1 /******************************************************************************
2  *
3  *  Copyright (C) 2008-2014 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains functions for BLE GAP.
22  *
23  ******************************************************************************/
24 
25 #include <string.h>
26 #include <stdio.h>
27 #include <stddef.h>
28 
29 #include "bt_types.h"
30 #include "bt_utils.h"
31 #include "btm_int.h"
32 #include "btm_ble_api.h"
33 #include "btu.h"
34 #include "device/include/controller.h"
35 #include "hcimsgs.h"
36 #include "gap_api.h"
37 
38 #if BLE_INCLUDED == TRUE
39 #include "l2c_int.h"
40 
41 #include "gattdefs.h"
42 #include "gatt_int.h"
43 
44 #include "btm_ble_int.h"
45 #define LOG_TAG "bt_btm_ble"
46 #include "osi/include/log.h"
47 
48 #define BTM_BLE_NAME_SHORT                  0x01
49 #define BTM_BLE_NAME_CMPL                   0x02
50 
51 #define BTM_BLE_FILTER_TARGET_UNKNOWN       0xff
52 #define BTM_BLE_POLICY_UNKNOWN              0xff
53 
54 #define BTM_EXT_BLE_RMT_NAME_TIMEOUT        30
55 #define MIN_ADV_LENGTH                       2
56 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE 9
57 
58 static tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
59 
60 #if BLE_VND_INCLUDED == TRUE
61 static tBTM_BLE_CTRL_FEATURES_CBACK    *p_ctrl_le_feature_rd_cmpl_cback = NULL;
62 #endif
63 
64 /*******************************************************************************
65 **  Local functions
66 *******************************************************************************/
67 static void btm_ble_update_adv_flag(UINT8 flag);
68 static void btm_ble_process_adv_pkt_cont(BD_ADDR bda, UINT8 addr_type, UINT8 evt_type, UINT8 *p);
69 UINT8 *btm_ble_build_adv_data(tBTM_BLE_AD_MASK *p_data_mask, UINT8 **p_dst,
70                               tBTM_BLE_ADV_DATA *p_data);
71 static UINT8 btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB *p_cb,
72                                      BD_ADDR_PTR p_peer_addr_ptr,
73                                      tBLE_ADDR_TYPE *p_peer_addr_type,
74                                      tBLE_ADDR_TYPE *p_own_addr_type);
75 static void btm_ble_stop_observe(void);
76 
77 #define BTM_BLE_INQ_RESULT          0x01
78 #define BTM_BLE_OBS_RESULT          0x02
79 #define BTM_BLE_SEL_CONN_RESULT     0x04
80 
81 /* LE states combo bit to check */
82 const UINT8 btm_le_state_combo_tbl[BTM_BLE_STATE_MAX][BTM_BLE_STATE_MAX][2] =
83 {
84     {/* single state support */
85         {HCI_SUPP_LE_STATES_CONN_ADV_MASK, HCI_SUPP_LE_STATES_CONN_ADV_OFF},  /* conn_adv */
86         {HCI_SUPP_LE_STATES_INIT_MASK, HCI_SUPP_LE_STATES_INIT_OFF}, /* init */
87         {HCI_SUPP_LE_STATES_INIT_MASK, HCI_SUPP_LE_STATES_INIT_OFF}, /* master */
88         {HCI_SUPP_LE_STATES_SLAVE_MASK, HCI_SUPP_LE_STATES_SLAVE_OFF}, /* slave */
89         {0, 0},                   /* todo: lo du dir adv, not covered ? */
90         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_OFF}, /* hi duty dir adv */
91         {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_OFF},  /* non connectable adv */
92         {HCI_SUPP_LE_STATES_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_OFF},   /*  passive scan */
93         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_OFF},  /*   active scan */
94         {HCI_SUPP_LE_STATES_SCAN_ADV_MASK, HCI_SUPP_LE_STATESSCAN_ADV_OFF}   /* scanable adv */
95     },
96     {    /* conn_adv =0 */
97         {0, 0},                                                                           /* conn_adv */
98         {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF},      /* init: 32 */
99         {HCI_SUPP_LE_STATES_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_CONN_ADV_MASTER_OFF},  /* master: 35 */
100         {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* slave: 38,*/
101         {0, 0},                                                                           /* lo du dir adv */
102         {0, 0},                                                                            /* hi duty dir adv */
103         {0, 0},  /* non connectable adv */
104         {HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_OFF},   /*  passive scan */
105         {HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_OFF},  /*   active scan */
106         {0, 0}   /* scanable adv */
107     },
108     {   /* init */
109         {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF},      /* conn_adv: 32 */
110         {0, 0},                                                                             /* init */
111         {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF},          /* master 28 */
112         {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* slave 41 */
113         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_OFF} ,/* lo du dir adv 34 */
114         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_OFF},     /* hi duty dir adv 33 */
115         {HCI_SUPP_LE_STATES_NON_CONN_INIT_MASK, HCI_SUPP_LE_STATES_NON_CONN_INIT_OFF},  /*  non connectable adv */
116         {HCI_SUPP_LE_STATES_PASS_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_INIT_OFF},   /* passive scan */
117         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_OFF},  /*  active scan */
118         {HCI_SUPP_LE_STATES_SCAN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_INIT_OFF}   /* scanable adv */
119 
120     },
121     {   /* master */
122         {HCI_SUPP_LE_STATES_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_CONN_ADV_MASTER_OFF},  /* conn_adv: 35 */
123         {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF},          /* init 28 */
124         {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF},          /* master 28 */
125         {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF},      /* slave: 32 */
126         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_OFF},  /* lo duty cycle adv 37 */
127         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_OFF},   /* hi duty cycle adv 36 */
128         {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_OFF},  /*  non connectable adv */
129         {HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_OFF},   /*  passive scan */
130         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_OFF},  /*   active scan */
131         {HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_OFF}   /*  scanable adv */
132 
133     },
134     { /* slave */
135         {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* conn_adv: 38,*/
136         {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* init 41 */
137         {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* master 41 */
138         {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF},        /* slave: 38,*/
139         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_OFF},  /* lo duty cycle adv 40 */
140         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_OFF},   /* hi duty cycle adv 39 */
141         {HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_OFF},  /* non connectable adv */
142         {HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_OFF},   /* passive scan */
143         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_OFF},  /*  active scan */
144         {HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_OFF}   /* scanable adv */
145 
146     },
147     { /* lo duty cycle adv */
148         {0, 0}, /* conn_adv: 38,*/
149         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_OFF} ,/* init 34 */
150         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_OFF}, /* master 37 */
151         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_OFF}, /* slave: 40 */
152         {0, 0},  /* lo duty cycle adv 40 */
153         {0, 0},   /* hi duty cycle adv 39 */
154         {0, 0},  /*  non connectable adv */
155         {0, 0},   /* TODO: passive scan, not covered? */
156         {0, 0},  /* TODO:  active scan, not covered? */
157         {0, 0}   /*  scanable adv */
158     },
159     { /* hi duty cycle adv */
160         {0, 0}, /* conn_adv: 38,*/
161         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_OFF}, /* init 33 */
162         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_OFF}, /* master 36 */
163         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_OFF},   /* slave: 39*/
164         {0, 0},  /* lo duty cycle adv 40 */
165         {0, 0},   /* hi duty cycle adv 39 */
166         {0, 0},  /* non connectable adv */
167         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_OFF},   /* passive scan */
168         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_OFF},  /* active scan */
169         {0, 0}   /* scanable adv */
170     },
171     { /* non connectable adv */
172         {0, 0}, /* conn_adv: */
173         {HCI_SUPP_LE_STATES_NON_CONN_INIT_MASK, HCI_SUPP_LE_STATES_NON_CONN_INIT_OFF}, /* init  */
174         {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_OFF}, /* master  */
175         {HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_OFF},   /* slave: */
176         {0, 0},  /* lo duty cycle adv */
177         {0, 0},   /* hi duty cycle adv */
178         {0, 0},  /* non connectable adv */
179         {HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_OFF},   /* passive scan */
180         {HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_OFF},  /*  active scan */
181         {0, 0}   /* scanable adv */
182     },
183     { /* passive scan */
184         {HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_OFF}, /* conn_adv: */
185         {HCI_SUPP_LE_STATES_PASS_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_INIT_OFF}, /* init  */
186         {HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_OFF}, /* master  */
187         {HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_OFF},   /* slave: */
188         {0, 0},  /* lo duty cycle adv */
189         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_OFF},   /* hi duty cycle adv */
190         {HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_OFF},  /*  non connectable adv */
191         {0, 0},   /* passive scan */
192         {0, 0},  /* active scan */
193          {HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_OFF}   /* scanable adv */
194     },
195     { /* active scan */
196         {HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_OFF}, /* conn_adv: */
197         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_OFF}, /* init  */
198         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_OFF}, /* master  */
199         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_OFF},   /* slave: */
200         {0, 0},  /* lo duty cycle adv */
201         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_OFF},   /* hi duty cycle adv */
202         {HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_OFF},  /*  non connectable adv */
203         {0, 0},   /* TODO: passive scan */
204         {0, 0},  /* TODO:  active scan */
205         {HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_OFF}   /*  scanable adv */
206     },
207     { /* scanable adv */
208         {0, 0}, /* conn_adv: */
209         {HCI_SUPP_LE_STATES_SCAN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_INIT_OFF}, /* init  */
210         {HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_OFF}, /* master  */
211         {HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_OFF},   /* slave: */
212         {0, 0},  /* lo duty cycle adv */
213         {0, 0},   /* hi duty cycle adv */
214         {0, 0},  /* non connectable adv */
215         {HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_OFF},   /*  passive scan */
216         {HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_OFF},  /*  active scan */
217         {0, 0}   /* scanable adv */
218     }
219 
220 };
221 /* check LE combo state supported */
222 #define BTM_LE_STATES_SUPPORTED(x, y, z)      ((x)[(z)] & (y))
223 
224 
225 /*******************************************************************************
226 **
227 ** Function         BTM_BleUpdateAdvWhitelist
228 **
229 ** Description      Add or remove device from advertising white list
230 **
231 ** Returns          void
232 **
233 *******************************************************************************/
BTM_BleUpdateAdvWhitelist(BOOLEAN add_remove,BD_ADDR remote_bda)234 BOOLEAN BTM_BleUpdateAdvWhitelist(BOOLEAN add_remove, BD_ADDR remote_bda)
235 {
236     UNUSED(add_remove);
237     UNUSED(remote_bda);
238 
239     return FALSE;
240 }
241 
242 /*******************************************************************************
243 **
244 ** Function         BTM_BleUpdateAdvFilterPolicy
245 **
246 ** Description      This function update the filter policy of advertiser.
