and initiate a name request with values from key_notif */
2977 if(p_data->key_notif.bd_name[0] == 0)
2978 {
2979 bta_dm_cb.pin_evt = pin_evt;
2980 bdcpy(bta_dm_cb.pin_bd_addr, p_data->key_notif.bd_addr);
2981 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->key_notif.dev_class);
2982 if ((BTM_ReadRemoteDeviceName(p_data->key_notif.bd_addr, bta_dm_pinname_cback,
2983 BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
2984 return BTM_CMD_STARTED;
2985 APPL_TRACE_WARNING(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
2986 }
2987 else
2988 {
2989 bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr);
2990 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class);
2991 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME),
2992 (char*)p_data->key_notif.bd_name, (BD_NAME_LEN-1));
2993 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0;
2994 }
2995 }
2996
2997 bta_dm_cb.p_sec_cback(pin_evt, &sec_event);
2998
2999 break;
3000
3001 #if BTM_OOB_INCLUDED == TRUE
3002 case BTM_SP_LOC_OOB_EVT:
3003 bta_dm_co_loc_oob((BOOLEAN)(p_data->loc_oob.status == BTM_SUCCESS),
3004 p_data->loc_oob.c, p_data->loc_oob.r);
3005 break;
3006
3007 case BTM_SP_RMT_OOB_EVT:
3008 /* If the device name is not known, save bdaddr and devclass and initiate a name request */
3009 if (p_data->rmt_oob.bd_name[0] == 0)
3010 {
3011 bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT;
3012 bdcpy(bta_dm_cb.pin_bd_addr, p_data->rmt_oob.bd_addr);
3013 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->rmt_oob.dev_class);
3014 if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr, bta_dm_pinname_cback,
3015 BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
3016 return BTM_CMD_STARTED;
3017 APPL_TRACE_WARNING(" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
3018 }
3019
3020 bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr);
3021 BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class);
3022 BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1));
3023 sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0;
3024
3025 bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
3026
3027 bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr);
3028 break;
3029 #endif
3030 case BTM_SP_COMPLT_EVT:
3031 /* do not report this event - handled by link_key_callback or auth_complete_callback */
3032 break;
3033
3034 case BTM_SP_KEYPRESS_EVT:
3035 memcpy(&sec_event.key_press, &p_data->key_press, sizeof(tBTM_SP_KEYPRESS));
3036 bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event);
3037 break;
3038
3039 case BTM_SP_UPGRADE_EVT:
3040 bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade );
3041 break;
3042
3043 default:
3044 status = BTM_NOT_AUTHORIZED;
3045 break;
3046 }
3047 APPL_TRACE_EVENT("dm status: %d", status);
3048 return status;
3049 }
3050
3051 /*******************************************************************************
3052 **
3053 ** Function bta_dm_local_name_cback
3054 **
3055 ** Description Callback from btm after local name is read
3056 **
3057 **
3058 ** Returns void
3059 **
3060 *******************************************************************************/
bta_dm_local_name_cback(UINT8 * p_name)3061 static void bta_dm_local_name_cback(UINT8 *p_name)
3062 {
3063 tBTA_DM_SEC sec_event;
3064 UNUSED(p_name);
3065
3066 sec_event.enable.status = BTA_SUCCESS;
3067
3068 if(bta_dm_cb.p_sec_cback)
3069 bta_dm_cb.p_sec_cback(BTA_DM_ENABLE_EVT, &sec_event);
3070
3071 }
3072
3073 /*******************************************************************************
3074 **
3075 ** Function bta_dm_bl_change_cback
3076 **
3077 ** Description Callback from btm when acl connection goes up or down
3078 **
3079 **
3080 ** Returns void
3081 **
3082 *******************************************************************************/
bta_dm_bl_change_cback(tBTM_BL_EVENT_DATA * p_data)3083 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data)
3084 {
3085 tBTA_DM_ACL_CHANGE * p_msg;
3086
3087 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL)
3088 {
3089 p_msg->event = p_data->event;
3090 p_msg->is_new = FALSE;
3091
3092 switch(p_msg->event)
3093 {
3094 case BTM_BL_CONN_EVT:
3095 p_msg->is_new = TRUE;
3096 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3097 #if BLE_INCLUDED == TRUE
3098 p_msg->transport = p_data->conn.transport;
3099 p_msg->handle = p_data->conn.handle;
3100 #endif
3101 break;
3102 case BTM_BL_DISCN_EVT:
3103 bdcpy(p_msg->bd_addr, p_data->discn.p_bda);
3104 #if BLE_INCLUDED == TRUE
3105 p_msg->transport = p_data->discn.transport;
3106 p_msg->handle = p_data->discn.handle;
3107 #endif
3108 break;
3109 case BTM_BL_UPDATE_EVT:
3110 p_msg->busy_level = p_data->update.busy_level;
3111 p_msg->busy_level_flags = p_data->update.busy_level_flags;
3112 break;
3113 case BTM_BL_ROLE_CHG_EVT:
3114 p_msg->new_role = p_data->role_chg.new_role;
3115 p_msg->hci_status = p_data->role_chg.hci_status;
3116 bdcpy(p_msg->bd_addr, p_data->role_chg.p_bda);
3117 break;
3118 case BTM_BL_COLLISION_EVT:
3119 bdcpy(p_msg->bd_addr, p_data->conn.p_bda);
3120 break;
3121 }
3122
3123 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3124 bta_sys_sendmsg(p_msg);
3125
3126 }
3127
3128 }
3129
3130 /*******************************************************************************
3131 **
3132 ** Function bta_dm_acl_change_cback
3133 **
3134 ** Description Callback from btm when acl connection goes up or down
3135 **
3136 **
3137 ** Returns void
3138 **
3139 *******************************************************************************/
3140 #if BLE_INCLUDED == TRUE
bta_dm_acl_change_cback(BD_ADDR p_bda,DEV_CLASS p_dc,BD_NAME p_bdn,UINT8 * features,BOOLEAN is_new,UINT16 handle,tBT_TRANSPORT transport)3141 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn,
3142 UINT8 *features, BOOLEAN is_new,UINT16 handle,
3143 tBT_TRANSPORT transport)
3144 #else
3145 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn,
3146 UINT8 *features, BOOLEAN is_new)
3147 #endif
3148 {
3149 tBTA_DM_ACL_CHANGE *p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE));
3150 if (p_msg != NULL)
3151 {
3152 memset(p_msg, 0, sizeof(tBTA_DM_ACL_CHANGE));
3153
3154 bdcpy(p_msg->bd_addr, p_bda);
3155 p_msg->is_new = is_new;
3156 #if BLE_INCLUDED == TRUE
3157 p_msg->handle = handle;
3158 p_msg->transport = transport;
3159 #endif
3160 /* This is collision case */
3161 if (features != NULL)
3162 {
3163 if ((features[0] == 0xFF) && !is_new)
3164 p_msg->event = BTM_BL_COLLISION_EVT;
3165 }
3166
3167 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT;
3168 bta_sys_sendmsg(p_msg);
3169 }
3170 }
3171
3172
3173 /*******************************************************************************
3174 **
3175 ** Function bta_dm_rs_cback
3176 **
3177 ** Description Receives the role switch complete event
3178 **
3179 ** Returns
3180 **
3181 *******************************************************************************/
bta_dm_rs_cback(tBTM_ROLE_SWITCH_CMPL * p1)3182 static void bta_dm_rs_cback (tBTM_ROLE_SWITCH_CMPL *p1)
3183 {
3184 UNUSED(p1);
3185 APPL_TRACE_WARNING("bta_dm_rs_cback:%d", bta_dm_cb.rs_event);
3186 if(bta_dm_cb.rs_event == BTA_DM_API_SEARCH_EVT)
3187 {
3188 bta_dm_cb.search_msg.rs_res = BTA_DM_RS_OK; /* do not care about the result for now */
3189 bta_dm_cb.rs_event = 0;
3190 bta_dm_search_start((tBTA_DM_MSG *)&bta_dm_cb.search_msg);
3191 }
3192 }
3193
3194 /*******************************************************************************
3195 **
3196 ** Function bta_dm_check_av
3197 **
3198 ** Description This function checks if AV is active
3199 ** if yes, make sure the AV link is master
3200 **
3201 ** Returns BOOLEAN - TRUE, if switch is in progress
3202 **
3203 *******************************************************************************/
bta_dm_check_av(UINT16 event)3204 static BOOLEAN bta_dm_check_av(UINT16 event)
3205 {
3206 BOOLEAN avoid_roleswitch = FALSE;
3207 BOOLEAN switching = FALSE;
3208 UINT8 i;
3209 tBTA_DM_PEER_DEVICE *p_dev;
3210
3211 #if defined(BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY) && (BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY == TRUE)
3212
3213 /* avoid role switch upon inquiry if a2dp is actively streaming as it
3214 introduces an audioglitch due to FW scheduling delays (unavoidable) */
3215 if (event == BTA_DM_API_SEARCH_EVT)
3216 {
3217 avoid_roleswitch = TRUE;
3218 }
3219 #endif
3220
3221 APPL_TRACE_WARNING("bta_dm_check_av:%d", bta_dm_cb.cur_av_count);
3222 if(bta_dm_cb.cur_av_count)
3223 {
3224 for(i=0; i<bta_dm_cb.device_list.count; i++)
3225 {
3226 p_dev = &bta_dm_cb.device_list.peer_device[i];
3227 APPL_TRACE_WARNING("[%d]: state:%d, info:x%x, avoid_rs %d",
3228 i, p_dev->conn_state, p_dev->info, avoid_roleswitch);
3229 if((p_dev->conn_state == BTA_DM_CONNECTED) && (p_dev->info & BTA_DM_DI_AV_ACTIVE) &&
3230 (avoid_roleswitch == FALSE))
3231 {
3232 /* make master and take away the role switch policy */
3233 if(BTM_CMD_STARTED == BTM_SwitchRole (p_dev->peer_bdaddr, HCI_ROLE_MASTER, (tBTM_CMPL_CB *)bta_dm_rs_cback))
3234 {
3235 /* the role switch command is actually sent */
3236 bta_dm_cb.rs_event = event;
3237 switching = TRUE;
3238 }
3239 /* else either already master or can not switch for some reasons */
3240 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3241 break;
3242 }
3243 }
3244 }
3245 return switching;
3246 }
3247
3248 /*******************************************************************************
3249 **
3250 ** Function bta_dm_acl_change
3251 **
3252 ** Description Process BTA_DM_ACL_CHANGE_EVT
3253 **
3254 **
3255 ** Returns void
3256 **
3257 *******************************************************************************/
bta_dm_acl_change(tBTA_DM_MSG * p_data)3258 void bta_dm_acl_change(tBTA_DM_MSG *p_data)
3259 {
3260
3261 UINT8 i;
3262 UINT8 *p;
3263 tBTA_DM_SEC conn;
3264 BOOLEAN is_new = p_data->acl_change.is_new;
3265 BD_ADDR_PTR p_bda = p_data->acl_change.bd_addr;
3266 BOOLEAN need_policy_change = FALSE;
3267 BOOLEAN issue_unpair_cb = FALSE;
3268
3269 tBTA_DM_PEER_DEVICE *p_dev;
3270 memset(&conn, 0, sizeof(tBTA_DM_SEC));
3271
3272 switch(p_data->acl_change.event)
3273 {
3274 case BTM_BL_UPDATE_EVT: /* busy level update */
3275 if( bta_dm_cb.p_sec_cback )
3276 {
3277 conn.busy_level.level = p_data->acl_change.busy_level;
3278 conn.busy_level.level_flags = p_data->acl_change.busy_level_flags;
3279 bta_dm_cb.p_sec_cback(BTA_DM_BUSY_LEVEL_EVT, &conn);
3280 }
3281 return;
3282
3283 case BTM_BL_ROLE_CHG_EVT: /* role change event */
3284 p_dev = bta_dm_find_peer_device(p_bda);
3285 if(p_dev)
3286 {
3287 APPL_TRACE_DEBUG("bta_dm_acl_change role chg info:x%x new_role:%d dev count:%d",
3288 p_dev->info, p_data->acl_change.new_role, bta_dm_cb.device_list.count);
3289 if(p_dev->info & BTA_DM_DI_AV_ACTIVE)
3290 {
3291 /* there's AV activity on this link */
3292 if(p_data->acl_change.new_role == HCI_ROLE_SLAVE && bta_dm_cb.device_list.count > 1
3293 && p_data->acl_change.hci_status == HCI_SUCCESS)
3294 {
3295 /* more than one connections and the AV connection is role switched to slave
3296 * switch it back to master and remove the switch policy */
3297 BTM_SwitchRole(p_bda, BTM_ROLE_MASTER, NULL);
3298 need_policy_change = TRUE;
3299 }
3300 else if (p_bta_dm_cfg->avoid_scatter && (p_data->acl_change.new_role == HCI_ROLE_MASTER))
3301 {
3302 /* if the link updated to be master include AV activities, remove the switch policy */
3303 need_policy_change = TRUE;
3304 }
3305
3306 if(need_policy_change)
3307 {
3308 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr);
3309 }
3310 }
3311 else
3312 {
3313 /* there's AV no activity on this link and role switch happened
3314 * check if AV is active
3315 * if so, make sure the AV link is master */
3316 bta_dm_check_av(0);
3317 }
3318 bta_sys_notify_role_chg(p_data->acl_change.bd_addr, p_data->acl_change.new_role, p_data->acl_change.hci_status);
3319 bdcpy(conn.role_chg.bd_addr, p_bda);
3320 conn.role_chg.new_role = (UINT8) p_data->acl_change.new_role;
3321 if( bta_dm_cb.p_sec_cback )
3322 bta_dm_cb.p_sec_cback(BTA_DM_ROLE_CHG_EVT, (tBTA_DM_SEC *)&conn);
3323 }
3324 return;
3325 }
3326
3327 /* Collision report from Stack: Notify profiles */
3328 if (p_data->acl_change.event == BTM_BL_COLLISION_EVT)
3329 {
3330 bta_sys_notify_collision (p_bda);
3331 return;
3332 }
3333
3334 if(is_new)
3335 {
3336 for(i=0; i<bta_dm_cb.device_list.count; i++)
3337 {
3338 if (!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda)
3339 #if BLE_INCLUDED == TRUE
3340 && bta_dm_cb.device_list.peer_device[i].conn_handle == p_data->acl_change.handle
3341 #endif
3342 )
3343 break;
3344
3345 }
3346
3347 if(i == bta_dm_cb.device_list.count)
3348 {
3349 if (bta_dm_cb.device_list.count < BTA_DM_NUM_PEER_DEVICE)
3350 {
3351 bdcpy(bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].peer_bdaddr, p_bda);
3352 bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].link_policy = bta_dm_cb.cur_policy;
3353 bta_dm_cb.device_list.count++;
3354 #if BLE_INCLUDED == TRUE
3355 bta_dm_cb.device_list.peer_device[i].conn_handle = p_data->acl_change.handle;
3356 if (p_data->acl_change.transport == BT_TRANSPORT_LE)
3357 bta_dm_cb.device_list.le_count++;
3358 #endif
3359 } else {
3360 APPL_TRACE_ERROR("%s max active connection reached, no resources", __func__);
3361 return;
3362 }
3363 }
3364
3365 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_CONNECTED;
3366 bta_dm_cb.device_list.peer_device[i].pref_role = BTA_ANY_ROLE;
3367 bdcpy(conn.link_up.bd_addr, p_bda);
3368 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_NONE;
3369 #if BLE_INCLUDED == TRUE
3370 conn.link_up.link_type = p_data->acl_change.transport;
3371 bta_dm_cb.device_list.peer_device[i].transport = p_data->acl_change.transport;
3372 #endif
3373
3374 if (((NULL != (p = BTM_ReadLocalFeatures ())) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) &&
3375 ((NULL != (p = BTM_ReadRemoteFeatures (p_bda))) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)))
3376 {
3377 /* both local and remote devices support SSR */
3378 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_USE_SSR;
3379 }
3380 APPL_TRACE_WARNING("%s info: 0x%x", __func__, bta_dm_cb.device_list.peer_device[i].info);
3381
3382 if (bta_dm_cb.p_sec_cback)
3383 bta_dm_cb.p_sec_cback(BTA_DM_LINK_UP_EVT, (tBTA_DM_SEC *)&conn);
3384 } else {
3385 for(i=0; i<bta_dm_cb.device_list.count; i++)
3386 {
3387 if (bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda)
3388 #if BLE_INCLUDED == TRUE
3389 ||bta_dm_cb.device_list.peer_device[i].transport != p_data->acl_change.transport
3390 #endif
3391 )
3392 continue;
3393
3394 if( bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_UNPAIRING )
3395 {
3396 if (BTM_SecDeleteDevice(bta_dm_cb.device_list.peer_device[i].peer_bdaddr))
3397 issue_unpair_cb = TRUE;
3398
3399 APPL_TRACE_DEBUG("%s: Unpairing: issue unpair CB = %d ",__FUNCTION__, issue_unpair_cb);
3400 }
3401
3402 conn.link_down.is_removed = bta_dm_cb.device_list.peer_device[i].remove_dev_pending;
3403
3404 for(; i<bta_dm_cb.device_list.count ; i++)
3405 {
3406 memcpy(&bta_dm_cb.device_list.peer_device[i], &bta_dm_cb.device_list.peer_device[i+1], sizeof(bta_dm_cb.device_list.peer_device[i]));
3407 }
3408 break;
3409 }
3410 if(bta_dm_cb.device_list.count)
3411 bta_dm_cb.device_list.count--;
3412 #if BLE_INCLUDED == TRUE
3413 if ((p_data->acl_change.transport == BT_TRANSPORT_LE) &&
3414 (bta_dm_cb.device_list.le_count))
3415 bta_dm_cb.device_list.le_count--;
3416 conn.link_down.link_type = p_data->acl_change.transport;
3417 #endif
3418
3419 if(bta_dm_search_cb.wait_disc && !bdcmp(bta_dm_search_cb.peer_bdaddr, p_bda))
3420 {
3421 bta_dm_search_cb.wait_disc = FALSE;
3422
3423 if(bta_dm_search_cb.sdp_results)
3424 {
3425 APPL_TRACE_EVENT(" timer stopped ");
3426 bta_sys_stop_timer(&bta_dm_search_cb.search_timer);
3427 bta_dm_discover_next_device();
3428 }
3429
3430 }
3431
3432 if(bta_dm_cb.disabling)
3433 {
3434 if(!BTM_GetNumAclLinks())
3435 {
3436 bta_sys_stop_timer(&bta_dm_cb.disable_timer);
3437 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback;
3438 /*
3439 * Start a timer to make sure that the profiles
3440 * get the disconnect event.
3441 */
3442 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1000);
3443 }
3444 }
3445 if (conn.link_down.is_removed)
3446 {
3447 BTM_SecDeleteDevice(p_bda);
3448 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
3449 /* need to remove all pending background connection */
3450 BTA_GATTC_CancelOpen(0, p_bda, FALSE);
3451 /* remove all cached GATT information */
3452 BTA_GATTC_Refresh(p_bda);
3453 #endif
3454 }
3455
3456 bdcpy(conn.link_down.bd_addr, p_bda);
3457 conn.link_down.status = (UINT8) btm_get_acl_disc_reason_code();
3458 if( bta_dm_cb.p_sec_cback )
3459 {
3460 bta_dm_cb.p_sec_cback(BTA_DM_LINK_DOWN_EVT, &conn);
3461 if( issue_unpair_cb )
3462 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &conn);
3463 }
3464 }
3465
3466 bta_dm_adjust_roles(TRUE);
3467 }
3468
3469 /*******************************************************************************
3470 **
3471 ** Function bta_dm_disable_conn_down_timer_cback
3472 **
3473 ** Description Sends disable event to application
3474 **
3475 **
3476 ** Returns void
3477 **
3478 *******************************************************************************/
bta_dm_disable_conn_down_timer_cback(TIMER_LIST_ENT * p_tle)3479 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle)
3480 {
3481 UNUSED(p_tle);
3482 tBTA_SYS_HW_MSG *sys_enable_event;
3483
3484 /* disable the power managment module */
3485 bta_dm_disable_pm();
3486
3487 /* register our callback to SYS HW manager */
3488 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback );
3489
3490 /* send a message to BTA SYS */
3491 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL)
3492 {
3493 sys_enable_event->hdr.event = BTA_SYS_API_DISABLE_EVT;
3494 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
3495 bta_sys_sendmsg(sys_enable_event);
3496 }
3497
3498 bta_dm_cb.disabling = FALSE;
3499
3500 }
3501
3502 /*******************************************************************************
3503 **
3504 ** Function bta_dm_rm_cback
3505 **
3506 ** Description Role management callback from sys
3507 **
3508 **
3509 ** Returns void
3510 **
3511 *******************************************************************************/
bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status,UINT8 id,UINT8 app_id,BD_ADDR peer_addr)3512 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr)
3513 {
3514
3515 UINT8 j;
3516 tBTA_PREF_ROLES role;
3517 tBTA_DM_PEER_DEVICE *p_dev;
3518
3519 p_dev = bta_dm_find_peer_device(peer_addr);
3520 if( status == BTA_SYS_CONN_OPEN)
3521 {
3522 if(p_dev)
3523 {
3524 /* Do not set to connected if we are in the middle of unpairing. When AV stream is
3525 * started it fakes out a SYS_CONN_OPEN to potentially trigger a role switch command.
3526 * But this should not be done if we are in the middle of unpairing.
3527 */
3528 if (p_dev->conn_state != BTA_DM_UNPAIRING)
3529 p_dev->conn_state = BTA_DM_CONNECTED;
3530
3531 for(j=1; j<= p_bta_dm_rm_cfg[0].app_id; j++)
3532 {
3533 if(((p_bta_dm_rm_cfg[j].app_id == app_id) || (p_bta_dm_rm_cfg[j].app_id == BTA_ALL_APP_ID))
3534 && (p_bta_dm_rm_cfg[j].id == id))
3535 {
3536 role = p_bta_dm_rm_cfg[j].cfg;
3537
3538 if(role > p_dev->pref_role )
3539 p_dev->pref_role = role;
3540 break;
3541 }
3542 }
3543 }
3544 }
3545
3546 if((BTA_ID_AV == id)||(BTA_ID_AVK ==id))
3547 {
3548 if( status == BTA_SYS_CONN_BUSY)
3549 {
3550 if(p_dev)
3551 p_dev->info |= BTA_DM_DI_AV_ACTIVE;
3552 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */
3553 if(BTA_ID_AV == id)
3554 bta_dm_cb.cur_av_count = bta_dm_get_av_count();
3555 }
3556 else if( status == BTA_SYS_CONN_IDLE)
3557 {
3558 if(p_dev)
3559 p_dev->info &= ~BTA_DM_DI_AV_ACTIVE;
3560
3561 /* get cur_av_count from connected services */
3562 if(BTA_ID_AV == id)
3563 bta_dm_cb.cur_av_count = bta_dm_get_av_count();
3564 }
3565 APPL_TRACE_WARNING("bta_dm_rm_cback:%d, status:%d", bta_dm_cb.cur_av_count, status);
3566 }
3567
3568 bta_dm_adjust_roles(FALSE);
3569 }
3570
3571 /*******************************************************************************
3572 **
3573 ** Function bta_dm_delay_role_switch_cback
3574 **
3575 ** Description Callback from btm to delay a role switch
3576 **
3577 ** Returns void
3578 **
3579 *******************************************************************************/
bta_dm_delay_role_switch_cback(TIMER_LIST_ENT * p_tle)3580 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle)
3581 {
3582 UNUSED(p_tle);
3583 APPL_TRACE_EVENT("bta_dm_delay_role_switch_cback: initiating Delayed RS");
3584 bta_dm_adjust_roles (FALSE);
3585 }
3586
3587 /*******************************************************************************
3588 **
3589 ** Function bta_dm_remove_sec_dev_entry
3590 **
3591 ** Description Removes device entry from Security device DB if ACL connection with
3592 ** remtoe device does not exist, else schedule for dev entry removal upon
3593 ACL close
3594 **
3595 ** Returns void
3596 **
3597 *******************************************************************************/
bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)3598 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr)
3599 {
3600 UINT16 index = 0;
3601 if ( BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_LE) ||
3602 BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_BR_EDR))
3603 {
3604 APPL_TRACE_DEBUG("%s ACL is not down. Schedule for Dev Removal when ACL closes",
3605 __FUNCTION__);
3606 for (index = 0; index < bta_dm_cb.device_list.count; index ++)
3607 {
3608 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, remote_bd_addr))
3609 break;
3610 }
3611 if (index != bta_dm_cb.device_list.count)
3612 {
3613 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE;
3614 }
3615 else
3616 {
3617 APPL_TRACE_ERROR(" %s Device does not exist in DB", __FUNCTION__);
3618 }
3619 }
3620 else
3621 {
3622 BTM_SecDeleteDevice (remote_bd_addr);
3623 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE)
3624 /* need to remove all pending background connection */
3625 BTA_GATTC_CancelOpen(0, remote_bd_addr, FALSE);
3626 /* remove all cached GATT information */
3627 BTA_GATTC_Refresh(remote_bd_addr);
3628 #endif
3629 }
3630 }
3631
3632
3633 /*******************************************************************************
3634 **
3635 ** Function bta_dm_adjust_roles
3636 **
3637 ** Description Adjust roles
3638 **
3639 **
3640 ** Returns void
3641 **
3642 *******************************************************************************/
bta_dm_adjust_roles(BOOLEAN delay_role_switch)3643 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch)
3644 {
3645
3646 UINT8 i;
3647 BOOLEAN set_master_role = FALSE;
3648 #if BLE_INCLUDED == TRUE
3649 UINT8 br_count = bta_dm_cb.device_list.count - bta_dm_cb.device_list.le_count;
3650 #else
3651 UINT8 br_count = bta_dm_cb.device_list.count;
3652 #endif
3653 if (br_count)
3654 {
3655
3656 /* the configuration is no scatternet
3657 * or AV connection exists and there are more than one ACL link */
3658 if ( (p_bta_dm_rm_cfg[0].cfg == BTA_DM_NO_SCATTERNET) ||
3659 (bta_dm_cb.cur_av_count && br_count > 1) )
3660 {
3661
3662 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3663 set_master_role = TRUE;
3664
3665 }
3666
3667 for(i=0; i<bta_dm_cb.device_list.count; i++)
3668 {
3669 if (bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED
3670 #if BLE_INCLUDED == TRUE
3671 && bta_dm_cb.device_list.peer_device[i].transport == BT_TRANSPORT_BR_EDR
3672 #endif
3673 )
3674 {
3675 if(!set_master_role && (bta_dm_cb.device_list.peer_device[i].pref_role != BTA_ANY_ROLE)
3676 && (p_bta_dm_rm_cfg[0].cfg == BTA_DM_PARTIAL_SCATTERNET))
3677 {
3678 L2CA_SetDesireRole (HCI_ROLE_MASTER);
3679 set_master_role = TRUE;
3680 }
3681
3682 if((bta_dm_cb.device_list.peer_device[i].pref_role == BTA_MASTER_ROLE_ONLY)
3683 || (bta_dm_cb.device_list.count > 1))
3684 {
3685
3686 /* Initiating immediate role switch with certain remote devices
3687 has caused issues due to role switch colliding with link encryption setup and
3688 causing encryption (and in turn the link) to fail . These device . Firmware
3689 versions are stored in a blacklist and role switch with these devices are
3690 delayed to avoid the collision with link encryption setup */
3691
3692 if (delay_role_switch == FALSE)
3693 {
3694 BTM_SwitchRole (bta_dm_cb.device_list.peer_device[i].peer_bdaddr,
3695 HCI_ROLE_MASTER, NULL);
3696 }
3697 else
3698 {
3699 bta_dm_cb.switch_delay_timer.p_cback =
3700 (TIMER_CBACK*)&bta_dm_delay_role_switch_cback;
3701 bta_sys_start_timer(&bta_dm_cb.switch_delay_timer, 0, 500);
3702 }
3703 }
3704
3705 }
3706 }
3707
3708
3709 if(!set_master_role)
3710 {
3711
3712 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3713
3714 }
3715
3716 }
3717 else
3718 {
3719 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE);
3720 }
3721
3722
3723 }
3724
3725 /*******************************************************************************
3726 **
3727 ** Function bta_dm_get_remname
3728 **
3729 ** Description Returns a pointer to the remote name stored in the DM control
3730 ** block if it exists, or from the BTM memory.