247 **
248 ** Parameter        adv_policy: advertising filter policy
249 **
250 ** Return           void
251 *******************************************************************************/
BTM_BleUpdateAdvFilterPolicy(tBTM_BLE_AFP adv_policy)252 void BTM_BleUpdateAdvFilterPolicy(tBTM_BLE_AFP adv_policy)
253 {
254     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
255     tBLE_ADDR_TYPE   init_addr_type = BLE_ADDR_PUBLIC;
256     BD_ADDR          p_addr_ptr= {0};
257     UINT8            adv_mode = p_cb->adv_mode;
258 
259     BTM_TRACE_EVENT ("BTM_BleUpdateAdvFilterPolicy");
260 
261     if (!controller_get_interface()->supports_ble())
262         return;
263 
264     if (p_cb->afp != adv_policy)
265     {
266         p_cb->afp = adv_policy;
267 
268         /* if adv active, stop and restart */
269         btm_ble_stop_adv ();
270 
271         if (p_cb->connectable_mode & BTM_BLE_CONNECTABLE)
272             p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
273                                                               &p_cb->adv_addr_type);
274 
275         btsnd_hcic_ble_write_adv_params ((UINT16)(p_cb->adv_interval_min ? p_cb->adv_interval_min :
276                                          BTM_BLE_GAP_ADV_SLOW_INT),
277                                          (UINT16)(p_cb->adv_interval_max ? p_cb->adv_interval_max :
278                                          BTM_BLE_GAP_ADV_SLOW_INT),
279                                          p_cb->evt_type,
280                                          p_cb->adv_addr_type,
281                                          init_addr_type,
282                                          p_addr_ptr,
283                                          p_cb->adv_chnl_map,
284                                          p_cb->afp);
285 
286         if (adv_mode == BTM_BLE_ADV_ENABLE)
287             btm_ble_start_adv ();
288 
289     }
290 }
291 
292 /*******************************************************************************
293 **
294 ** Function         btm_ble_send_extended_scan_params
295 **
296 ** Description      This function sends out the extended scan parameters command to the controller
297 **
298 ** Parameters       scan_type - Scan type
299 **                  scan_int - Scan interval
300 **                  scan_win - Scan window
301 **                  addr_type_own - Own address type
302 **                  scan_filter_policy - Scan filter policy
303 **
304 ** Returns          TRUE or FALSE
305 **
306 *******************************************************************************/
btm_ble_send_extended_scan_params(UINT8 scan_type,UINT32 scan_int,UINT32 scan_win,UINT8 addr_type_own,UINT8 scan_filter_policy)307 BOOLEAN btm_ble_send_extended_scan_params(UINT8 scan_type, UINT32 scan_int,
308                                           UINT32 scan_win, UINT8 addr_type_own,
309                                           UINT8 scan_filter_policy)
310 {
311     UINT8 scan_param[HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM];
312     UINT8 *pp_scan = scan_param;
313 
314     memset(scan_param, 0, HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM);
315 
316     UINT8_TO_STREAM(pp_scan, scan_type);
317     UINT32_TO_STREAM(pp_scan, scan_int);
318     UINT32_TO_STREAM(pp_scan, scan_win);
319     UINT8_TO_STREAM(pp_scan, addr_type_own);
320     UINT8_TO_STREAM(pp_scan, scan_filter_policy);
321 
322     BTM_TRACE_DEBUG("%s, %d, %d", __func__, scan_int, scan_win);
323     if ((BTM_VendorSpecificCommand(HCI_BLE_EXTENDED_SCAN_PARAMS_OCF,
324          HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM, scan_param, NULL)) != BTM_SUCCESS)
325     {
326         BTM_TRACE_ERROR("%s error sending extended scan parameters", __func__);
327         return FALSE;
328     }
329     return TRUE;
330 }
331 
332 /*******************************************************************************
333 **
334 ** Function         BTM_BleObserve
335 **
336 ** Description      This procedure keep the device listening for advertising
337 **                  events from a broadcast device.
338 **
339 ** Parameters       start: start or stop observe.
340 **                  white_list: use white list in observer mode or not.
341 **
342 ** Returns          void
343 **
344 *******************************************************************************/
BTM_BleObserve(BOOLEAN start,UINT8 duration,tBTM_INQ_RESULTS_CB * p_results_cb,tBTM_CMPL_CB * p_cmpl_cb)345 tBTM_STATUS BTM_BleObserve(BOOLEAN start, UINT8 duration,
346                            tBTM_INQ_RESULTS_CB *p_results_cb, tBTM_CMPL_CB *p_cmpl_cb)
347 {
348     tBTM_BLE_INQ_CB *p_inq = &btm_cb.ble_ctr_cb.inq_var;
349     tBTM_STATUS status = BTM_WRONG_MODE;
350 
351     UINT32 scan_interval = !p_inq->scan_interval ? BTM_BLE_GAP_DISC_SCAN_INT : p_inq->scan_interval;
352     UINT32 scan_window = !p_inq->scan_window ? BTM_BLE_GAP_DISC_SCAN_WIN : p_inq->scan_window;
353 
354     BTM_TRACE_EVENT ("%s : scan_type:%d, %d, %d", __func__, btm_cb.btm_inq_vars.scan_type,
355                       p_inq->scan_interval, p_inq->scan_window);
356 
357     if (!controller_get_interface()->supports_ble())
358         return BTM_ILLEGAL_VALUE;
359 
360     if (start)
361     {
362         /* shared inquiry database, do not allow observe if any inquiry is active */
363         if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
364         {
365             BTM_TRACE_ERROR("%s Observe Already Active", __func__);
366             return status;
367         }
368 
369         btm_cb.ble_ctr_cb.p_obs_results_cb = p_results_cb;
370         btm_cb.ble_ctr_cb.p_obs_cmpl_cb = p_cmpl_cb;
371         status = BTM_CMD_STARTED;
372 
373         /* scan is not started */
374         if (!BTM_BLE_IS_SCAN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
375         {
376             /* allow config of scan type */
377             p_inq->scan_type = (p_inq->scan_type == BTM_BLE_SCAN_MODE_NONE) ?
378                                                     BTM_BLE_SCAN_MODE_ACTI: p_inq->scan_type;
379             /* assume observe always not using white list */
380             #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
381                 /* enable resolving list */
382                 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
383             #endif
384 
385             if (cmn_ble_vsc_cb.extended_scan_support == 0)
386             {
387                 btsnd_hcic_ble_set_scan_params(p_inq->scan_type, (UINT16)scan_interval,
388                                                (UINT16)scan_window,
389                                                btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
390                                                BTM_BLE_DEFAULT_SFP);
391             }
392             else
393             {
394                 btm_ble_send_extended_scan_params(p_inq->scan_type, scan_interval, scan_window,
395                                                   btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
396                                                   BTM_BLE_DEFAULT_SFP);
397             }
398 
399             p_inq->scan_duplicate_filter = BTM_BLE_DUPLICATE_DISABLE;
400             status = btm_ble_start_scan();
401         }
402 
403         if (status == BTM_CMD_STARTED)
404         {
405             btm_cb.ble_ctr_cb.scan_activity |= BTM_LE_OBSERVE_ACTIVE;
406             if (duration != 0)
407                 /* start observer timer */
408                 btu_start_timer (&btm_cb.ble_ctr_cb.obs_timer_ent, BTU_TTYPE_BLE_OBSERVE, duration);
409         }
410     }
411     else if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
412     {
413         status = BTM_CMD_STARTED;
414         btm_ble_stop_observe();
415     }
416     else
417     {
418         BTM_TRACE_ERROR("%s Observe not active", __func__);
419     }
420 
421     return status;
422 
423 }
424 
425 /*******************************************************************************
426 **
427 ** Function         BTM_BleBroadcast
428 **
429 ** Description      This function is to start or stop broadcasting.