3731 **
3732 ** Returns char * - Pointer to the remote device name
3733 *******************************************************************************/
bta_dm_get_remname(void)3734 static char *bta_dm_get_remname(void)
3735 {
3736 char *p_name = (char *)bta_dm_search_cb.peer_name;
3737 char *p_temp;
3738
3739 /* If the name isn't already stored, try retrieving from BTM */
3740 if (*p_name == '\0')
3741 if ((p_temp = BTM_SecReadDevName(bta_dm_search_cb.peer_bdaddr)) != NULL)
3742 p_name = p_temp;
3743
3744 return p_name;
3745 }
3746
3747 /*******************************************************************************
3748 **
3749 ** Function bta_dm_bond_cancel_complete_cback
3750 **
3751 ** Description Authentication complete callback from BTM
3752 **
3753 ** Returns void
3754 **
3755 *******************************************************************************/
bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)3756 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result)
3757 {
3758
3759 tBTA_DM_SEC sec_event;
3760
3761 if (result == BTM_SUCCESS)
3762 sec_event.bond_cancel_cmpl.result = BTA_SUCCESS;
3763 else
3764 sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
3765
3766 if(bta_dm_cb.p_sec_cback)
3767 {
3768 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
3769 }
3770 }
3771
3772 /*******************************************************************************
3773 **
3774 ** Function bta_dm_set_eir
3775 **
3776 ** Description This function creates EIR tagged data and writes it to controller.
3777 **
3778 ** Returns None
3779 **
3780 *******************************************************************************/
bta_dm_set_eir(char * local_name)3781 static void bta_dm_set_eir (char *local_name)
3782 {
3783 BT_HDR *p_buf;
3784 UINT8 *p;
3785 UINT8 *p_length;
3786 #if (BTA_EIR_CANNED_UUID_LIST != TRUE)
3787 UINT8 *p_type;
3788 UINT8 max_num_uuid;
3789 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3790 UINT8 custom_uuid_idx;
3791 #endif // BTA_EIR_SERVER_NUM_CUSTOM_UUID
3792 #endif // BTA_EIR_CANNED_UUID_LIST
3793 #if (BTM_EIR_DEFAULT_FEC_REQUIRED == FALSE)
3794 UINT8 free_eir_length = HCI_EXT_INQ_RESPONSE_LEN;
3795 #else // BTM_EIR_DEFAULT_FEC_REQUIRED
3796 UINT8 free_eir_length = HCI_DM5_PACKET_SIZE;
3797 #endif // BTM_EIR_DEFAULT_FEC_REQUIRED
3798 UINT8 num_uuid;
3799 UINT8 data_type;
3800 UINT8 local_name_len;
3801
3802 /* wait until complete to disable */
3803 if (bta_dm_cb.disable_timer.in_use)
3804 return;
3805
3806 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )
3807 /* wait until App is ready */
3808 if (bta_dm_cb.app_ready_timer.in_use)
3809 return;
3810
3811 /* if local name is not provided, get it from controller */
3812 if( local_name == NULL )
3813 {
3814 if( BTM_ReadLocalDeviceName( &local_name ) != BTM_SUCCESS )
3815 {
3816 APPL_TRACE_ERROR("Fail to read local device name for EIR");
3817 }
3818 }
3819 #endif // BTA_EIR_CANNED_UUID_LIST
3820
3821 /* Allocate a buffer to hold HCI command */
3822 if ((p_buf = (BT_HDR *)GKI_getpoolbuf(BTM_CMD_POOL_ID)) == NULL)
3823 {
3824 APPL_TRACE_ERROR("bta_dm_set_eir couldn't allocate buffer");
3825 return;
3826 }
3827 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET;
3828
3829 memset(p, 0x00, HCI_EXT_INQ_RESPONSE_LEN );
3830
3831 APPL_TRACE_DEBUG("BTA is generating EIR");
3832
3833 if( local_name )
3834 local_name_len = strlen( local_name );
3835 else
3836 local_name_len = 0;
3837
3838 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
3839 /* if local name is longer than minimum length of shortened name */
3840 /* check whether it needs to be shortened or not */
3841 if( local_name_len > p_bta_dm_eir_cfg->bta_dm_eir_min_name_len )
3842 {
3843 /* get number of UUID 16-bit list */
3844 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
3845 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len/LEN_UUID_16;
3846 #else // BTA_EIR_CANNED_UUID_LIST
3847 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
3848 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p,
3849 max_num_uuid, &num_uuid );
3850 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; /* reset p */
3851 #endif // BTA_EIR_CANNED_UUID_LIST
3852
3853 /* if UUID doesn't fit remaing space, shorten local name */
3854 if ( local_name_len > (free_eir_length - 4 - num_uuid*LEN_UUID_16))
3855 {
3856 APPL_TRACE_WARNING("BTA EIR: local name is shortened");
3857 local_name_len = p_bta_dm_eir_cfg->bta_dm_eir_min_name_len;
3858 data_type = BTM_EIR_SHORTENED_LOCAL_NAME_TYPE;
3859 }
3860 else
3861 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE;
3862 }
3863
3864 UINT8_TO_STREAM(p, local_name_len + 1);
3865 UINT8_TO_STREAM(p, data_type);
3866
3867 if (local_name != NULL)
3868 {
3869 memcpy(p, local_name, local_name_len);
3870 p += local_name_len;
3871 }
3872 free_eir_length -= local_name_len + 2;
3873
3874 #if (BTA_EIR_CANNED_UUID_LIST == TRUE)
3875 /* if UUID list is provided as static data in configuration */
3876 if(( p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len > 0 )
3877 &&(p_bta_dm_eir_cfg->bta_dm_eir_uuid16))
3878 {
3879 if( free_eir_length > LEN_UUID_16 + 2)
3880 {
3881 free_eir_length -= 2;
3882
3883 if( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len)
3884 {
3885 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len / LEN_UUID_16;
3886 data_type = BTM_EIR_COMPLETE_16BITS_UUID_TYPE;
3887 }
3888 else /* not enough room for all UUIDs */
3889 {
3890 APPL_TRACE_WARNING("BTA EIR: UUID 16-bit list is truncated");
3891 num_uuid = free_eir_length / LEN_UUID_16;
3892 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
3893 }
3894 UINT8_TO_STREAM(p, num_uuid * LEN_UUID_16 + 1);
3895 UINT8_TO_STREAM(p, data_type);
3896 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_uuid16, num_uuid * LEN_UUID_16 );
3897 p += num_uuid * LEN_UUID_16;
3898 free_eir_length -= num_uuid * LEN_UUID_16;
3899 }
3900 }
3901 #else /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
3902 /* if UUID list is dynamic */
3903 if ( free_eir_length >= 2)
3904 {
3905 p_length = p++;
3906 p_type = p++;
3907 num_uuid = 0;
3908
3909 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16;
3910 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, max_num_uuid, &num_uuid );
3911
3912 if( data_type == BTM_EIR_MORE_16BITS_UUID_TYPE )
3913 {
3914 APPL_TRACE_WARNING("BTA EIR: UUID 16-bit list is truncated");
3915 }
3916 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3917 else
3918 {
3919 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
3920 {
3921 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_16)
3922 {
3923 if ( num_uuid < max_num_uuid )
3924 {
3925 UINT16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid16);
3926 num_uuid++;
3927 }
3928 else
3929 {
3930 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE;
3931 APPL_TRACE_WARNING("BTA EIR: UUID 16-bit list is truncated");
3932 break;
3933 }
3934 }
3935 }
3936 }
3937 #endif /* (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
3938
3939 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_16 + 1);
3940 UINT8_TO_STREAM(p_type, data_type);
3941 free_eir_length -= num_uuid * LEN_UUID_16 + 2;
3942 }
3943 #endif /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */
3944
3945 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0)
3946 /* Adding 32-bit UUID list */
3947 if ( free_eir_length >= 2)
3948 {
3949 p_length = p++;
3950 p_type = p++;
3951 num_uuid = 0;
3952 data_type = BTM_EIR_COMPLETE_32BITS_UUID_TYPE;
3953
3954 max_num_uuid = (free_eir_length - 2)/LEN_UUID_32;
3955
3956 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
3957 {
3958 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_32)
3959 {
3960 if ( num_uuid < max_num_uuid )
3961 {
3962 UINT32_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid32);
3963 num_uuid++;
3964 }
3965 else
3966 {
3967 data_type = BTM_EIR_MORE_32BITS_UUID_TYPE;
3968 APPL_TRACE_WARNING("BTA EIR: UUID 32-bit list is truncated");
3969 break;
3970 }
3971 }
3972 }
3973
3974 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_32 + 1);
3975 UINT8_TO_STREAM(p_type, data_type);
3976 free_eir_length -= num_uuid * LEN_UUID_32 + 2;
3977 }
3978
3979 /* Adding 128-bit UUID list */
3980 if ( free_eir_length >= 2)
3981 {
3982 p_length = p++;
3983 p_type = p++;
3984 num_uuid = 0;
3985 data_type = BTM_EIR_COMPLETE_128BITS_UUID_TYPE;
3986
3987 max_num_uuid = (free_eir_length - 2)/LEN_UUID_128;
3988
3989 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++)
3990 {
3991 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_128)
3992 {
3993 if ( num_uuid < max_num_uuid )
3994 {
3995 ARRAY16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid128);
3996 num_uuid++;
3997 }
3998 else
3999 {
4000 data_type = BTM_EIR_MORE_128BITS_UUID_TYPE;
4001 APPL_TRACE_WARNING("BTA EIR: UUID 128-bit list is truncated");
4002 break;
4003 }
4004 }
4005 }
4006
4007 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_128 + 1);
4008 UINT8_TO_STREAM(p_type, data_type);
4009 free_eir_length -= num_uuid * LEN_UUID_128 + 2;
4010 }
4011 #endif /* ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */
4012
4013 /* if Flags are provided in configuration */
4014 if(( p_bta_dm_eir_cfg->bta_dm_eir_flag_len > 0 )
4015 &&( p_bta_dm_eir_cfg->bta_dm_eir_flags )
4016 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2 ))
4017 {
4018 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 1);
4019 UINT8_TO_STREAM(p, BTM_EIR_FLAGS_TYPE);
4020 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_flags,
4021 p_bta_dm_eir_cfg->bta_dm_eir_flag_len);
4022 p += p_bta_dm_eir_cfg->bta_dm_eir_flag_len;
4023 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2;
4024 }
4025
4026 /* if Manufacturer Specific are provided in configuration */
4027 if(( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len > 0 )
4028 &&( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec )
4029 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2 ))
4030 {
4031 p_length = p;
4032
4033 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 1);
4034 UINT8_TO_STREAM(p, BTM_EIR_MANUFACTURER_SPECIFIC_TYPE);
4035 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec,
4036 p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len);
4037 p += p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len;
4038 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2;
4039
4040 }
4041 else
4042 {
4043 p_length = NULL;
4044 }
4045
4046 /* if Inquiry Tx Resp Power compiled */
4047 if ((p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power) &&
4048 (free_eir_length >= 3))
4049 {
4050 UINT8_TO_STREAM(p, 2); /* Length field */
4051 UINT8_TO_STREAM(p, BTM_EIR_TX_POWER_LEVEL_TYPE);
4052 UINT8_TO_STREAM(p, *(p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power));
4053 free_eir_length -= 3;
4054 }
4055
4056 if( free_eir_length )
4057 UINT8_TO_STREAM(p, 0); /* terminator of significant part */
4058
4059 BTM_WriteEIR( p_buf );
4060
4061 }
4062
4063 /*******************************************************************************
4064 **
4065 ** Function bta_dm_eir_search_services
4066 **
4067 ** Description This function searches services in received EIR
4068 **
4069 ** Returns None
4070 **
4071 *******************************************************************************/
bta_dm_eir_search_services(tBTM_INQ_RESULTS * p_result,tBTA_SERVICE_MASK * p_services_to_search,tBTA_SERVICE_MASK * p_services_found)4072 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result,
4073 tBTA_SERVICE_MASK *p_services_to_search,
4074 tBTA_SERVICE_MASK *p_services_found)
4075 {
4076 tBTA_SERVICE_MASK service_index = 0;
4077 tBTM_EIR_SEARCH_RESULT result;
4078
4079 APPL_TRACE_DEBUG("BTA searching services in EIR of BDA:0x%02X%02X%02X%02X%02X%02X",
4080 p_result->remote_bd_addr[0],p_result->remote_bd_addr[1],
4081 p_result->remote_bd_addr[2],p_result->remote_bd_addr[3],
4082 p_result->remote_bd_addr[4],p_result->remote_bd_addr[5]);
4083
4084 APPL_TRACE_DEBUG(" with services_to_search=0x%08X", *p_services_to_search);
4085
4086 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE
4087 /* always do GATT based service discovery by SDP instead of from EIR */
4088 /* if GATT based service is also to be put in EIR, need to modify this */
4089 while (service_index < (BTA_MAX_SERVICE_ID - 1))
4090 #else
4091 while(service_index < BTA_MAX_SERVICE_ID)
4092 #endif
4093 {
4094 if( *p_services_to_search
4095 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)))
4096 {
4097 result = BTM_HasInquiryEirService( p_result,
4098 bta_service_id_to_uuid_lkup_tbl[service_index] );
4099
4100 /* Searching for HSP v1.2 only device */
4101 if ((result != BTM_EIR_FOUND) &&
4102 (bta_service_id_to_uuid_lkup_tbl[service_index] == UUID_SERVCLASS_HEADSET))
4103 {
4104 result = BTM_HasInquiryEirService (p_result, UUID_SERVCLASS_HEADSET_HS);
4105 }
4106
4107 if( result == BTM_EIR_FOUND )
4108 {
4109 /* If Plug and Play service record, need to check to see if Broadcom stack */
4110 /* However, EIR data doesn't have EXT_BRCM_VERSION so just skip it */
4111 if( bta_service_id_to_uuid_lkup_tbl[service_index]
4112 != UUID_SERVCLASS_PNP_INFORMATION )
4113 {
4114
4115 *p_services_found |=
4116 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index));
4117 /* remove the service from services to be searched */
4118 *p_services_to_search &=
4119 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4120 }
4121 }
4122 else if( result == BTM_EIR_NOT_FOUND )
4123 {
4124 /* remove the service from services to be searched */
4125 *p_services_to_search &=
4126 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)));
4127 }
4128 }
4129
4130 service_index++;
4131 }
4132
4133 APPL_TRACE_ERROR("BTA EIR search result, services_to_search=0x%08X, services_found=0x%08X",
4134 *p_services_to_search, *p_services_found);
4135 }
4136
4137 #if (BTA_EIR_CANNED_UUID_LIST != TRUE)
4138 /*******************************************************************************
4139 **
4140 ** Function bta_dm_eir_update_uuid
4141 **
4142 ** Description This function adds or removes service UUID in EIR database.