430 **
431 ** Parameters       start: start or stop broadcasting.
432 **
433 ** Returns          status.
434 **
435 *******************************************************************************/
BTM_BleBroadcast(BOOLEAN start)436 tBTM_STATUS BTM_BleBroadcast(BOOLEAN start)
437 {
438     tBTM_STATUS status = BTM_NO_RESOURCES;
439     tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
440     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
441     UINT8 evt_type = p_cb->scan_rsp ? BTM_BLE_DISCOVER_EVT: BTM_BLE_NON_CONNECT_EVT;
442 
443     if (!controller_get_interface()->supports_ble())
444         return BTM_ILLEGAL_VALUE;
445 
446 #ifdef  BTM_BLE_PC_ADV_TEST_MODE
447     if (BTM_BLE_PC_ADV_TEST_MODE)
448     {
449         evt_type = p_cb->scan_rsp ? BTM_BLE_CONNECT_EVT: BTM_BLE_NON_CONNECT_EVT;
450     }
451 #endif
452 
453     if (start && p_cb->adv_mode == BTM_BLE_ADV_DISABLE)
454     {
455         /* update adv params */
456         if (!btsnd_hcic_ble_write_adv_params ((UINT16)(p_cb->adv_interval_min ? p_cb->adv_interval_min :
457                                               BTM_BLE_GAP_ADV_INT),
458                                               (UINT16)(p_cb->adv_interval_max ? p_cb->adv_interval_max :
459                                               BTM_BLE_GAP_ADV_INT),
460                                               evt_type,
461                                               p_addr_cb->own_addr_type,
462                                               p_cb->direct_bda.type,
463                                               p_cb->direct_bda.bda,
464                                               p_cb->adv_chnl_map,
465                                               p_cb->afp))
466 
467             status = BTM_NO_RESOURCES;
468         else
469             p_cb->evt_type = evt_type;
470 
471         status = btm_ble_start_adv ();
472     }
473     else if (!start)
474     {
475         status = btm_ble_stop_adv();
476 #if BLE_PRIVACY_SPT == TRUE
477         btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
478 #endif
479     }
480     else
481     {
482         status = BTM_WRONG_MODE;
483         BTM_TRACE_ERROR("Can not %s Broadcast, device %s in Broadcast mode",
484             (start ? "Start" : "Stop"), (start ? "already" :"not"));
485     }
486     return status;
487 }
488 
489 /*******************************************************************************
490 **
491 ** Function         btm_vsc_brcm_features_complete
492 **
493 ** Description      Command Complete callback for HCI_BLE_VENDOR_CAP_OCF
494 **
495 ** Returns          void
496 **
497 *******************************************************************************/
btm_ble_vendor_capability_vsc_cmpl_cback(tBTM_VSC_CMPL * p_vcs_cplt_params)498 static void btm_ble_vendor_capability_vsc_cmpl_cback (tBTM_VSC_CMPL *p_vcs_cplt_params)
499 {
500 #if BLE_VND_INCLUDED == TRUE
501     UINT8 status = 0xFF;
502     UINT8 *p;
503 
504     BTM_TRACE_DEBUG("%s", __func__);
505 
506     /* Check status of command complete event */
507     if ((p_vcs_cplt_params->opcode == HCI_BLE_VENDOR_CAP_OCF) &&
508         (p_vcs_cplt_params->param_len > 0))
509     {
510         p = p_vcs_cplt_params->p_param_buf;
511         STREAM_TO_UINT8(status, p);
512     }
513 
514     if (status == HCI_SUCCESS)
515     {
516         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.adv_inst_max, p);
517         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.rpa_offloading, p);
518         STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg, p);
519         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz, p);
520         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.filter_support, p);
521         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_filter, p);
522         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.energy_support, p);
523 
524         if (p_vcs_cplt_params->param_len > BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE)
525         {
526             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.version_supported, p);
527         }
528         else
529         {
530             btm_cb.cmn_ble_vsc_cb.version_supported = BTM_VSC_CHIP_CAPABILITY_L_VERSION;
531         }
532 
533         if (btm_cb.cmn_ble_vsc_cb.version_supported >= BTM_VSC_CHIP_CAPABILITY_M_VERSION)
534         {
535             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.total_trackable_advertisers, p);
536             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.extended_scan_support, p);
537             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.debug_logging_supported, p);
538         }
539         btm_cb.cmn_ble_vsc_cb.values_read = TRUE;
540     }
541 
542     BTM_TRACE_DEBUG("%s: stat=%d, irk=%d, ADV ins:%d, rpa=%d, ener=%d, ext_scan=%d",
543          __func__, status, btm_cb.cmn_ble_vsc_cb.max_irk_list_sz,
544          btm_cb.cmn_ble_vsc_cb.adv_inst_max, btm_cb.cmn_ble_vsc_cb.rpa_offloading,
545          btm_cb.cmn_ble_vsc_cb.energy_support, btm_cb.cmn_ble_vsc_cb.extended_scan_support);
546 
547     if (BTM_BleMaxMultiAdvInstanceCount() > 0)
548         btm_ble_multi_adv_init();
549 
550     if (btm_cb.cmn_ble_vsc_cb.max_filter > 0)
551         btm_ble_adv_filter_init();
552 
553 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
554     /* VS capability included and non-4.2 device */
555     if (btm_cb.cmn_ble_vsc_cb.max_irk_list_sz > 0 &&
556         controller_get_interface()->get_ble_resolving_list_max_size() == 0)
557         btm_ble_resolving_list_init(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz);
558 #endif
559 
560     if (btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg > 0)
561         btm_ble_batchscan_init();
562 
563     if (p_ctrl_le_feature_rd_cmpl_cback != NULL)
564         p_ctrl_le_feature_rd_cmpl_cback(status);
565 #endif
566 }
567 
568 /*******************************************************************************
569 **
570 ** Function         BTM_BleGetVendorCapabilities
571 **
572 ** Description      This function reads local LE features
573 **
574 ** Parameters       p_cmn_vsc_cb : Locala LE capability structure
575 **
576 ** Returns          void
577 **
578 *******************************************************************************/
BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB * p_cmn_vsc_cb)579 extern void BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB *p_cmn_vsc_cb)
580 {
581     BTM_TRACE_DEBUG("BTM_BleGetVendorCapabilities");
582 
583     if (NULL != p_cmn_vsc_cb)
584     {
585         *p_cmn_vsc_cb = btm_cb.cmn_ble_vsc_cb;
586     }
587 }
588 
589 /******************************************************************************
590 **
591 ** Function         BTM_BleReadControllerFeatures
592 **
593 ** Description      Reads BLE specific controller features
594 **
595 ** Parameters:      tBTM_BLE_CTRL_FEATURES_CBACK : Callback to notify when features are read
596 **
597 ** Returns          void
598 **
599 *******************************************************************************/
BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)600 extern void BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK  *p_vsc_cback)
601 {
602     if (TRUE == btm_cb.cmn_ble_vsc_cb.values_read)
603         return;
604 
605 #if BLE_VND_INCLUDED == TRUE
606     BTM_TRACE_DEBUG("BTM_BleReadControllerFeatures");
607 
608     p_ctrl_le_feature_rd_cmpl_cback = p_vsc_cback;
609     if ( BTM_VendorSpecificCommand (HCI_BLE_VENDOR_CAP_OCF,
610                                     0,
611                                     NULL,
612                                     btm_ble_vendor_capability_vsc_cmpl_cback)
613                                     != BTM_CMD_STARTED)
614     {
615         BTM_TRACE_ERROR("LE Get_Vendor Capabilities Command Failed.");
616     }
617 #else
618     UNUSED(p_vsc_cback);
619 #endif
620     return ;
621 }
622 
623 /*******************************************************************************
624 **
625 ** Function         BTM_BleEnableMixedPrivacyMode
626 **
627 ** Description      This function is called to enabled Mixed mode if privacy 1.2
628 **                  is applicable in controller.
629 **
630 ** Parameters       mixed_on:  mixed mode to be used or not.
631 **
632 ** Returns          void
633 **
634 *******************************************************************************/
BTM_BleEnableMixedPrivacyMode(BOOLEAN mixed_on)635 void BTM_BleEnableMixedPrivacyMode(BOOLEAN mixed_on)
636 {
637 
638 #if BLE_PRIVACY_SPT == TRUE
639     btm_cb.ble_ctr_cb.mixed_mode = mixed_on;
640 
641     /* TODO: send VSC to enabled mixed mode */
642 #endif
643 }
644 
645 /*******************************************************************************
646 **
647 ** Function         BTM_BleConfigPrivacy
648 **
649 ** Description      This function is called to enable or disable the privacy in
650 **                   LE channel of the local device.
651 **
652 ** Parameters       privacy_mode:  privacy mode on or off.
653 **
654 ** Returns          BOOLEAN privacy mode set success; otherwise failed.
655 **
656 *******************************************************************************/
BTM_BleConfigPrivacy(BOOLEAN privacy_mode)657 BOOLEAN BTM_BleConfigPrivacy(BOOLEAN privacy_mode)
658 {
659 #if BLE_PRIVACY_SPT == TRUE
660     tBTM_BLE_CB  *p_cb = &btm_cb.ble_ctr_cb;
661 
662     BTM_TRACE_EVENT ("%s", __func__);
663 
664     /* if LE is not supported, return error */
665     if (!controller_get_interface()->supports_ble())
666         return FALSE;
667 
668     uint8_t addr_resolution = 0;
669     if(!privacy_mode)/* if privacy disabled, always use public address */
670     {
671         p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
672         p_cb->privacy_mode = BTM_PRIVACY_NONE;
673     }
674     else /* privacy is turned on*/
675     {
676         /* always set host random address, used when privacy 1.1 or priavcy 1.2 is disabled */
677         p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
678         btm_gen_resolvable_private_addr((void *)btm_gen_resolve_paddr_low);
679 
680         if (BTM_BleMaxMultiAdvInstanceCount() > 0)
681             btm_ble_multi_adv_enb_privacy(privacy_mode);
682 
683         /* 4.2 controller only allow privacy 1.2 or mixed mode, resolvable private address in controller */
684         if (controller_get_interface()->supports_ble_privacy())
685         {
686             addr_resolution = 1;
687             /* check vendor specific capability */
688             p_cb->privacy_mode = btm_cb.ble_ctr_cb.mixed_mode ? BTM_PRIVACY_MIXED : BTM_PRIVACY_1_2;
689         }
690         else  /* 4.1/4.0 controller */
691             p_cb->privacy_mode = BTM_PRIVACY_1_1;
692     }
693 
694     GAP_BleAttrDBUpdate (GATT_UUID_GAP_CENTRAL_ADDR_RESOL, (tGAP_BLE_ATTR_VALUE *)&addr_resolution);
695 
696     return TRUE;
697 #else
698     return FALSE;
699 #endif
700 }
701 
702 /*******************************************************************************
703 **
704 ** Function          BTM_BleMaxMultiAdvInstanceCount
705 **
706 ** Description        Returns max number of multi adv instances supported by controller
707 **
708 ** Returns          Max multi adv instance count
709 **
710 *******************************************************************************/
BTM_BleMaxMultiAdvInstanceCount(void)711 extern UINT8  BTM_BleMaxMultiAdvInstanceCount(void)
712 {
713     return btm_cb.cmn_ble_vsc_cb.adv_inst_max < BTM_BLE_MULTI_ADV_MAX ?
714         btm_cb.cmn_ble_vsc_cb.adv_inst_max : BTM_BLE_MULTI_ADV_MAX;
715 }
716 
717 #if BLE_PRIVACY_SPT == TRUE
718 /*******************************************************************************
719 **
720 ** Function         btm_ble_resolve_random_addr_on_adv
721 **
722 ** Description      resolve random address complete callback.
723 **
724 ** Returns          void
725 **
726 *******************************************************************************/
btm_ble_resolve_random_addr_on_adv(void * p_rec,void * p)727 static void btm_ble_resolve_random_addr_on_adv(void * p_rec, void *p)
728 {
729     tBTM_SEC_DEV_REC    *match_rec = (tBTM_SEC_DEV_REC *) p_rec;
730     UINT8       addr_type = BLE_ADDR_RANDOM;
731     BD_ADDR     bda;
732     UINT8       *pp = (UINT8 *)p + 1;
733     UINT8           evt_type;
734 
735     BTM_TRACE_EVENT ("btm_ble_resolve_random_addr_on_adv ");
736 
737     STREAM_TO_UINT8    (evt_type, pp);
738     STREAM_TO_UINT8    (addr_type, pp);
739     STREAM_TO_BDADDR   (bda, pp);
740 
741     if (match_rec)
742     {
743         BTM_TRACE_DEBUG("Random match");
744         match_rec->ble.active_addr_type = BTM_BLE_ADDR_RRA;
745         memcpy(match_rec->ble.cur_rand_addr, bda, BD_ADDR_LEN);
746 
747         if (btm_ble_init_pseudo_addr(match_rec, bda))
748         {
749             memcpy(bda, match_rec->bd_addr, BD_ADDR_LEN);
750         } else {
751             // Assign the original address to be the current report address
752             memcpy(bda, match_rec->ble.pseudo_addr, BD_ADDR_LEN);
753         }
754     }
755 
756     btm_ble_process_adv_pkt_cont(bda, addr_type, evt_type, pp);
757 
758     return;
759 }
760 #endif
761 
762 /*******************************************************************************
763 **
764 ** Function         BTM_BleLocalPrivacyEnabled
765 **
766 ** Description        Checks if local device supports private address
767 **
768 ** Returns          Return TRUE if local privacy is enabled else FALSE
769 **
770 *******************************************************************************/
BTM_BleLocalPrivacyEnabled(void)771 BOOLEAN BTM_BleLocalPrivacyEnabled(void)
772 {
773 #if BLE_PRIVACY_SPT == TRUE
774     return (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE);
775 #else
776     return false;
777 #endif
778 }
779 
780 /*******************************************************************************
781 **
782 ** Function         BTM_BleSetBgConnType
783 **
784 ** Description      This function is called to set BLE connectable mode for a
785 **                  peripheral device.
786 **
787 ** Parameters       bg_conn_type: it can be auto connection, or selective connection.
788 **                  p_select_cback: callback function when selective connection procedure
789 **                              is being used.
790 **
791 ** Returns          void
792 **
793 *******************************************************************************/
BTM_BleSetBgConnType(tBTM_BLE_CONN_TYPE bg_conn_type,tBTM_BLE_SEL_CBACK * p_select_cback)794 BOOLEAN BTM_BleSetBgConnType(tBTM_BLE_CONN_TYPE   bg_conn_type,
795                              tBTM_BLE_SEL_CBACK   *p_select_cback)
796 {
797     BOOLEAN started = TRUE;
798 
799     BTM_TRACE_EVENT ("BTM_BleSetBgConnType ");
800     if (!controller_get_interface()->supports_ble())
801         return FALSE;
802 
803     if (btm_cb.ble_ctr_cb.bg_conn_type != bg_conn_type)
804     {
805         switch (bg_conn_type)
806         {
807             case BTM_BLE_CONN_AUTO:
808                 btm_ble_start_auto_conn(TRUE);
809                 break;
810 
811             case BTM_BLE_CONN_SELECTIVE:
812                 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_AUTO)
813                 {
814                     btm_ble_start_auto_conn(FALSE);
815                 }
816                 btm_ble_start_select_conn(TRUE, p_select_cback);
817                 break;
818 
819             case BTM_BLE_CONN_NONE:
820                 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_AUTO)
821                 {
822                     btm_ble_start_auto_conn(FALSE);
823                 }
824                 else if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_SELECTIVE)
825                 {
826                     btm_ble_start_select_conn(FALSE, NULL);
827                 }
828                 started = TRUE;
829                 break;
830 
831             default:
832                 BTM_TRACE_ERROR("invalid bg connection type : %d ", bg_conn_type);
833                 started = FALSE;
834                 break;
835         }
836 
837         if (started)
838             btm_cb.ble_ctr_cb.bg_conn_type = bg_conn_type;
839     }
840     return started;
841 }
842 
843 /*******************************************************************************
844 **
845 ** Function         BTM_BleClearBgConnDev
846 **
847 ** Description      This function is called to clear the whitelist,
848 **                  end any pending whitelist connections,
849 *                   and reset the local bg device list.
850 **
851 ** Parameters       void
852 **
853 ** Returns          void
854 **
855 *******************************************************************************/
BTM_BleClearBgConnDev(void)856 void BTM_BleClearBgConnDev(void)
857 {
858     btm_ble_start_auto_conn(FALSE);
859     btm_ble_clear_white_list();
860     gatt_reset_bgdev_list();
861 }
862 
863 /*******************************************************************************
864 **
865 ** Function         BTM_BleUpdateBgConnDev
866 **
867 ** Description      This function is called to add or remove a device into/from
868 **                  background connection procedure. The background connection
869 *                   procedure is decided by the background connection type, it can be
870 *                   auto connection, or selective connection.
871 **
872 ** Parameters       add_remove: TRUE to add; FALSE to remove.
873 **                  remote_bda: device address to add/remove.