4143 **
4144 ** Returns None
4145 **
4146 *******************************************************************************/
bta_dm_eir_update_uuid(UINT16 uuid16,BOOLEAN adding)4147 void bta_dm_eir_update_uuid(UINT16 uuid16, BOOLEAN adding)
4148 {
4149 /* if this UUID is not advertised in EIR */
4150 if( !BTM_HasEirService( p_bta_dm_eir_cfg->uuid_mask, uuid16 ))
4151 return;
4152
4153 if( adding )
4154 {
4155 APPL_TRACE_EVENT("Adding UUID=0x%04X into EIR", uuid16);
4156
4157 BTM_AddEirService( bta_dm_cb.eir_uuid, uuid16 );
4158 }
4159 else
4160 {
4161 APPL_TRACE_EVENT("Removing UUID=0x%04X from EIR", uuid16);
4162
4163 BTM_RemoveEirService( bta_dm_cb.eir_uuid, uuid16 );
4164 }
4165
4166 bta_dm_set_eir (NULL);
4167
4168 APPL_TRACE_EVENT("bta_dm_eir_update_uuid UUID bit mask=0x%08X %08X",
4169 bta_dm_cb.eir_uuid[1], bta_dm_cb.eir_uuid[0] );
4170 }
4171 #endif
4172
4173 /*******************************************************************************
4174 **
4175 ** Function bta_dm_enable_test_mode
4176 **
4177 ** Description enable test mode
4178 **
4179 **
4180 ** Returns void
4181 **
4182 *******************************************************************************/
bta_dm_enable_test_mode(tBTA_DM_MSG * p_data)4183 void bta_dm_enable_test_mode(tBTA_DM_MSG *p_data)
4184 {
4185 UNUSED(p_data);
4186 BTM_EnableTestMode();
4187 }
4188
4189 /*******************************************************************************
4190 **
4191 ** Function bta_dm_disable_test_mode
4192 **
4193 ** Description disable test mode
4194 **
4195 **
4196 ** Returns void
4197 **
4198 *******************************************************************************/
bta_dm_disable_test_mode(tBTA_DM_MSG * p_data)4199 void bta_dm_disable_test_mode(tBTA_DM_MSG *p_data)
4200 {
4201 UNUSED(p_data);
4202 BTM_DeviceReset(NULL);
4203 }
4204
4205 /*******************************************************************************
4206 **
4207 ** Function bta_dm_execute_callback
4208 **
4209 ** Description Just execute a generic call back in the context of the BTU/BTA tack
4210 **
4211 **
4212 ** Returns void
4213 **
4214 *******************************************************************************/
bta_dm_execute_callback(tBTA_DM_MSG * p_data)4215 void bta_dm_execute_callback(tBTA_DM_MSG *p_data)
4216 {
4217 /* sanity check */
4218 if(p_data->exec_cback.p_exec_cback == NULL)
4219 {
4220 return;
4221 }
4222
4223 p_data->exec_cback.p_exec_cback(p_data->exec_cback.p_param);
4224 }
4225
4226 /*******************************************************************************
4227 **
4228 ** Function bta_dm_encrypt_cback
4229 **
4230 ** Description link encryption complete callback.
4231 **
4232 ** Returns None
4233 **
4234 *******************************************************************************/
bta_dm_encrypt_cback(BD_ADDR bd_addr,tBT_TRANSPORT transport,void * p_ref_data,tBTM_STATUS result)4235 void bta_dm_encrypt_cback(BD_ADDR bd_addr, tBT_TRANSPORT transport, void *p_ref_data, tBTM_STATUS result)
4236 {
4237 tBTA_STATUS bta_status = BTA_SUCCESS;
4238 tBTA_DM_ENCRYPT_CBACK *p_callback = NULL;
4239 UINT8 i ;
4240 UNUSED(p_ref_data);
4241
4242 for (i=0; i<bta_dm_cb.device_list.count; i++)
4243 {
4244 if (bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, bd_addr) == 0 &&
4245 bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED)
4246 break;
4247 }
4248
4249 if (i < bta_dm_cb.device_list.count)
4250 {
4251 p_callback = bta_dm_cb.device_list.peer_device[i].p_encrypt_cback;
4252 bta_dm_cb.device_list.peer_device[i].p_encrypt_cback = NULL;
4253 }
4254
4255 switch (result)
4256 {
4257 case BTM_SUCCESS:
4258 break;
4259 case BTM_WRONG_MODE:
4260 bta_status = BTA_WRONG_MODE;
4261 break;
4262 case BTM_NO_RESOURCES:
4263 bta_status = BTA_NO_RESOURCES;
4264 break;
4265 case BTM_BUSY:
4266 bta_status = BTA_BUSY;
4267 break;
4268 default:
4269 bta_status = BTA_FAILURE;
4270 break;
4271 }
4272
4273 APPL_TRACE_DEBUG("bta_dm_encrypt_cback status =%d p_callback=0x%x", bta_status, p_callback);
4274
4275 if (p_callback)
4276 {
4277 (*p_callback)(bd_addr, transport, bta_status);
4278 }
4279 }
4280
4281 /*******************************************************************************
4282 **
4283 ** Function bta_dm_set_encryption
4284 **
4285 ** Description This function to encrypt the link
4286 **
4287 ** Returns None
4288 **
4289 *******************************************************************************/
bta_dm_set_encryption(tBTA_DM_MSG * p_data)4290 void bta_dm_set_encryption (tBTA_DM_MSG *p_data)
4291 {
4292 UINT8 i ;
4293
4294 APPL_TRACE_DEBUG("bta_dm_set_encryption"); //todo
4295 if (!p_data->set_encryption.p_callback)
4296 {
4297 APPL_TRACE_ERROR("bta_dm_set_encryption callback is not provided");
4298 return;
4299 }
4300 for (i=0; i<bta_dm_cb.device_list.count; i++)
4301 {
4302 if (bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_data->set_encryption.bd_addr) == 0 &&
4303 bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED)
4304 break;
4305 }
4306 if (i < bta_dm_cb.device_list.count)
4307 {
4308 if (bta_dm_cb.device_list.peer_device[i].p_encrypt_cback)
4309 {
4310 APPL_TRACE_ERROR("earlier enc was not done for same device");
4311 (*p_data->set_encryption.p_callback)(p_data->set_encryption.bd_addr,
4312 p_data->set_encryption.transport,
4313 BTA_BUSY);
4314 return;
4315 }
4316
4317 if (BTM_SetEncryption(p_data->set_encryption.bd_addr, p_data->set_encryption.transport,
4318 bta_dm_encrypt_cback, &p_data->set_encryption.sec_act)
4319 == BTM_CMD_STARTED)
4320 {
4321 bta_dm_cb.device_list.peer_device[i].p_encrypt_cback = p_data->set_encryption.p_callback;
4322 }
4323 }
4324 }
4325
4326 #if (BLE_INCLUDED == TRUE)
4327 /*******************************************************************************
4328 **
4329 ** Function bta_dm_observe_results_cb
4330 **
4331 ** Description Callback for BLE Observe result
4332 **
4333 **
4334 ** Returns void
4335 **
4336 *******************************************************************************/
bta_dm_observe_results_cb(tBTM_INQ_RESULTS * p_inq,UINT8 * p_eir)4337 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir)
4338 {
4339 ;
4340 tBTA_DM_SEARCH result;
4341 tBTM_INQ_INFO *p_inq_info;
4342 APPL_TRACE_DEBUG("bta_dm_observe_results_cb")
4343
4344 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr);
4345 result.inq_res.rssi = p_inq->rssi;
4346 result.inq_res.ble_addr_type = p_inq->ble_addr_type;
4347 result.inq_res.inq_result_type = p_inq->inq_result_type;
4348 result.inq_res.device_type = p_inq->device_type;
4349 result.inq_res.flag = p_inq->flag;
4350
4351 /* application will parse EIR to find out remote device name */
4352 result.inq_res.p_eir = p_eir;
4353
4354 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL)
4355 {
4356 /* initialize remt_name_not_required to FALSE so that we get the name by default */
4357 result.inq_res.remt_name_not_required = FALSE;
4358 }
4359
4360 if(bta_dm_search_cb.p_scan_cback)
4361 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_RES_EVT, &result);
4362
4363 if(p_inq_info)
4364 {
4365 /* application indicates if it knows the remote name, inside the callback
4366 copy that to the inquiry data base*/
4367 if(result.inq_res.remt_name_not_required)
4368 p_inq_info->appl_knows_rem_name = TRUE;
4369 }
4370 }
4371
4372 /*******************************************************************************
4373 **
4374 ** Function bta_dm_observe_cmpl_cb
4375 **
4376 ** Description Callback for BLE Observe complete
4377 **
4378 **
4379 ** Returns void
4380 **
4381 *******************************************************************************/
bta_dm_observe_cmpl_cb(void * p_result)4382 static void bta_dm_observe_cmpl_cb (void * p_result)
4383 {
4384 tBTA_DM_SEARCH data;
4385
4386 APPL_TRACE_DEBUG("bta_dm_observe_cmpl_cb");
4387
4388 data.inq_cmpl.num_resps = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp;
4389 if (bta_dm_search_cb.p_scan_cback)
4390 {
4391 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data);
4392 }
4393 }
4394
4395 #if (SMP_INCLUDED == TRUE)
4396 /*******************************************************************************
4397 **
4398 ** Function bta_dm_ble_smp_cback
4399 **
4400 ** Description Callback for BLE SMP
4401 **
4402 **
4403 ** Returns void
4404 **
4405 *******************************************************************************/
bta_dm_ble_smp_cback(tBTM_LE_EVT event,BD_ADDR bda,tBTM_LE_EVT_DATA * p_data)4406 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data)
4407 {
4408 tBTM_STATUS status = BTM_SUCCESS;
4409 tBTA_DM_SEC sec_event;
4410 char *p_name = NULL;
4411 UINT8 i;
4412 tBT_DEVICE_TYPE dev_type;
4413
4414 if (!bta_dm_cb.p_sec_cback)
4415 return BTM_NOT_AUTHORIZED;
4416
4417 memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
4418 switch (event)
4419 {
4420 case BTM_LE_IO_REQ_EVT:
4421 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
4422
4423 bta_dm_co_ble_io_req(bda,
4424 &p_data->io_req.io_cap,
4425 &p_data->io_req.oob_data,
4426 &p_data->io_req.auth_req,
4427 &p_data->io_req.max_key_size,
4428 &p_data->io_req.init_keys,
4429 &p_data->io_req.resp_keys);
4430 #endif
4431 #if BTM_OOB_INCLUDED == FALSE
4432 status = BTM_SUCCESS;
4433 #endif
4434 APPL_TRACE_EVENT("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data);
4435
4436 break;
4437
4438 case BTM_LE_SEC_REQUEST_EVT:
4439 bdcpy(sec_event.ble_req.bd_addr, bda);
4440 p_name = BTM_SecReadDevName(bda);
4441 if (p_name != NULL)
4442 {
4443 BCM_STRNCPY_S((char*)sec_event.ble_req.bd_name,
4444 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4445 }
4446 else
4447 {
4448 sec_event.ble_req.bd_name[0] = 0;
4449 }
4450 sec_event.ble_req.bd_name[BD_NAME_LEN] = 0;
4451 bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event);
4452 break;
4453
4454 case BTM_LE_KEY_NOTIF_EVT:
4455 bdcpy(sec_event.key_notif.bd_addr, bda);
4456 p_name = BTM_SecReadDevName(bda);
4457 if (p_name != NULL)
4458 {
4459 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name,
4460 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4461 }
4462 else
4463 {
4464 sec_event.key_notif.bd_name[0] = 0;
4465 }
4466 sec_event.ble_req.bd_name[BD_NAME_LEN] = 0;
4467 sec_event.key_notif.passkey = p_data->key_notif;
4468 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event);
4469 break;
4470
4471 case BTM_LE_KEY_REQ_EVT:
4472 bdcpy(sec_event.ble_req.bd_addr, bda);
4473 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_REQ_EVT, &sec_event);
4474 break;
4475
4476 case BTM_LE_OOB_REQ_EVT:
4477 bdcpy(sec_event.ble_req.bd_addr, bda);
4478 bta_dm_cb.p_sec_cback(BTA_DM_BLE_OOB_REQ_EVT, &sec_event);
4479 break;
4480
4481 case BTM_LE_NC_REQ_EVT:
4482 bdcpy(sec_event.key_notif.bd_addr, bda);
4483 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN));
4484 sec_event.ble_req.bd_name[BD_NAME_LEN] = 0;
4485 sec_event.key_notif.passkey = p_data->key_notif;
4486 bta_dm_cb.p_sec_cback(BTA_DM_BLE_NC_REQ_EVT, &sec_event);
4487 break;
4488
4489 case BTM_LE_KEY_EVT:
4490 bdcpy(sec_event.ble_key.bd_addr, bda);
4491 sec_event.ble_key.key_type = p_data->key.key_type;
4492 sec_event.ble_key.p_key_value = p_data->key.p_key_value;
4493 bta_dm_cb.p_sec_cback(BTA_DM_BLE_KEY_EVT, &sec_event);
4494 break;
4495
4496 case BTM_LE_COMPLT_EVT:
4497 bdcpy(sec_event.auth_cmpl.bd_addr, bda);
4498 #if BLE_INCLUDED == TRUE
4499 BTM_ReadDevInfo(bda, &sec_event.auth_cmpl.dev_type, &sec_event.auth_cmpl.addr_type);
4500 #endif
4501 p_name = BTM_SecReadDevName(bda);
4502 if (p_name != NULL)
4503 {
4504 BCM_STRNCPY_S((char*)sec_event.auth_cmpl.bd_name,
4505 sizeof(BD_NAME), p_name, (BD_NAME_LEN));
4506 }
4507 else
4508 {
4509 sec_event.auth_cmpl.bd_name[0] = 0;
4510 }
4511 if (p_data->complt.reason != 0)
4512 {
4513 sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason));
4514 /* delete this device entry from Sec Dev DB */
4515 bta_dm_remove_sec_dev_entry (bda);
4516 }
4517 else
4518 {
4519 sec_event.auth_cmpl.success = TRUE;
4520 if (!p_data->complt.smp_over_br)
4521 GATT_ConfigServiceChangeCCC(bda, TRUE, BT_TRANSPORT_LE);
4522 }
4523
4524 if (bta_dm_cb.p_sec_cback)
4525 {
4526 //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
4527 bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event);
4528 }
4529
4530 break;
4531
4532 default:
4533 status = BTM_NOT_AUTHORIZED;
4534 break;
4535 }
4536 return status;
4537 }
4538 #endif /* SMP_INCLUDED == TRUE */
4539
4540 /*******************************************************************************
4541 **
4542 ** Function bta_dm_ble_id_key_cback
4543 **
4544 ** Description Callback for BLE local ID keys
4545 **
4546 **
4547 ** Returns void
4548 **
4549 *******************************************************************************/
bta_dm_ble_id_key_cback(UINT8 key_type,tBTM_BLE_LOCAL_KEYS * p_key)4550 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key)
4551 {
4552 UINT8 evt;
4553 tBTA_DM_SEC dm_key;
4554
4555 switch (key_type)
4556 {
4557 case BTM_BLE_KEY_TYPE_ID:
4558 case BTM_BLE_KEY_TYPE_ER:
4559 if (bta_dm_cb.p_sec_cback)
4560 {
4561 memcpy(&dm_key.ble_id_keys, p_key, sizeof(tBTM_BLE_LOCAL_KEYS));
4562
4563 evt = (key_type == BTM_BLE_KEY_TYPE_ID) ? BTA_DM_BLE_LOCAL_IR_EVT :\
4564 BTA_DM_BLE_LOCAL_ER_EVT;
4565 bta_dm_cb.p_sec_cback(evt, &dm_key);
4566 }
4567 break;
4568
4569 default:
4570 APPL_TRACE_DEBUG("Unknown key type %d", key_type);
4571 break;
4572 }
4573 return;
4574
4575 }
4576
4577 /*******************************************************************************
4578 **
4579 ** Function bta_dm_add_blekey
4580 **
4581 ** Description This function adds an BLE Key to an security database entry.
4582 ** This function shall only be called AFTER BTA_DmAddBleDevice has been called.
4583 ** It is normally called during host startup to restore all required information
4584 ** stored in the NVRAM.
4585 **
4586 ** Parameters:
4587 **
4588 *******************************************************************************/
bta_dm_add_blekey(tBTA_DM_MSG * p_data)4589 void bta_dm_add_blekey (tBTA_DM_MSG *p_data)
4590 {
4591 if (!BTM_SecAddBleKey (p_data->add_ble_key.bd_addr,
4592 (tBTM_LE_KEY_VALUE *)&p_data->add_ble_key.blekey,
4593 p_data->add_ble_key.key_type))
4594 {
4595 APPL_TRACE_ERROR ("BTA_DM: Error adding BLE Key for device %08x%04x",
4596 (p_data->add_ble_key.bd_addr[0]<<24)+(p_data->add_ble_key.bd_addr[1]<<16)+\
4597 (p_data->add_ble_key.bd_addr[2]<<8)+p_data->add_ble_key.bd_addr[3],
4598 (p_data->add_ble_key.bd_addr[4]<<8)+p_data->add_ble_key.bd_addr[5]);
4599 }
4600 }
4601
4602 /*******************************************************************************
4603 **
4604 ** Function bta_dm_add_ble_device
4605 **
4606 ** Description This function adds an BLE device to an security database entry.
4607 ** It is normally called during host startup to restore all required information
4608 ** stored in the NVRAM.
4609 **
4610 ** Parameters:
4611 **
4612 *******************************************************************************/
bta_dm_add_ble_device(tBTA_DM_MSG * p_data)4613 void bta_dm_add_ble_device (tBTA_DM_MSG *p_data)
4614 {
4615 if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL,
4616 p_data->add_ble_device.dev_type ,
4617 p_data->add_ble_device.addr_type))
4618 {
4619 APPL_TRACE_ERROR ("BTA_DM: Error adding BLE Device for device %08x%04x",
4620 (p_data->add_ble_device.bd_addr[0]<<24)+(p_data->add_ble_device.bd_addr[1]<<16)+ \
4621 (p_data->add_ble_device.bd_addr[2]<<8)+p_data->add_ble_device.bd_addr[3],
4622 (p_data->add_ble_device.bd_addr[4]<<8)+p_data->add_ble_device.bd_addr[5]);
4623 }
4624 }
4625
4626 /*******************************************************************************
4627 **
4628 ** Function bta_dm_add_ble_device
4629 **
4630 ** Description This function adds an BLE device to an security database entry.
4631 ** It is normally called during host startup to restore all required information
4632 ** stored in the NVRAM.
4633 **
4634 ** Parameters:
4635 **
4636 *******************************************************************************/
bta_dm_ble_passkey_reply(tBTA_DM_MSG * p_data)4637 void bta_dm_ble_passkey_reply (tBTA_DM_MSG *p_data)
4638 {
4639 if (p_data->pin_reply.accept)
4640 {
4641 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_SUCCESS, p_data->ble_passkey_reply.passkey);
4642 }
4643 else
4644 {
4645 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED, p_data->ble_passkey_reply.passkey);
4646 }
4647
4648 }
4649
4650 /*******************************************************************************
4651 **
4652 ** Function bta_dm_ble_confirm_reply
4653 **
4654 ** Description This is response to SM numeric comparison request submitted
4655 ** to application.
4656 **
4657 ** Parameters:
4658 **
4659 *******************************************************************************/
bta_dm_ble_confirm_reply(tBTA_DM_MSG * p_data)4660 void bta_dm_ble_confirm_reply (tBTA_DM_MSG *p_data)
4661 {
4662 if (p_data->confirm.accept)
4663 {
4664 BTM_BleConfirmReply(p_data->confirm.bd_addr, BTM_SUCCESS);
4665 }
4666 else
4667 {
4668 BTM_BleConfirmReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED);
4669 }
4670 }
4671
4672 /*******************************************************************************
4673 **
4674 ** Function bta_dm_security_grant
4675 **
4676 ** Description This function grant SMP security request access.
4677 **
4678 ** Parameters:
4679 **
4680 *******************************************************************************/
bta_dm_security_grant(tBTA_DM_MSG * p_data)4681 void bta_dm_security_grant (tBTA_DM_MSG *p_data)
4682 {
4683 BTM_SecurityGrant(p_data->ble_sec_grant.bd_addr, p_data->ble_sec_grant.res);
4684 }
4685
4686 /*******************************************************************************
4687 **
4688 ** Function bta_dm_ble_set_bg_conn_type
4689 **
4690 ** Description This function set the BLE background connection type
4691 **
4692 ** Parameters:
4693 **
4694 *******************************************************************************/
bta_dm_ble_set_bg_conn_type(tBTA_DM_MSG * p_data)4695 void bta_dm_ble_set_bg_conn_type (tBTA_DM_MSG *p_data)
4696 {
4697 BTM_BleSetBgConnType(p_data->ble_set_bd_conn_type.bg_conn_type,
4698 p_data->ble_set_bd_conn_type.p_select_cback);
4699 }
4700
4701 /*******************************************************************************
4702 **
4703 ** Function bta_dm_ble_set_conn_params
4704 **
4705 ** Description This function set the preferred connection parameters.
4706 **
4707 ** Parameters:
4708 **
4709 *******************************************************************************/
bta_dm_ble_set_conn_params(tBTA_DM_MSG * p_data)4710 void bta_dm_ble_set_conn_params (tBTA_DM_MSG *p_data)
4711 {
4712 BTM_BleSetPrefConnParams(p_data->ble_set_conn_params.peer_bda,
4713 p_data->ble_set_conn_params.conn_int_min,
4714 p_data->ble_set_conn_params.conn_int_max,
4715 p_data->ble_set_conn_params.slave_latency,
4716 p_data->ble_set_conn_params.supervision_tout);
4717 }
4718
4719 /*******************************************************************************
4720 **
4721 ** Function bta_dm_ble_set_conn_scan_params
4722 **
4723 ** Description This function sets BLE scan parameters.
4724 **
4725 ** Parameters:
4726 **
4727 *******************************************************************************/
bta_dm_ble_set_scan_params(tBTA_DM_MSG * p_data)4728 void bta_dm_ble_set_scan_params(tBTA_DM_MSG *p_data)
4729 {
4730 BTM_BleSetScanParams(p_data->ble_set_scan_params.client_if,
4731 p_data->ble_set_scan_params.scan_int,
4732 p_data->ble_set_scan_params.scan_window,
4733 p_data->ble_set_scan_params.scan_mode,
4734 p_data->ble_set_scan_params.scan_param_setup_cback);
4735 }
4736
4737 /*******************************************************************************
4738 **
4739 ** Function bta_dm_ble_set_conn_scan_params
4740 **
4741 ** Description This function set the preferred connection scan parameters.
4742 **
4743 ** Parameters:
4744 **
4745 *******************************************************************************/
bta_dm_ble_set_conn_scan_params(tBTA_DM_MSG * p_data)4746 void bta_dm_ble_set_conn_scan_params (tBTA_DM_MSG *p_data)
4747 {
4748 BTM_BleSetConnScanParams(p_data->ble_set_conn_scan_params.scan_int,
4749 p_data->ble_set_conn_scan_params.scan_window);
4750 }
4751 /*******************************************************************************
4752 **
4753 ** Function bta_dm_ble_update_conn_params
4754 **
4755 ** Description This function update LE connection parameters.
4756 **
4757 ** Parameters:
4758 **
4759 *******************************************************************************/
bta_dm_ble_update_conn_params(tBTA_DM_MSG * p_data)4760 void bta_dm_ble_update_conn_params (tBTA_DM_MSG *p_data)
4761 {
4762 if (!L2CA_UpdateBleConnParams(p_data->ble_update_conn_params.bd_addr,
4763 p_data->ble_update_conn_params.min_int,
4764 p_data->ble_update_conn_params.max_int,
4765 p_data->ble_update_conn_params.latency,
4766 p_data->ble_update_conn_params.timeout))
4767 {
4768 APPL_TRACE_ERROR("Update connection parameters failed!");
4769 }
4770 }
4771
4772 #if BLE_PRIVACY_SPT == TRUE
4773 /*******************************************************************************
4774 **
4775 ** Function bta_dm_ble_config_local_privacy
4776 **
4777 ** Description This function set the local device LE privacy settings.
4778 **
4779 ** Parameters:
4780 **
4781 *******************************************************************************/
bta_dm_ble_config_local_privacy(tBTA_DM_MSG * p_data)4782 void bta_dm_ble_config_local_privacy (tBTA_DM_MSG *p_data)
4783 {
4784 BTM_BleConfigPrivacy (p_data->ble_local_privacy.privacy_enable);
4785 }
4786 #endif
4787
4788 /*******************************************************************************
4789 **
4790 ** Function bta_dm_ble_observe
4791 **
4792 ** Description This function set the preferred connection scan parameters.