874 **
875 ** Returns          void
876 **
877 *******************************************************************************/
BTM_BleUpdateBgConnDev(BOOLEAN add_remove,BD_ADDR remote_bda)878 BOOLEAN BTM_BleUpdateBgConnDev(BOOLEAN add_remove, BD_ADDR   remote_bda)
879 {
880     BTM_TRACE_EVENT("%s() add=%d", __func__, add_remove);
881     return btm_update_dev_to_white_list(add_remove, remote_bda);
882 }
883 
884 /*******************************************************************************
885 **
886 ** Function         BTM_BleSetConnectableMode
887 **
888 ** Description      This function is called to set BLE connectable mode for a
889 **                  peripheral device.
890 **
891 ** Parameters       conn_mode:  directed connectable mode, or non-directed.It can
892 **                              be BTM_BLE_CONNECT_EVT, BTM_BLE_CONNECT_DIR_EVT or
893 **                              BTM_BLE_CONNECT_LO_DUTY_DIR_EVT
894 **
895 ** Returns          BTM_ILLEGAL_VALUE if controller does not support BLE.
896 **                  BTM_SUCCESS is status set successfully; otherwise failure.
897 **
898 *******************************************************************************/
BTM_BleSetConnectableMode(tBTM_BLE_CONN_MODE connectable_mode)899 tBTM_STATUS BTM_BleSetConnectableMode(tBTM_BLE_CONN_MODE connectable_mode)
900 {
901     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
902 
903     BTM_TRACE_EVENT ("%s connectable_mode = %d ", __func__, connectable_mode);
904     if (!controller_get_interface()->supports_ble())
905         return BTM_ILLEGAL_VALUE;
906 
907     p_cb->directed_conn = connectable_mode;
908     return btm_ble_set_connectability( p_cb->connectable_mode);
909 }
910 
911 /*******************************************************************************
912 **
913 ** Function         btm_set_conn_mode_adv_init_addr
914 **
915 ** Description      set initator address type and local address type based on adv
916 **                  mode.
917 **
918 **
919 *******************************************************************************/
btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB * p_cb,BD_ADDR_PTR p_peer_addr_ptr,tBLE_ADDR_TYPE * p_peer_addr_type,tBLE_ADDR_TYPE * p_own_addr_type)920 static UINT8 btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB *p_cb,
921                                      BD_ADDR_PTR p_peer_addr_ptr,
922                                      tBLE_ADDR_TYPE *p_peer_addr_type,
923                                      tBLE_ADDR_TYPE *p_own_addr_type)
924 {
925     UINT8 evt_type, i = BTM_SEC_MAX_DEVICE_RECORDS;
926     tBTM_SEC_DEV_REC    *p_dev_rec;
927 
928     evt_type = (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE) ? \
929                 ((p_cb->scan_rsp) ? BTM_BLE_DISCOVER_EVT : BTM_BLE_NON_CONNECT_EVT )\
930                 : BTM_BLE_CONNECT_EVT;
931 
932     if (evt_type == BTM_BLE_CONNECT_EVT)
933     {
934         evt_type = p_cb->directed_conn;
935 
936         if ( p_cb->directed_conn == BTM_BLE_CONNECT_DIR_EVT ||
937              p_cb->directed_conn == BTM_BLE_CONNECT_LO_DUTY_DIR_EVT)
938         {
939 
940 #if BLE_PRIVACY_SPT == TRUE
941             /* for privacy 1.2, convert peer address as static, own address set as ID addr */
942             if (btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_1_2 ||
943                 btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_MIXED)
944             {
945                 /* only do so for bonded device */
946                  if ((p_dev_rec = btm_find_or_alloc_dev (p_cb->direct_bda.bda)) != NULL &&
947                       p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT)
948                  {
949                      btm_ble_enable_resolving_list(BTM_BLE_RL_ADV);
950                      memcpy(p_peer_addr_ptr, p_dev_rec->ble.static_addr, BD_ADDR_LEN);
951                      *p_peer_addr_type = p_dev_rec->ble.static_addr_type;
952                      *p_own_addr_type = BLE_ADDR_RANDOM_ID;
953                      return evt_type;
954                  }
955                  /* otherwise fall though as normal directed adv */
956                  else
957                  {
958                     btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
959                  }
960             }
961 #endif
962             /* direct adv mode does not have privacy, if privacy is not enabled  */
963             *p_peer_addr_type  = p_cb->direct_bda.type;
964             memcpy(p_peer_addr_ptr, p_cb->direct_bda.bda, BD_ADDR_LEN);
965             return evt_type;
966         }
967     }
968 
969     /* undirect adv mode or non-connectable mode*/
970 #if BLE_PRIVACY_SPT == TRUE
971     /* when privacy 1.2 privacy only mode is used, or mixed mode */
972     if ((btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_1_2 && p_cb->afp != AP_SCAN_CONN_ALL) ||
973         btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_MIXED)
974     {
975         /* if enhanced privacy is required, set Identity address and matching IRK peer */
976         for (i = 0; i < BTM_SEC_MAX_DEVICE_RECORDS; i ++)
977         {
978             if ((btm_cb.sec_dev_rec[i].sec_flags & BTM_SEC_IN_USE) != 0 &&
979                 (btm_cb.sec_dev_rec[i].ble.in_controller_list & BTM_RESOLVING_LIST_BIT) != 0)
980             {
981                 memcpy(p_peer_addr_ptr, btm_cb.sec_dev_rec[i].ble.static_addr, BD_ADDR_LEN);
982                 *p_peer_addr_type = btm_cb.sec_dev_rec[i].ble.static_addr_type;
983                break;
984             }
985         }
986 
987         if (i != BTM_SEC_MAX_DEVICE_RECORDS)
988             *p_own_addr_type = BLE_ADDR_RANDOM_ID;
989         else
990             /* resolving list is empty, not enabled */
991             *p_own_addr_type = BLE_ADDR_RANDOM;
992     }
993     /* privacy 1.1, or privacy 1.2, general discoverable/connectable mode, disable privacy in */
994     /* controller fall back to host based privacy */
995     else if (btm_cb.ble_ctr_cb.privacy_mode !=  BTM_PRIVACY_NONE)
996     {
997         *p_own_addr_type = BLE_ADDR_RANDOM;
998     }
999 #endif
1000 
1001     /* if no privacy,do not set any peer address,*/
1002     /* local address type go by global privacy setting */
1003     return evt_type;
1004 }
1005 
1006 /*******************************************************************************
1007 **
1008 ** Function         BTM_BleSetAdvParams
1009 **
1010 ** Description      This function is called to set advertising parameters.
1011 **
1012 ** Parameters       adv_int_min: minimum advertising interval
1013 **                  adv_int_max: maximum advertising interval
1014 **                  p_dir_bda: connectable direct initiator's LE device address
1015 **                  chnl_map: advertising channel map.
1016 **
1017 ** Returns          void
1018 **
1019 *******************************************************************************/
BTM_BleSetAdvParams(UINT16 adv_int_min,UINT16 adv_int_max,tBLE_BD_ADDR * p_dir_bda,tBTM_BLE_ADV_CHNL_MAP chnl_map)1020 tBTM_STATUS BTM_BleSetAdvParams(UINT16 adv_int_min, UINT16 adv_int_max,
1021                                 tBLE_BD_ADDR *p_dir_bda,
1022                                 tBTM_BLE_ADV_CHNL_MAP chnl_map)
1023 {
1024     tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1025     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1026     tBTM_STATUS status = BTM_SUCCESS;
1027     BD_ADDR     p_addr_ptr =  {0};
1028     tBLE_ADDR_TYPE   init_addr_type = BLE_ADDR_PUBLIC;
1029     tBLE_ADDR_TYPE   own_addr_type = p_addr_cb->own_addr_type;
1030     UINT8            adv_mode = p_cb->adv_mode;
1031 
1032     BTM_TRACE_EVENT ("BTM_BleSetAdvParams");
1033 
1034     if (!controller_get_interface()->supports_ble())
1035         return BTM_ILLEGAL_VALUE;
1036 
1037     if (!BTM_BLE_ISVALID_PARAM(adv_int_min, BTM_BLE_ADV_INT_MIN, BTM_BLE_ADV_INT_MAX) ||
1038         !BTM_BLE_ISVALID_PARAM(adv_int_max, BTM_BLE_ADV_INT_MIN, BTM_BLE_ADV_INT_MAX))
1039     {
1040         return BTM_ILLEGAL_VALUE;
1041     }
1042 
1043     p_cb->adv_interval_min = adv_int_min;
1044     p_cb->adv_interval_max = adv_int_max;
1045     p_cb->adv_chnl_map = chnl_map;
1046 
1047     if (p_dir_bda)
1048     {
1049         memcpy(&p_cb->direct_bda, p_dir_bda, sizeof(tBLE_BD_ADDR));
1050     }
1051 
1052     BTM_TRACE_EVENT ("update params for an active adv");
1053 
1054     btm_ble_stop_adv();
1055 
1056     p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
1057                                                      &own_addr_type);
1058 
1059     /* update adv params */
1060     btsnd_hcic_ble_write_adv_params (p_cb->adv_interval_min,
1061                                      p_cb->adv_interval_max,
1062                                      p_cb->evt_type,
1063                                      own_addr_type,
1064                                      init_addr_type,
1065                                      p_addr_ptr,
1066                                      p_cb->adv_chnl_map,
1067                                      p_cb->afp);
1068 
1069     if (adv_mode == BTM_BLE_ADV_ENABLE)
1070         btm_ble_start_adv();
1071 
1072     return status;
1073 }
1074 
1075 /*******************************************************************************
1076 **
1077 ** Function         BTM_BleReadAdvParams
1078 **
1079 ** Description      This function is called to set advertising parameters.