4793 **
4794 ** Parameters:
4795 **
4796 *******************************************************************************/
bta_dm_ble_observe(tBTA_DM_MSG * p_data)4797 void bta_dm_ble_observe (tBTA_DM_MSG *p_data)
4798 {
4799 tBTM_STATUS status;
4800 if (p_data->ble_observe.start)
4801 {
4802 /*Save the callback to be called when a scan results are available */
4803 bta_dm_search_cb.p_scan_cback = p_data->ble_observe.p_cback;
4804 if ((status = BTM_BleObserve(TRUE, p_data->ble_observe.duration,
4805 bta_dm_observe_results_cb, bta_dm_observe_cmpl_cb))!= BTM_CMD_STARTED)
4806 {
4807 tBTA_DM_SEARCH data;
4808 APPL_TRACE_WARNING(" %s BTM_BleObserve failed. status %d",__FUNCTION__,status);
4809 data.inq_cmpl.num_resps = 0;
4810 if (bta_dm_search_cb.p_scan_cback)
4811 {
4812 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data);
4813 }
4814 }
4815 }
4816 else
4817 {
4818 bta_dm_search_cb.p_scan_cback = NULL;
4819 BTM_BleObserve(FALSE, 0, NULL,NULL );
4820 }
4821 }
4822 /*******************************************************************************
4823 **
4824 ** Function bta_dm_ble_set_adv_params
4825 **
4826 ** Description This function set the adv parameters.
4827 **
4828 ** Parameters:
4829 **
4830 *******************************************************************************/
bta_dm_ble_set_adv_params(tBTA_DM_MSG * p_data)4831 void bta_dm_ble_set_adv_params (tBTA_DM_MSG *p_data)
4832 {
4833 BTM_BleSetAdvParams(p_data->ble_set_adv_params.adv_int_min,
4834 p_data->ble_set_adv_params.adv_int_max,
4835 p_data->ble_set_adv_params.p_dir_bda,
4836 BTA_DM_BLE_ADV_CHNL_MAP);
4837 }
4838
4839 /*******************************************************************************
4840 **
4841 ** Function bta_dm_ble_set_adv_config
4842 **
4843 ** Description This function set the customized ADV data configuration
4844 **
4845 ** Parameters:
4846 **
4847 *******************************************************************************/
bta_dm_ble_set_adv_config(tBTA_DM_MSG * p_data)4848 void bta_dm_ble_set_adv_config (tBTA_DM_MSG *p_data)
4849 {
4850 tBTA_STATUS status = BTA_FAILURE;
4851
4852 if (BTM_BleWriteAdvData(p_data->ble_set_adv_data.data_mask,
4853 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg) == BTM_SUCCESS)
4854 {
4855 status = BTA_SUCCESS;
4856 }
4857
4858 if (p_data->ble_set_adv_data.p_adv_data_cback)
4859 (*p_data->ble_set_adv_data.p_adv_data_cback)(status);
4860 }
4861
4862 /*******************************************************************************
4863 **
4864 ** Function bta_dm_ble_set_scan_rsp
4865 **
4866 ** Description This function set the customized ADV scan resp. configuration
4867 **
4868 ** Parameters:
4869 **
4870 *******************************************************************************/
bta_dm_ble_set_scan_rsp(tBTA_DM_MSG * p_data)4871 void bta_dm_ble_set_scan_rsp (tBTA_DM_MSG *p_data)
4872 {
4873 tBTA_STATUS status = BTA_FAILURE;
4874
4875 if(BTM_BleWriteScanRsp(p_data->ble_set_adv_data.data_mask,
4876 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg) == BTM_SUCCESS)
4877 {
4878 status = BTA_SUCCESS;
4879 }
4880
4881 if (p_data->ble_set_adv_data.p_adv_data_cback)
4882 (*p_data->ble_set_adv_data.p_adv_data_cback)(status);
4883 }
4884
4885 /*******************************************************************************
4886 **
4887 ** Function bta_dm_ble_set_data_length
4888 **
4889 ** Description This function set the maximum transmission packet size
4890 **
4891 ** Parameters
4892 **
4893 *******************************************************************************/
bta_dm_ble_set_data_length(tBTA_DM_MSG * p_data)4894 void bta_dm_ble_set_data_length(tBTA_DM_MSG *p_data)
4895 {
4896 if (BTM_SetBleDataLength(p_data->ble_set_data_length.remote_bda,
4897 p_data->ble_set_data_length.tx_data_length) != BTM_SUCCESS)
4898 {
4899 APPL_TRACE_ERROR("%s failed", __FUNCTION__);
4900 }
4901 }
4902
4903 /*******************************************************************************
4904 **
4905 ** Function bta_dm_ble_broadcast
4906 **
4907 ** Description Starts or stops LE broadcasts
4908 **
4909 ** Parameters:
4910 **
4911 *******************************************************************************/
bta_dm_ble_broadcast(tBTA_DM_MSG * p_data)4912 void bta_dm_ble_broadcast (tBTA_DM_MSG *p_data)
4913 {
4914 BTM_BleBroadcast(p_data->ble_observe.start);
4915 }
4916
4917 /*******************************************************************************
4918 **
4919 ** Function bta_dm_ble_multi_adv_enb
4920 **
4921 ** Description This function enables a single advertising instance
4922 **
4923 ** Parameters:
4924 **
4925 *******************************************************************************/
bta_dm_ble_multi_adv_enb(tBTA_DM_MSG * p_data)4926 void bta_dm_ble_multi_adv_enb(tBTA_DM_MSG *p_data)
4927 {
4928 tBTM_STATUS btm_status = 0;
4929
4930 bta_dm_cb.p_multi_adv_cback = p_data->ble_multi_adv_enb.p_cback;
4931 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && NULL != p_data->ble_multi_adv_enb.p_ref)
4932 {
4933 btm_status = BTM_BleEnableAdvInstance((tBTM_BLE_ADV_PARAMS*)
4934 p_data->ble_multi_adv_enb.p_params,
4935 p_data->ble_multi_adv_enb.p_cback,
4936 p_data->ble_multi_adv_enb.p_ref);
4937 }
4938
4939 if(BTM_CMD_STARTED != btm_status)
4940 {
4941 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_ENB_EVT, 0xFF,
4942 p_data->ble_multi_adv_enb.p_ref, BTA_FAILURE);
4943 }
4944 }
4945 /*******************************************************************************
4946 **
4947 ** Function bta_dm_ble_multi_adv_param_upd
4948 **
4949 ** Description This function updates multiple advertising instance parameters
4950 **
4951 ** Parameters:
4952 **
4953 *******************************************************************************/
bta_dm_ble_multi_adv_upd_param(tBTA_DM_MSG * p_data)4954 void bta_dm_ble_multi_adv_upd_param(tBTA_DM_MSG *p_data)
4955 {
4956 tBTM_STATUS btm_status = 0;
4957 void *p_ref = NULL;
4958
4959 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && p_data->ble_multi_adv_param.inst_id > 0
4960 && p_data->ble_multi_adv_param.inst_id < BTM_BleMaxMultiAdvInstanceCount())
4961 {
4962 btm_status = BTM_BleUpdateAdvInstParam(p_data->ble_multi_adv_param.inst_id,
4963 (tBTM_BLE_ADV_PARAMS*)p_data->ble_multi_adv_param.p_params);
4964 }
4965
4966 if(BTM_CMD_STARTED != btm_status)
4967 {
4968 p_ref = btm_ble_multi_adv_get_ref(p_data->ble_multi_adv_param.inst_id);
4969 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_PARAM_EVT,
4970 p_data->ble_multi_adv_param.inst_id, p_ref, BTA_FAILURE);
4971 }
4972 }
4973 /*******************************************************************************
4974 **
4975 ** Function bta_dm_ble_multi_adv_data
4976 **
4977 ** Description This function write multiple advertising instance adv data
4978 ** or scan response data
4979 **
4980 ** Parameters:
4981 **
4982 *******************************************************************************/
bta_dm_ble_multi_adv_data(tBTA_DM_MSG * p_data)4983 void bta_dm_ble_multi_adv_data(tBTA_DM_MSG *p_data)
4984 {
4985 tBTM_STATUS btm_status = 0;
4986 void *p_ref = NULL;
4987
4988 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && p_data->ble_multi_adv_data.inst_id > 0
4989 && p_data->ble_multi_adv_data.inst_id < BTM_BleMaxMultiAdvInstanceCount())
4990 {
4991 btm_status = BTM_BleCfgAdvInstData(p_data->ble_multi_adv_data.inst_id,
4992 p_data->ble_multi_adv_data.is_scan_rsp,
4993 p_data->ble_multi_adv_data.data_mask,
4994 (tBTM_BLE_ADV_DATA*)p_data->ble_multi_adv_data.p_data);
4995 }
4996
4997 if(BTM_CMD_STARTED != btm_status)
4998 {
4999 p_ref = btm_ble_multi_adv_get_ref(p_data->ble_multi_adv_data.inst_id);
5000 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_DATA_EVT,
5001 p_data->ble_multi_adv_data.inst_id, p_ref, BTA_FAILURE);
5002 }
5003
5004 }
5005 /*******************************************************************************
5006 **
5007 ** Function btm_dm_ble_multi_adv_disable
5008 **
5009 ** Description This function disable a single adv instance
5010 **
5011 ** Parameters:
5012 **
5013 *******************************************************************************/
btm_dm_ble_multi_adv_disable(tBTA_DM_MSG * p_data)5014 void btm_dm_ble_multi_adv_disable(tBTA_DM_MSG *p_data)
5015 {
5016 tBTM_STATUS btm_status = 0;
5017 void *p_ref = NULL;
5018
5019 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && p_data->ble_multi_adv_disable.inst_id > 0
5020 && p_data->ble_multi_adv_disable.inst_id < BTM_BleMaxMultiAdvInstanceCount())
5021 {
5022 btm_status = BTM_BleDisableAdvInstance(p_data->ble_multi_adv_disable.inst_id);
5023 }
5024
5025 if(BTM_CMD_STARTED != btm_status)
5026 {
5027 p_ref = btm_ble_multi_adv_get_ref(p_data->ble_multi_adv_disable.inst_id);
5028 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_DISABLE_EVT,
5029 p_data->ble_multi_adv_disable.inst_id, p_ref, BTA_FAILURE);
5030 }
5031 }
5032
5033 /*******************************************************************************
5034 **
5035 ** Function bta_dm_ble_setup_storage
5036 **
5037 ** Description This function configures up the storage parameters for ADV batch scanning
5038 **
5039 ** Parameters:
5040 **
5041 *******************************************************************************/
bta_dm_ble_setup_storage(tBTA_DM_MSG * p_data)5042 void bta_dm_ble_setup_storage (tBTA_DM_MSG *p_data)
5043 {
5044 tBTM_STATUS btm_status = 0;
5045 tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
5046
5047 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb);
5048
5049 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg)
5050 {
5051 btm_status = BTM_BleSetStorageConfig(p_data->ble_set_storage.batch_scan_full_max,
5052 p_data->ble_set_storage.batch_scan_trunc_max,
5053 p_data->ble_set_storage.batch_scan_notify_threshold,
5054 p_data->ble_set_storage.p_setup_cback,
5055 p_data->ble_set_storage.p_thres_cback,
5056 p_data->ble_set_storage.p_read_rep_cback,
5057 p_data->ble_set_storage.ref_value);
5058 }
5059
5060 if(BTM_CMD_STARTED != btm_status)
5061 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_CFG_STRG_EVT, p_data->ble_set_storage.ref_value,
5062 btm_status);
5063 }
5064
5065 /*******************************************************************************
5066 **
5067 ** Function bta_dm_ble_enable_batch_scan
5068 **
5069 ** Description This function sets up the parameters and enables batch scan
5070 **
5071 ** Parameters:
5072 **
5073 *******************************************************************************/
bta_dm_ble_enable_batch_scan(tBTA_DM_MSG * p_data)5074 void bta_dm_ble_enable_batch_scan (tBTA_DM_MSG *p_data)
5075 {
5076 tBTM_STATUS btm_status = 0;
5077 tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
5078
5079 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb);
5080
5081 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg)
5082 {
5083 btm_status = BTM_BleEnableBatchScan(p_data->ble_enable_scan.scan_mode,
5084 p_data->ble_enable_scan.scan_int,
5085 p_data->ble_enable_scan.scan_window,
5086 p_data->ble_enable_scan.discard_rule,
5087 p_data->ble_enable_scan.addr_type,
5088 p_data->ble_enable_scan.ref_value);
5089 }
5090
5091 if(BTM_CMD_STARTED != btm_status)
5092 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_ENABLE_EVT, p_data->ble_enable_scan.ref_value,
5093 btm_status);
5094 }
5095
5096 /*******************************************************************************
5097 **
5098 ** Function bta_dm_ble_disable_batch_scan
5099 **
5100 ** Description This function disables the batch scan
5101 **
5102 ** Parameters:
5103 **
5104 *******************************************************************************/
bta_dm_ble_disable_batch_scan(tBTA_DM_MSG * p_data)5105 void bta_dm_ble_disable_batch_scan (tBTA_DM_MSG *p_data)
5106 {
5107 UNUSED(p_data);
5108 tBTM_STATUS btm_status = 0;
5109 tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
5110
5111 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb);
5112
5113 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg)
5114 {
5115 btm_status = BTM_BleDisableBatchScan(p_data->ble_disable_scan.ref_value);
5116 }
5117
5118 if(BTM_CMD_STARTED != btm_status)
5119 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_DISABLE_EVT, p_data->ble_enable_scan.ref_value,
5120 btm_status);
5121 }
5122
5123 /*******************************************************************************
5124 **
5125 ** Function bta_dm_ble_read_scan_reports
5126 **
5127 ** Description This function reads the batch scan reports
5128 **
5129 ** Parameters:
5130 **
5131 *******************************************************************************/
bta_dm_ble_read_scan_reports(tBTA_DM_MSG * p_data)5132 void bta_dm_ble_read_scan_reports(tBTA_DM_MSG *p_data)
5133 {
5134 tBTM_STATUS btm_status = 0;
5135 tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
5136
5137 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb);
5138
5139 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg)
5140 {
5141 btm_status = BTM_BleReadScanReports(p_data->ble_read_reports.scan_type,
5142 p_data->ble_read_reports.ref_value);
5143 }
5144
5145 if(BTM_CMD_STARTED != btm_status)
5146 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_READ_REPTS_EVT, p_data->ble_enable_scan.ref_value,
5147 btm_status);
5148 }
5149
5150 /*******************************************************************************
5151 **
5152 ** Function bta_dm_ble_track_advertiser
5153 **
5154 ** Description This function tracks the specific advertiser
5155 **
5156 ** Parameters:
5157 **
5158 *******************************************************************************/
bta_dm_ble_track_advertiser(tBTA_DM_MSG * p_data)5159 void bta_dm_ble_track_advertiser(tBTA_DM_MSG *p_data)
5160 {
5161 tBTM_STATUS btm_status = 0;
5162 BD_ADDR bda;
5163 memset(&bda, 0 , sizeof(BD_ADDR));
5164 tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
5165 tBTA_DM_BLE_TRACK_ADV_DATA track_adv_data;
5166
5167 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb);
5168
5169 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg)
5170 {
5171 btm_status = BTM_BleTrackAdvertiser((tBTM_BLE_TRACK_ADV_CBACK *)
5172 p_data->ble_track_advert.p_track_adv_cback,
5173 p_data->ble_track_advert.ref_value);
5174 }
5175
5176 if(BTM_CMD_STARTED != btm_status)
5177 {
5178 memset(&track_adv_data, 0, sizeof(tBTA_DM_BLE_TRACK_ADV_DATA));
5179 track_adv_data.advertiser_info_present = NO_ADV_INFO_PRESENT; /* Indicates failure */
5180 track_adv_data.client_if = (UINT8)p_data->ble_track_advert.ref_value;
5181 p_data->ble_track_advert.p_track_adv_cback(&track_adv_data);
5182 }
5183 }
5184
5185 /*******************************************************************************
5186 **
5187 ** Function bta_ble_scan_setup_cb
5188 **
5189 ** Description Handle the setup callback from BTM layer and forward it to app layer
5190 **
5191 ** Parameters:
5192 **
5193 *******************************************************************************/
bta_ble_scan_setup_cb(tBTM_BLE_BATCH_SCAN_EVT evt,tBTM_BLE_REF_VALUE ref_value,tBTM_STATUS status)5194 void bta_ble_scan_setup_cb(tBTM_BLE_BATCH_SCAN_EVT evt, tBTM_BLE_REF_VALUE ref_value,
5195 tBTM_STATUS status)
5196 {
5197 tBTA_BLE_BATCH_SCAN_EVT bta_evt = 0;
5198
5199 APPL_TRACE_DEBUG("bta_ble_scan_setup_cb : evt: %d, ref_value: %d, status:%d", evt,
5200 ref_value, status);
5201
5202 switch(evt)
5203 {
5204 case BTM_BLE_BATCH_SCAN_ENABLE_EVT:
5205 bta_evt = BTA_BLE_BATCH_SCAN_ENB_EVT;
5206 break;
5207 case BTM_BLE_BATCH_SCAN_CFG_STRG_EVT:
5208 bta_evt = BTA_BLE_BATCH_SCAN_CFG_STRG_EVT;
5209 break;
5210 case BTM_BLE_BATCH_SCAN_DISABLE_EVT:
5211 bta_evt = BTA_BLE_BATCH_SCAN_DIS_EVT;
5212 break;
5213 case BTM_BLE_BATCH_SCAN_PARAM_EVT:
5214 bta_evt = BTA_BLE_BATCH_SCAN_PARAM_EVT;
5215 break;
5216 default:
5217 break;
5218 }
5219
5220 if(NULL != bta_dm_cb.p_setup_cback)
5221 bta_dm_cb.p_setup_cback(bta_evt, ref_value, status);
5222 }
5223
5224
5225 #if BLE_ANDROID_CONTROLLER_SCAN_FILTER == TRUE
5226 /*******************************************************************************
5227 **
5228 ** Function bta_ble_scan_pf_cmpl
5229 **
5230 ** Description ADV payload filtering operation complete callback
5231 **
5232 **
5233 ** Returns TRUE if handled, otherwise FALSE.
5234 **
5235 *******************************************************************************/
bta_ble_scan_cfg_cmpl(tBTM_BLE_PF_ACTION action,tBTM_BLE_SCAN_COND_OP cfg_op,tBTM_BLE_PF_AVBL_SPACE avbl_space,tBTM_STATUS status,tBTM_BLE_REF_VALUE ref_value)5236 static void bta_ble_scan_cfg_cmpl(tBTM_BLE_PF_ACTION action, tBTM_BLE_SCAN_COND_OP cfg_op,
5237 tBTM_BLE_PF_AVBL_SPACE avbl_space, tBTM_STATUS status,
5238 tBTM_BLE_REF_VALUE ref_value)
5239 {
5240 tBTA_STATUS st = (status == BTM_SUCCESS) ? BTA_SUCCESS: BTA_FAILURE;
5241
5242 APPL_TRACE_DEBUG("bta_ble_scan_cfg_cmpl: %d, %d, %d, %d", action, cfg_op, avbl_space, status);
5243
5244 if(bta_dm_cb.p_scan_filt_cfg_cback)
5245 bta_dm_cb.p_scan_filt_cfg_cback(action, cfg_op, avbl_space, st, ref_value);
5246 }
5247
5248 /*******************************************************************************
5249 **
5250 ** Function bta_dm_cfg_filter_cond
5251 **
5252 ** Description This function configure adv payload filtering condition
5253 **
5254 ** Parameters:
5255 **
5256 *******************************************************************************/
bta_dm_cfg_filter_cond(tBTA_DM_MSG * p_data)5257 void bta_dm_cfg_filter_cond (tBTA_DM_MSG *p_data)
5258 {
5259 tBTM_STATUS st = BTM_MODE_UNSUPPORTED;
5260 tBTA_STATUS status = BTA_FAILURE;
5261
5262 tBTM_BLE_VSC_CB cmn_vsc_cb;
5263
5264 APPL_TRACE_DEBUG("bta_dm_cfg_filter_cond");
5265 BTM_BleGetVendorCapabilities(&cmn_vsc_cb);
5266 if(0 != cmn_vsc_cb.filter_support)
5267 {
5268 if ((st = BTM_BleCfgFilterCondition(p_data->ble_cfg_filter_cond.action,
5269 p_data->ble_cfg_filter_cond.cond_type,
5270 (tBTM_BLE_PF_FILT_INDEX)p_data->ble_cfg_filter_cond.filt_index,
5271 (tBTM_BLE_PF_COND_PARAM *)p_data->ble_cfg_filter_cond.p_cond_param,
5272 bta_ble_scan_cfg_cmpl, p_data->ble_cfg_filter_cond.ref_value))
5273 == BTM_CMD_STARTED)
5274 {
5275 bta_dm_cb.p_scan_filt_cfg_cback = p_data->ble_cfg_filter_cond.p_filt_cfg_cback;
5276 return;
5277 }
5278 }
5279
5280 if (p_data->ble_cfg_filter_cond.p_filt_cfg_cback)
5281 p_data->ble_cfg_filter_cond.p_filt_cfg_cback(BTA_DM_BLE_PF_CONFIG_EVT,
5282 p_data->ble_cfg_filter_cond.cond_type, 0, status,
5283 p_data->ble_cfg_filter_cond.ref_value);
5284 return;
5285 }
5286
5287 /*******************************************************************************
5288 **
5289 ** Function bta_dm_enable_scan_filter
5290 **
5291 ** Description This function enable/disable adv payload filtering condition
5292 **
5293 ** Parameters:
5294 **
5295 *******************************************************************************/
bta_dm_enable_scan_filter(tBTA_DM_MSG * p_data)5296 void bta_dm_enable_scan_filter(tBTA_DM_MSG *p_data)
5297 {
5298 tBTM_STATUS st = BTM_MODE_UNSUPPORTED;
5299 tBTA_STATUS status = BTA_FAILURE;
5300
5301 tBTM_BLE_VSC_CB cmn_vsc_cb;
5302 APPL_TRACE_DEBUG("bta_dm_enable_scan_filter");
5303 BTM_BleGetVendorCapabilities(&cmn_vsc_cb);
5304
5305 if(0 != cmn_vsc_cb.filter_support)
5306 {
5307 if((st = BTM_BleEnableDisableFilterFeature(p_data->ble_enable_scan_filt.action,
5308 p_data->ble_enable_scan_filt.p_filt_status_cback,
5309 (tBTM_BLE_REF_VALUE)p_data->ble_enable_scan_filt.ref_value)) == BTM_CMD_STARTED)
5310 bta_dm_cb.p_scan_filt_status_cback = p_data->ble_enable_scan_filt.p_filt_status_cback;
5311 return;
5312 }
5313
5314 if (p_data->ble_enable_scan_filt.p_filt_status_cback)
5315 p_data->ble_enable_scan_filt.p_filt_status_cback (BTA_DM_BLE_PF_ENABLE_EVT,
5316 p_data->ble_enable_scan_filt.ref_value, status);
5317
5318 }
5319
5320 /*******************************************************************************
5321 **
5322 ** Function bta_dm_scan_filter_param_setup
5323 **
5324 ** Description This function sets up scan filter params
5325 **
5326 ** Parameters:
5327 **
5328 *******************************************************************************/
bta_dm_scan_filter_param_setup(tBTA_DM_MSG * p_data)5329 void bta_dm_scan_filter_param_setup (tBTA_DM_MSG *p_data)
5330 {
5331 tBTM_STATUS st = BTM_MODE_UNSUPPORTED;
5332 tBTA_STATUS status = BTA_FAILURE;
5333
5334 tBTM_BLE_VSC_CB cmn_vsc_cb;
5335
5336 APPL_TRACE_DEBUG("bta_dm_scan_filter_param_setup");
5337 BTM_BleGetVendorCapabilities(&cmn_vsc_cb);
5338 if(0 != cmn_vsc_cb.filter_support)
5339 {
5340 if ((st = BTM_BleAdvFilterParamSetup(p_data->ble_scan_filt_param_setup.action,
5341 p_data->ble_scan_filt_param_setup.filt_index,
5342 (tBTM_BLE_PF_FILT_PARAMS *)&p_data->ble_scan_filt_param_setup.filt_params,
5343 p_data->ble_scan_filt_param_setup.p_target,
5344 p_data->ble_scan_filt_param_setup.p_filt_param_cback,
5345 p_data->ble_scan_filt_param_setup.ref_value)) == BTM_CMD_STARTED)
5346 {
5347 bta_dm_cb.p_scan_filt_param_cback = p_data->ble_scan_filt_param_setup.p_filt_param_cback;
5348 return;
5349 }
5350 }
5351
5352 if (p_data->ble_scan_filt_param_setup.p_filt_param_cback)
5353 p_data->ble_scan_filt_param_setup.p_filt_param_cback (BTA_DM_BLE_PF_ENABLE_EVT, 0,
5354 p_data->ble_scan_filt_param_setup.ref_value, status);
5355
5356 return;
5357 }
5358 #endif
5359
5360 /*******************************************************************************
5361 **
5362 ** Function bta_ble_enable_scan_cmpl
5363 **
5364 ** Description ADV payload filtering enable / disable complete callback
5365 **
5366 **
5367 ** Returns None
5368 **
5369 *******************************************************************************/
bta_ble_energy_info_cmpl(tBTM_BLE_TX_TIME_MS tx_time,tBTM_BLE_RX_TIME_MS rx_time,tBTM_BLE_IDLE_TIME_MS idle_time,tBTM_BLE_ENERGY_USED energy_used,tBTM_STATUS status)5370 static void bta_ble_energy_info_cmpl(tBTM_BLE_TX_TIME_MS tx_time,
5371 tBTM_BLE_RX_TIME_MS rx_time,
5372 tBTM_BLE_IDLE_TIME_MS idle_time,
5373 tBTM_BLE_ENERGY_USED energy_used,
5374 tBTM_STATUS status)
5375 {
5376 tBTA_STATUS st = (status == BTM_SUCCESS) ? BTA_SUCCESS: BTA_FAILURE;
5377 tBTA_DM_CONTRL_STATE ctrl_state = 0;
5378
5379 if (BTA_SUCCESS == st)
5380 ctrl_state = bta_dm_pm_obtain_controller_state();
5381
5382 if (bta_dm_cb.p_energy_info_cback)
5383 bta_dm_cb.p_energy_info_cback(tx_time, rx_time, idle_time, energy_used, ctrl_state, st);
5384 }
5385
5386 /*******************************************************************************
5387 **
5388 ** Function bta_dm_ble_get_energy_info
5389 **
5390 ** Description This function obtains the energy info
5391 **
5392 ** Parameters:
5393 **
5394 *******************************************************************************/
bta_dm_ble_get_energy_info(tBTA_DM_MSG * p_data)5395 void bta_dm_ble_get_energy_info(tBTA_DM_MSG *p_data)
5396 {
5397 tBTM_STATUS btm_status = 0;
5398
5399 bta_dm_cb.p_energy_info_cback = p_data->ble_energy_info.p_energy_info_cback;
5400 btm_status = BTM_BleGetEnergyInfo(bta_ble_energy_info_cmpl);
5401 if (BTM_CMD_STARTED != btm_status)
5402 bta_ble_energy_info_cmpl(0, 0, 0, 0, btm_status);
5403 }
5404
5405 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE))
5406 #ifndef BTA_DM_GATT_CLOSE_DELAY_TOUT
5407 #define BTA_DM_GATT_CLOSE_DELAY_TOUT 1000
5408 #endif
5409
5410 /*******************************************************************************
5411 **
5412 ** Function bta_dm_gattc_register
5413 **
5414 ** Description Register with GATTC in DM if BLE is needed.