1080 **
1081 ** Parameters       adv_int_min: minimum advertising interval
1082 **                  adv_int_max: maximum advertising interval
1083 **                  p_dir_bda: connectable direct initiator's LE device address
1084 **                  chnl_map: advertising channel map.
1085 **
1086 ** Returns          void
1087 **
1088 *******************************************************************************/
BTM_BleReadAdvParams(UINT16 * adv_int_min,UINT16 * adv_int_max,tBLE_BD_ADDR * p_dir_bda,tBTM_BLE_ADV_CHNL_MAP * p_chnl_map)1089 void BTM_BleReadAdvParams (UINT16 *adv_int_min, UINT16 *adv_int_max,
1090                            tBLE_BD_ADDR *p_dir_bda, tBTM_BLE_ADV_CHNL_MAP *p_chnl_map)
1091 {
1092     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1093 
1094     BTM_TRACE_EVENT ("BTM_BleReadAdvParams ");
1095     if (!controller_get_interface()->supports_ble())
1096         return ;
1097 
1098     *adv_int_min = p_cb->adv_interval_min;
1099     *adv_int_max = p_cb->adv_interval_max;
1100     *p_chnl_map = p_cb->adv_chnl_map;
1101 
1102     if (p_dir_bda != NULL)
1103     {
1104         memcpy(p_dir_bda, &p_cb->direct_bda, sizeof(tBLE_BD_ADDR));
1105     }
1106 }
1107 
1108 /*******************************************************************************
1109 **
1110 ** Function         BTM_BleSetScanParams
1111 **
1112 ** Description      This function is called to set scan parameters.
1113 **
1114 ** Parameters       client_if - Client IF
1115 **                  scan_interval - Scan interval
1116 **                  scan_window - Scan window
1117 **                  scan_mode -    Scan mode
1118 **                  scan_setup_status_cback - Scan param setup status callback
1119 **
1120 ** Returns          void
1121 **
1122 *******************************************************************************/
BTM_BleSetScanParams(tGATT_IF client_if,UINT32 scan_interval,UINT32 scan_window,tBLE_SCAN_MODE scan_mode,tBLE_SCAN_PARAM_SETUP_CBACK scan_setup_status_cback)1123 void BTM_BleSetScanParams(tGATT_IF client_if, UINT32 scan_interval, UINT32 scan_window,
1124                           tBLE_SCAN_MODE scan_mode,
1125                           tBLE_SCAN_PARAM_SETUP_CBACK scan_setup_status_cback)
1126 {
1127     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1128     UINT32 max_scan_interval;
1129     UINT32 max_scan_window;
1130 
1131     BTM_TRACE_EVENT ("%s", __func__);
1132     if (!controller_get_interface()->supports_ble())
1133         return;
1134 
1135     /* If not supporting extended scan support, use the older range for checking */
1136     if (btm_cb.cmn_ble_vsc_cb.extended_scan_support == 0)
1137     {
1138         max_scan_interval = BTM_BLE_SCAN_INT_MAX;
1139         max_scan_window = BTM_BLE_SCAN_WIN_MAX;
1140     }
1141     else
1142     {
1143         /* If supporting extended scan support, use the new extended range for checking */
1144         max_scan_interval = BTM_BLE_EXT_SCAN_INT_MAX;
1145         max_scan_window = BTM_BLE_EXT_SCAN_WIN_MAX;
1146     }
1147 
1148     if (BTM_BLE_ISVALID_PARAM(scan_interval, BTM_BLE_SCAN_INT_MIN, max_scan_interval) &&
1149         BTM_BLE_ISVALID_PARAM(scan_window, BTM_BLE_SCAN_WIN_MIN, max_scan_window) &&
1150        (scan_mode == BTM_BLE_SCAN_MODE_ACTI || scan_mode == BTM_BLE_SCAN_MODE_PASS))
1151     {
1152         p_cb->scan_type = scan_mode;
1153         p_cb->scan_interval = scan_interval;
1154         p_cb->scan_window = scan_window;
1155 
1156         if (scan_setup_status_cback != NULL)
1157             scan_setup_status_cback(client_if, BTM_SUCCESS);
1158     }
1159     else
1160     {
1161         if (scan_setup_status_cback != NULL)
1162             scan_setup_status_cback(client_if, BTM_ILLEGAL_VALUE);
1163 
1164         BTM_TRACE_ERROR("Illegal params: scan_interval = %d scan_window = %d",
1165                         scan_interval, scan_window);
1166     }
1167 
1168 }
1169 
1170 /*******************************************************************************
1171 **
1172 ** Function         BTM_BleWriteScanRsp
1173 **
1174 ** Description      This function is called to write LE scan response.
1175 **
1176 ** Parameters:      p_scan_rsp: scan response information.
1177 **
1178 ** Returns          void
1179 **
1180 *******************************************************************************/
BTM_BleWriteScanRsp(tBTM_BLE_AD_MASK data_mask,tBTM_BLE_ADV_DATA * p_data)1181 tBTM_STATUS BTM_BleWriteScanRsp(tBTM_BLE_AD_MASK data_mask, tBTM_BLE_ADV_DATA *p_data)
1182 {
1183     tBTM_STATUS     status = BTM_NO_RESOURCES;
1184     UINT8   rsp_data[BTM_BLE_AD_DATA_LEN],
1185             *p = rsp_data;
1186 
1187     BTM_TRACE_EVENT (" BTM_BleWriteScanRsp");
1188 
1189     if (!controller_get_interface()->supports_ble())
1190         return BTM_ILLEGAL_VALUE;
1191 
1192     memset(rsp_data, 0, BTM_BLE_AD_DATA_LEN);
1193     btm_ble_build_adv_data(&data_mask, &p, p_data);
1194 
1195     if (btsnd_hcic_ble_set_scan_rsp_data((UINT8)(p - rsp_data), rsp_data))
1196     {
1197         status = BTM_SUCCESS;
1198 
1199         if (data_mask != 0)
1200             btm_cb.ble_ctr_cb.inq_var.scan_rsp = TRUE;
1201         else
1202             btm_cb.ble_ctr_cb.inq_var.scan_rsp = FALSE;
1203     }
1204     else
1205         status = BTM_ILLEGAL_VALUE;
1206 
1207     return status;
1208 }
1209 
1210 /*******************************************************************************
1211 **
1212 ** Function         BTM_BleWriteAdvData
1213 **
1214 ** Description      This function is called to write advertising data.
1215 **
1216 ** Parameters:       None.
1217 **
1218 ** Returns          void
1219 **
1220 *******************************************************************************/
BTM_BleWriteAdvData(tBTM_BLE_AD_MASK data_mask,tBTM_BLE_ADV_DATA * p_data)1221 tBTM_STATUS BTM_BleWriteAdvData(tBTM_BLE_AD_MASK data_mask, tBTM_BLE_ADV_DATA *p_data)
1222 {
1223     tBTM_BLE_LOCAL_ADV_DATA *p_cb_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1224     UINT8  *p;
1225     tBTM_BLE_AD_MASK   mask = data_mask;
1226 
1227     BTM_TRACE_EVENT ("BTM_BleWriteAdvData ");
1228 
1229     if (!controller_get_interface()->supports_ble())
1230         return BTM_ILLEGAL_VALUE;
1231 
1232     memset(p_cb_data, 0, sizeof(tBTM_BLE_LOCAL_ADV_DATA));
1233     p = p_cb_data->ad_data;
1234     p_cb_data->data_mask = data_mask;
1235 
1236     p_cb_data->p_flags = btm_ble_build_adv_data(&mask, &p, p_data);
1237 
1238     p_cb_data->p_pad = p;
1239 
1240     if (mask != 0)
1241     {
1242         BTM_TRACE_ERROR("Partial data write into ADV");
1243     }
1244 
1245     p_cb_data->data_mask &= ~mask;
1246 
1247     if (btsnd_hcic_ble_set_adv_data((UINT8)(p_cb_data->p_pad - p_cb_data->ad_data),
1248                                     p_cb_data->ad_data))
1249         return BTM_SUCCESS;
1250     else
1251         return BTM_NO_RESOURCES;
1252 
1253 }
1254 
1255 /*******************************************************************************
1256 **
1257 ** Function         BTM_CheckAdvData
1258 **
1259 ** Description      This function is called to get ADV data for a specific type.
1260 **
1261 ** Parameters       p_adv - pointer of ADV data
1262 **                  type   - finding ADV data type
1263 **                  p_length - return the length of ADV data not including type
1264 **
1265 ** Returns          pointer of ADV data
1266 **
1267 *******************************************************************************/
BTM_CheckAdvData(UINT8 * p_adv,UINT8 type,UINT8 * p_length)1268 UINT8 *BTM_CheckAdvData( UINT8 *p_adv, UINT8 type, UINT8 *p_length)
1269 {
1270     UINT8 *p = p_adv;
1271     UINT8 length;
1272     UINT8 adv_type;
1273     BTM_TRACE_API("BTM_CheckAdvData type=0x%02X", type);
1274 
1275     STREAM_TO_UINT8(length, p);
1276 
1277     while ( length && (p - p_adv <= BTM_BLE_CACHE_ADV_DATA_MAX))
1278     {
1279         STREAM_TO_UINT8(adv_type, p);
1280 
1281         if ( adv_type == type )
1282         {
1283             /* length doesn't include itself */
1284             *p_length = length - 1; /* minus the length of type */
1285             return p;
1286         }
1287         p += length - 1; /* skip the length of data */
1288         STREAM_TO_UINT8(length, p);
1289     }
1290 
1291     *p_length = 0;
1292     return NULL;
1293 }
1294 
1295 /*******************************************************************************
1296 **
1297 ** Function         BTM__BLEReadDiscoverability
1298 **
1299 ** Description      This function is called to read the current LE discoverability
1300 **                  mode of the device.
1301 **
1302 ** Returns          BTM_BLE_NON_DISCOVERABLE ,BTM_BLE_LIMITED_DISCOVERABLE or
1303 **                     BTM_BLE_GENRAL_DISCOVERABLE
1304 **
1305 *******************************************************************************/
BTM_BleReadDiscoverability()1306 UINT16 BTM_BleReadDiscoverability()
1307 {
1308     BTM_TRACE_API("%s", __FUNCTION__);
1309 
1310     return (btm_cb.ble_ctr_cb.inq_var.discoverable_mode);
1311 }
1312 
1313 /*******************************************************************************
1314 **
1315 ** Function         BTM__BLEReadConnectability
1316 **
1317 ** Description      This function is called to read the current LE connectibility
1318 **                  mode of the device.
1319 **
1320 ** Returns          BTM_BLE_NON_CONNECTABLE or BTM_BLE_CONNECTABLE
1321 **
1322 *******************************************************************************/
BTM_BleReadConnectability()1323 UINT16 BTM_BleReadConnectability()
1324 {
1325     BTM_TRACE_API ("%s", __FUNCTION__);
1326 
1327     return (btm_cb.ble_ctr_cb.inq_var.connectable_mode);
1328 }
1329 
1330 /*******************************************************************************
1331 **
1332 ** Function         btm_ble_build_adv_data
1333 **
1334 ** Description      This function is called build the adv data and rsp data.
1335 *******************************************************************************/
btm_ble_build_adv_data(tBTM_BLE_AD_MASK * p_data_mask,UINT8 ** p_dst,tBTM_BLE_ADV_DATA * p_data)1336 UINT8 *btm_ble_build_adv_data(tBTM_BLE_AD_MASK *p_data_mask, UINT8 **p_dst,
1337                               tBTM_BLE_ADV_DATA *p_data)
1338 {
1339     UINT32 data_mask = *p_data_mask;
1340     UINT8   *p = *p_dst,
1341     *p_flag = NULL;
1342     UINT16  len = BTM_BLE_AD_DATA_LEN, cp_len = 0;
1343     UINT8   i = 0;
1344     tBTM_BLE_PROP_ELEM      *p_elem;
1345 
1346     BTM_TRACE_EVENT (" btm_ble_build_adv_data");
1347 
1348     /* build the adv data structure and build the data string */
1349     if (data_mask)
1350     {
1351         /* flags */
1352         if (data_mask & BTM_BLE_AD_BIT_FLAGS)
1353         {
1354             *p++ = MIN_ADV_LENGTH;
1355             *p++ = BTM_BLE_AD_TYPE_FLAG;
1356             p_flag = p;
1357             if (p_data)
1358                 *p++ = p_data->flag;
1359             else
1360                 *p++ = 0;
1361 
1362             len -= 3;
1363 
1364             data_mask &= ~BTM_BLE_AD_BIT_FLAGS;
1365         }
1366         /* appearance data */
1367         if (len > 3 && data_mask & BTM_BLE_AD_BIT_APPEARANCE)
1368         {
1369             *p++ = 3; /* length */
1370             *p++ = BTM_BLE_AD_TYPE_APPEARANCE;
1371             UINT16_TO_STREAM(p, p_data->appearance);
1372             len -= 4;
1373 
1374             data_mask &= ~BTM_BLE_AD_BIT_APPEARANCE;
1375         }
1376         /* device name */
1377 #if BTM_MAX_LOC_BD_NAME_LEN > 0
1378         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_DEV_NAME)
1379         {
1380             if (strlen(btm_cb.cfg.bd_name) > (UINT16)(len - MIN_ADV_LENGTH))
1381             {
1382                 *p++ = len - MIN_ADV_LENGTH + 1;
1383                 *p++ = BTM_BLE_AD_TYPE_NAME_SHORT;
1384                 ARRAY_TO_STREAM(p, btm_cb.cfg.bd_name, len - MIN_ADV_LENGTH);
1385             }
1386             else
1387             {
1388                 cp_len = (UINT16)strlen(btm_cb.cfg.bd_name);
1389                 *p++ = cp_len + 1;
1390                 *p++ = BTM_BLE_AD_TYPE_NAME_CMPL;
1391                 ARRAY_TO_STREAM(p, btm_cb.cfg.bd_name, cp_len);
1392             }
1393             len -= (cp_len + MIN_ADV_LENGTH);
1394             data_mask &= ~BTM_BLE_AD_BIT_DEV_NAME;
1395         }
1396 #endif
1397         /* manufacturer data */
1398         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_MANU &&
1399             p_data && p_data->p_manu &&
1400             p_data->p_manu->len != 0 && p_data->p_manu->p_val)
1401         {
1402             if (p_data->p_manu->len > (len - MIN_ADV_LENGTH))
1403                 cp_len = len - MIN_ADV_LENGTH;
1404             else
1405                 cp_len = p_data->p_manu->len;
1406 
1407             *p++ = cp_len + 1;
1408             *p++ = BTM_BLE_AD_TYPE_MANU;
1409             ARRAY_TO_STREAM(p, p_data->p_manu->p_val, cp_len);
1410 
1411             len -= (cp_len + MIN_ADV_LENGTH);
1412             data_mask &= ~BTM_BLE_AD_BIT_MANU;
1413         }
1414         /* TX power */
1415         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_TX_PWR)
1416         {
1417             *p++ = MIN_ADV_LENGTH;
1418             *p++ = BTM_BLE_AD_TYPE_TX_PWR;
1419             if (p_data->tx_power > BTM_BLE_ADV_TX_POWER_MAX)
1420                 p_data->tx_power = BTM_BLE_ADV_TX_POWER_MAX;
1421             *p++ = btm_ble_map_adv_tx_power(p_data->tx_power);
1422             len -= 3;
1423             data_mask &= ~BTM_BLE_AD_BIT_TX_PWR;
1424         }
1425         /* 16 bits services */
1426         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE &&
1427             p_data && p_data->p_services &&
1428             p_data->p_services->num_service != 0 &&
1429             p_data->p_services->p_uuid)
1430         {
1431             if (p_data->p_services->num_service * LEN_UUID_16 > (len - MIN_ADV_LENGTH))
1432             {
1433                 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_16;
1434                 *p ++ = 1 + cp_len * LEN_UUID_16;
1435                 *p++ = BTM_BLE_AD_TYPE_16SRV_PART;
1436             }
1437             else
1438             {
1439                 cp_len = p_data->p_services->num_service;
1440                 *p++ = 1 + cp_len * LEN_UUID_16;
1441                 *p++ = BTM_BLE_AD_TYPE_16SRV_CMPL;
1442             }
1443             for (i = 0; i < cp_len; i ++)
1444             {
1445                 UINT16_TO_STREAM(p, *(p_data->p_services->p_uuid + i));
1446             }
1447 
1448             len -= (cp_len * MIN_ADV_LENGTH + MIN_ADV_LENGTH);
1449             data_mask &= ~BTM_BLE_AD_BIT_SERVICE;
1450         }
1451         /* 32 bits service uuid */
1452         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_32 &&
1453             p_data && p_data->p_service_32b &&
1454             p_data->p_service_32b->num_service != 0 &&
1455             p_data->p_service_32b->p_uuid)
1456         {
1457             if ((p_data->p_service_32b->num_service * LEN_UUID_32) > (len - MIN_ADV_LENGTH))
1458             {
1459                 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_32;
1460                 *p ++ = 1 + cp_len * LEN_UUID_32;
1461                 *p++ = BTM_BLE_AD_TYPE_32SRV_PART;
1462             }
1463             else
1464             {
1465                 cp_len = p_data->p_service_32b->num_service;