5415 **
5416 **
5417 ** Returns void
5418 **
5419 *******************************************************************************/
bta_dm_gattc_register(void)5420 static void bta_dm_gattc_register(void)
5421 {
5422 tBT_UUID app_uuid = {LEN_UUID_128,{0}};
5423
5424 if (bta_dm_search_cb.client_if == BTA_GATTS_INVALID_IF)
5425 {
5426 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128);
5427 BTA_GATTC_AppRegister(&app_uuid, bta_dm_gattc_callback);
5428 }
5429 }
5430
5431 /*******************************************************************************
5432 **
5433 ** Function btm_dm_start_disc_gatt_services
5434 **
5435 ** Description This function starts a GATT service search request.
5436 **
5437 ** Parameters:
5438 **
5439 *******************************************************************************/
btm_dm_start_disc_gatt_services(UINT16 conn_id)5440 static void btm_dm_start_disc_gatt_services (UINT16 conn_id)
5441 {
5442 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid +
5443 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
5444
5445 p_uuid = bta_dm_search_cb.p_srvc_uuid +
5446 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search;
5447
5448 /* always search for all services */
5449 BTA_GATTC_ServiceSearchRequest(conn_id, p_uuid);
5450 }
5451
5452 /*******************************************************************************
5453 **
5454 ** Function bta_dm_gatt_disc_result
5455 **
5456 ** Description This function process the GATT service search result.
5457 **
5458 ** Parameters:
5459 **
5460 *******************************************************************************/
bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)5461 static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id)
5462 {
5463 tBTA_DM_SEARCH result;
5464
5465 /*
5466 * This logic will not work for gatt case. We are checking against the bluetooth profiles here
5467 * just copy the GATTID in raw data field and send it across.
5468 */
5469
5470
5471 if ( bta_dm_search_cb.ble_raw_used + sizeof(tBTA_GATT_ID) < bta_dm_search_cb.ble_raw_size )
5472 {
5473 APPL_TRACE_DEBUG("ADDING BLE SERVICE uuid=0x%x, ble_ptr = 0x%x, ble_raw_used = 0x%x",
5474 service_id.uuid.uu.uuid16,bta_dm_search_cb.p_ble_rawdata,bta_dm_search_cb.ble_raw_used);
5475
5476 if(bta_dm_search_cb.p_ble_rawdata)
5477 {
5478 memcpy((bta_dm_search_cb.p_ble_rawdata + bta_dm_search_cb.ble_raw_used), &service_id,
5479 sizeof(service_id) );
5480
5481 bta_dm_search_cb.ble_raw_used += sizeof(service_id);
5482 }
5483 else
5484 {
5485 APPL_TRACE_ERROR("p_ble_rawdata is NULL");
5486 }
5487
5488 }
5489 else
5490 {
5491 APPL_TRACE_ERROR("%s out of room to accomodate more service ids ble_raw_size = %d ble_raw_used = %d", __FUNCTION__,bta_dm_search_cb.ble_raw_size, bta_dm_search_cb.ble_raw_used );
5492 }
5493
5494 LOG_INFO("%s service_id_uuid_len=%d ", __func__, service_id.uuid.len);
5495 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
5496 {
5497
5498 /* send result back to app now, one by one */
5499 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
5500 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1));
5501 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0;
5502 memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID));
5503
5504 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
5505 }
5506 }
5507
5508 /*******************************************************************************
5509 **
5510 ** Function bta_dm_gatt_disc_complete
5511 **
5512 ** Description This function process the GATT service search complete.
5513 **
5514 ** Parameters:
5515 **
5516 *******************************************************************************/
bta_dm_gatt_disc_complete(UINT16 conn_id,tBTA_GATT_STATUS status)5517 static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status)
5518 {
5519 tBTA_DM_MSG *p_msg;
5520
5521 APPL_TRACE_DEBUG("bta_dm_gatt_disc_complete conn_id = %d",conn_id);
5522
5523 if (bta_dm_search_cb.uuid_to_search > 0) bta_dm_search_cb.uuid_to_search --;
5524
5525 if (status == BTA_GATT_OK && bta_dm_search_cb.uuid_to_search > 0)
5526 {
5527 btm_dm_start_disc_gatt_services(conn_id);
5528 }
5529 else
5530 {
5531 bta_dm_search_cb.uuid_to_search = 0;
5532
5533 /* no more services to be discovered */
5534 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL)
5535 {
5536 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
5537 p_msg->disc_result.result.disc_res.result = (status == BTA_GATT_OK) ? BTA_SUCCESS :BTA_FAILURE;
5538 APPL_TRACE_DEBUG("%s service found: 0x%08x", __FUNCTION__,
5539 bta_dm_search_cb.services_found);
5540 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
5541 p_msg->disc_result.result.disc_res.num_uuids = 0;
5542 p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
5543 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr);
5544 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME),
5545 bta_dm_get_remname(), (BD_NAME_LEN-1));
5546
5547 /* make sure the string is terminated */
5548 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0;
5549
5550 p_msg->disc_result.result.disc_res.device_type |= BT_DEVICE_TYPE_BLE;
5551 if ( bta_dm_search_cb.ble_raw_used > 0 )
5552 {
5553 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.ble_raw_used);
5554
5555 memcpy( p_msg->disc_result.result.disc_res.p_raw_data,
5556 bta_dm_search_cb.p_ble_rawdata,
5557 bta_dm_search_cb.ble_raw_used );
5558
5559 p_msg->disc_result.result.disc_res.raw_data_size = bta_dm_search_cb.ble_raw_used;
5560 }
5561 else
5562 {
5563 p_msg->disc_result.result.disc_res.p_raw_data = NULL;
5564 bta_dm_search_cb.p_ble_rawdata = 0;
5565 }
5566
5567 bta_sys_sendmsg(p_msg);
5568 }
5569
5570 if (conn_id != BTA_GATT_INVALID_CONN_ID)
5571 {
5572 /* start a GATT channel close delay timer */
5573 bta_sys_start_timer(&bta_dm_search_cb.gatt_close_timer, BTA_DM_DISC_CLOSE_TOUT_EVT,
5574 BTA_DM_GATT_CLOSE_DELAY_TOUT);
5575 bdcpy(bta_dm_search_cb.pending_close_bda, bta_dm_search_cb.peer_bdaddr);
5576 }
5577 bta_dm_search_cb.gatt_disc_active = FALSE;
5578 }
5579 }
5580
5581 /*******************************************************************************
5582 **
5583 ** Function bta_dm_close_gatt_conn
5584 **
5585 ** Description This function close the GATT connection after delay timeout.
5586 **
5587 ** Parameters:
5588 **
5589 *******************************************************************************/
bta_dm_close_gatt_conn(tBTA_DM_MSG * p_data)5590 void bta_dm_close_gatt_conn(tBTA_DM_MSG *p_data)
5591 {
5592 UNUSED(p_data);
5593
5594 if (bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID)
5595 BTA_GATTC_Close(bta_dm_search_cb.conn_id);
5596
5597 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN);
5598 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
5599 }
5600 /*******************************************************************************
5601 **
5602 ** Function btm_dm_start_gatt_discovery
5603 **
5604 ** Description This is GATT initiate the service search by open a GATT connection
5605 ** first.
5606 **
5607 ** Parameters:
5608 **
5609 *******************************************************************************/
btm_dm_start_gatt_discovery(BD_ADDR bd_addr)5610 void btm_dm_start_gatt_discovery (BD_ADDR bd_addr)
5611 {
5612 bta_dm_search_cb.gatt_disc_active = TRUE;
5613
5614 /* connection is already open */
5615 if (bdcmp(bta_dm_search_cb.pending_close_bda, bd_addr) == 0 &&
5616 bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID)
5617 {
5618 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN);
5619 bta_sys_stop_timer(&bta_dm_search_cb.gatt_close_timer);
5620 btm_dm_start_disc_gatt_services(bta_dm_search_cb.conn_id);
5621 }
5622 else
5623 BTA_GATTC_Open(bta_dm_search_cb.client_if, bd_addr, TRUE, BTA_GATT_TRANSPORT_LE);
5624 }
5625
5626 /*******************************************************************************
5627 **
5628 ** Function bta_dm_cancel_gatt_discovery
5629 **
5630 ** Description This is GATT cancel the GATT service search.
5631 **
5632 ** Parameters:
5633 **
5634 *******************************************************************************/
bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)5635 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr)
5636 {
5637 if (bta_dm_search_cb.conn_id == BTA_GATT_INVALID_CONN_ID)
5638 {
5639 BTA_GATTC_CancelOpen(bta_dm_search_cb.client_if, bd_addr, TRUE);
5640 }
5641
5642 bta_dm_gatt_disc_complete(bta_dm_search_cb.conn_id, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
5643 }
5644
5645 /*******************************************************************************
5646 **
5647 ** Function bta_dm_proc_open_evt
5648 **
5649 ** Description process BTA_GATTC_OPEN_EVT in DM.
5650 **
5651 ** Parameters:
5652 **
5653 *******************************************************************************/
bta_dm_proc_open_evt(tBTA_GATTC_OPEN * p_data)5654 void bta_dm_proc_open_evt(tBTA_GATTC_OPEN *p_data)
5655 {
5656 UINT8 *p1;
5657 UINT8 *p2;
5658
5659 p1 = bta_dm_search_cb.peer_bdaddr;
5660 p2 = p_data->remote_bda;
5661
5662 APPL_TRACE_DEBUG("DM Search state= %d search_cb.peer_dbaddr: [%08x%04x] connected_bda= [%08x%04x] ",
5663 bta_dm_search_cb.state,
5664 ((p1[0])<<24)+((p1[1])<<16)+((p1[2])<<8)+(p1[3]),
5665 ((p1[4])<<8)+ p1[5],
5666 ((p2[0])<<24)+((p2[1])<<16)+((p2[2])<<8)+(p2[3]),
5667 ((p2[4])<<8)+ p2[5]);
5668
5669 APPL_TRACE_DEBUG("BTA_GATTC_OPEN_EVT conn_id = %d client_if=%d status = %d" ,
5670 p_data->conn_id,
5671 p_data->client_if,
5672 p_data->status);
5673
5674 bta_dm_search_cb.conn_id = p_data->conn_id;
5675
5676 if (p_data->status == BTA_GATT_OK)
5677 {
5678 btm_dm_start_disc_gatt_services(p_data->conn_id);
5679 }
5680 else
5681 {
5682 bta_dm_gatt_disc_complete(BTA_GATT_INVALID_CONN_ID, p_data->status);
5683 }
5684 }
5685
5686 /*******************************************************************************
5687 **
5688 ** Function bta_dm_gattc_callback
5689 **
5690 ** Description This is GATT client callback function used in DM.
5691 **
5692 ** Parameters:
5693 **
5694 *******************************************************************************/
bta_dm_gattc_callback(tBTA_GATTC_EVT event,tBTA_GATTC * p_data)5695 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data)
5696 {
5697 APPL_TRACE_DEBUG("bta_dm_gattc_callback event = %d", event);
5698
5699 switch (event)
5700 {
5701 case BTA_GATTC_REG_EVT:
5702 APPL_TRACE_DEBUG("BTA_GATTC_REG_EVT client_if = %d", p_data->reg_oper.client_if);
5703 if (p_data->reg_oper.status == BTA_GATT_OK)
5704 bta_dm_search_cb.client_if = p_data->reg_oper.client_if;
5705 else
5706 bta_dm_search_cb.client_if = BTA_GATTS_INVALID_IF;
5707 break;
5708
5709 case BTA_GATTC_OPEN_EVT:
5710 bta_dm_proc_open_evt(&p_data->open);
5711 break;
5712
5713 case BTA_GATTC_SEARCH_RES_EVT:
5714 bta_dm_gatt_disc_result(p_data->srvc_res.service_uuid.id);
5715 break;
5716
5717 case BTA_GATTC_SEARCH_CMPL_EVT:
5718 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)
5719 bta_dm_gatt_disc_complete(p_data->search_cmpl.conn_id, p_data->search_cmpl.status);
5720 break;
5721
5722 case BTA_GATTC_CLOSE_EVT:
5723 APPL_TRACE_DEBUG("BTA_GATTC_CLOSE_EVT reason = %d", p_data->close.reason);
5724 /* in case of disconnect before search is completed */
5725 if ( (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) &&
5726 (bta_dm_search_cb.state != BTA_DM_SEARCH_ACTIVE) &&
5727 !memcmp(p_data->close.remote_bda, bta_dm_search_cb.peer_bdaddr, BD_ADDR_LEN))
5728 {
5729 bta_dm_gatt_disc_complete((UINT16)BTA_GATT_INVALID_CONN_ID, (tBTA_GATT_STATUS) BTA_GATT_ERROR);
5730 }
5731 break;
5732
5733 default:
5734 break;
5735 }
5736 }
5737
5738 #endif /* BTA_GATT_INCLUDED */
5739
5740 #if BLE_VND_INCLUDED == TRUE
5741 /*******************************************************************************
5742 **
5743 ** Function bta_dm_ctrl_features_rd_cmpl_cback
5744 **
5745 ** Description callback to handle controller feature read complete
5746 **
5747 ** Parameters:
5748 **
5749 *******************************************************************************/
bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result)5750 static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result)
5751 {
5752 APPL_TRACE_DEBUG("%s status = %d ", __FUNCTION__, result);
5753 if (result == BTM_SUCCESS)
5754 {
5755 if(bta_dm_cb.p_sec_cback)
5756 bta_dm_cb.p_sec_cback(BTA_DM_LE_FEATURES_READ, NULL);
5757 }
5758 else
5759 {
5760 APPL_TRACE_ERROR("%s Ctrl BLE feature read failed: status :%d",__FUNCTION__, result);
5761 }
5762
5763 }
5764 #endif /* BLE_VND_INCLUDED */
5765
5766 #endif /* BLE_INCLUDED */
5767