1466                 *p++ = 1 + cp_len * LEN_UUID_32;
1467                 *p++ = BTM_BLE_AD_TYPE_32SRV_CMPL;
1468             }
1469             for (i = 0; i < cp_len; i ++)
1470             {
1471                 UINT32_TO_STREAM(p, *(p_data->p_service_32b->p_uuid + i));
1472             }
1473 
1474             len -= (cp_len * LEN_UUID_32 + MIN_ADV_LENGTH);
1475             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_32;
1476         }
1477         /* 128 bits services */
1478         if (len >= (MAX_UUID_SIZE + 2) && data_mask & BTM_BLE_AD_BIT_SERVICE_128 &&
1479             p_data && p_data->p_services_128b)
1480         {
1481             *p ++ = 1 + MAX_UUID_SIZE;
1482             if (!p_data->p_services_128b->list_cmpl)
1483                 *p++ = BTM_BLE_AD_TYPE_128SRV_PART;
1484             else
1485                 *p++ = BTM_BLE_AD_TYPE_128SRV_CMPL;
1486 
1487             ARRAY_TO_STREAM(p, p_data->p_services_128b->uuid128, MAX_UUID_SIZE);
1488 
1489             len -= (MAX_UUID_SIZE + MIN_ADV_LENGTH);
1490             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_128;
1491         }
1492         /* 32 bits Service Solicitation UUIDs */
1493         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_32SOL &&
1494             p_data && p_data->p_sol_service_32b &&
1495             p_data->p_sol_service_32b->num_service != 0 &&
1496             p_data->p_sol_service_32b->p_uuid)
1497         {
1498             if ((p_data->p_sol_service_32b->num_service * LEN_UUID_32) > (len - MIN_ADV_LENGTH))
1499             {
1500                 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_32;
1501                 *p ++ = 1 + cp_len * LEN_UUID_32;
1502             }
1503             else
1504             {
1505                 cp_len = p_data->p_sol_service_32b->num_service;
1506                 *p++ = 1 + cp_len * LEN_UUID_32;
1507             }
1508 
1509             *p++ = BTM_BLE_AD_TYPE_32SOL_SRV_UUID;
1510             for (i = 0; i < cp_len; i ++)
1511             {
1512                 UINT32_TO_STREAM(p, *(p_data->p_sol_service_32b->p_uuid + i));
1513             }
1514 
1515             len -= (cp_len * LEN_UUID_32 + MIN_ADV_LENGTH);
1516             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_32SOL;
1517         }
1518         /* 128 bits Solicitation services UUID */
1519         if (len >= (MAX_UUID_SIZE + MIN_ADV_LENGTH) && data_mask & BTM_BLE_AD_BIT_SERVICE_128SOL &&
1520             p_data && p_data->p_sol_service_128b)
1521         {
1522             *p ++ = 1 + MAX_UUID_SIZE;
1523             *p++ = BTM_BLE_AD_TYPE_128SOL_SRV_UUID;
1524             ARRAY_TO_STREAM(p, p_data->p_sol_service_128b->uuid128, MAX_UUID_SIZE);
1525             len -= (MAX_UUID_SIZE + MIN_ADV_LENGTH);
1526             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_128SOL;
1527         }
1528         /* 16bits/32bits/128bits Service Data */
1529         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_DATA &&
1530             p_data && p_data->p_service_data->len != 0 && p_data->p_service_data->p_val)
1531         {
1532             if (len  > (p_data->p_service_data->service_uuid.len + MIN_ADV_LENGTH))
1533             {
1534                 if (p_data->p_service_data->len > (len - MIN_ADV_LENGTH))
1535                     cp_len = len - MIN_ADV_LENGTH- p_data->p_service_data->service_uuid.len;
1536                 else
1537                     cp_len = p_data->p_service_data->len;
1538 
1539                 *p++ = cp_len + 1 + p_data->p_service_data->service_uuid.len;
1540                 if (p_data->p_service_data->service_uuid.len == LEN_UUID_16)
1541                 {
1542                     *p++ = BTM_BLE_AD_TYPE_SERVICE_DATA;
1543                     UINT16_TO_STREAM(p, p_data->p_service_data->service_uuid.uu.uuid16);
1544                 }
1545                 else if (p_data->p_service_data->service_uuid.len == LEN_UUID_32)
1546                 {
1547                     *p++ = BTM_BLE_AD_TYPE_32SERVICE_DATA;
1548                     UINT32_TO_STREAM(p, p_data->p_service_data->service_uuid.uu.uuid32);
1549                 }
1550                 else
1551                 {
1552                     *p++ = BTM_BLE_AD_TYPE_128SERVICE_DATA;
1553                     ARRAY_TO_STREAM(p, p_data->p_service_data->service_uuid.uu.uuid128,
1554                                     LEN_UUID_128);
1555                 }
1556 
1557                 ARRAY_TO_STREAM(p, p_data->p_service_data->p_val, cp_len);
1558 
1559                 len -= (cp_len + MIN_ADV_LENGTH + p_data->p_service_data->service_uuid.len);
1560                 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_DATA;
1561             }
1562             else
1563             {
1564                 BTM_TRACE_WARNING("service data does not fit");
1565             }
1566         }
1567 
1568         if (len >= 6 && data_mask & BTM_BLE_AD_BIT_INT_RANGE &&
1569             p_data)
1570         {
1571             *p++ = 5;
1572             *p++ = BTM_BLE_AD_TYPE_INT_RANGE;
1573             UINT16_TO_STREAM(p, p_data->int_range.low);
1574             UINT16_TO_STREAM(p, p_data->int_range.hi);
1575             len -= 6;
1576             data_mask &= ~BTM_BLE_AD_BIT_INT_RANGE;
1577         }
1578         if (data_mask & BTM_BLE_AD_BIT_PROPRIETARY && p_data && p_data->p_proprietary)
1579         {
1580             for (i = 0; i < p_data->p_proprietary->num_elem ; i ++)
1581             {
1582                 p_elem = p_data->p_proprietary->p_elem  + i;
1583 
1584                 if (len >= (MIN_ADV_LENGTH + p_elem->len))/* len byte(1) + ATTR type(1) + Uuid len(2)
1585                                                           + value length */
1586                 {
1587                     *p ++ = p_elem->len + 1; /* Uuid len + value length */
1588                     *p ++ = p_elem->adv_type;
1589                     ARRAY_TO_STREAM(p, p_elem->p_val, p_elem->len);
1590 
1591                     len -= (MIN_ADV_LENGTH + p_elem->len);
1592                 }
1593                 else
1594                 {
1595                     BTM_TRACE_WARNING("data exceed max adv packet length");
1596                     break;
1597                 }
1598             }
1599             data_mask &= ~BTM_BLE_AD_BIT_PROPRIETARY;
1600         }
1601     }
1602 
1603     *p_data_mask = data_mask;
1604     *p_dst = p;
1605 
1606     return p_flag;
1607 }
1608 /*******************************************************************************
1609 **
1610 ** Function         btm_ble_select_adv_interval
1611 **
1612 ** Description      select adv interval based on device mode
1613 **
1614 ** Returns          void
1615 **
1616 *******************************************************************************/
btm_ble_select_adv_interval(tBTM_BLE_INQ_CB * p_cb,UINT8 evt_type,UINT16 * p_adv_int_min,UINT16 * p_adv_int_max)1617 void btm_ble_select_adv_interval(tBTM_BLE_INQ_CB *p_cb, UINT8 evt_type, UINT16 *p_adv_int_min, UINT16 *p_adv_int_max)
1618 {
1619     if (p_cb->adv_interval_min && p_cb->adv_interval_max)
1620     {
1621         *p_adv_int_min = p_cb->adv_interval_min;
1622         *p_adv_int_max = p_cb->adv_interval_max;
1623     }
1624     else
1625     {
1626         switch (evt_type)
1627         {
1628         case BTM_BLE_CONNECT_EVT:
1629         case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
1630             *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_1;
1631             break;
1632 
1633         case BTM_BLE_NON_CONNECT_EVT:
1634         case BTM_BLE_DISCOVER_EVT:
1635             *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_2;
1636             break;
1637 
1638         /* connectable directed event */
1639         case BTM_BLE_CONNECT_DIR_EVT:
1640             *p_adv_int_min = BTM_BLE_GAP_ADV_DIR_MIN_INT;
1641             *p_adv_int_max = BTM_BLE_GAP_ADV_DIR_MAX_INT;
1642             break;
1643 
1644         default:
1645             *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_SLOW_INT;
1646             break;
1647         }
1648     }
1649     return;
1650 }
1651 
1652 /*******************************************************************************
1653 **
1654 ** Function         btm_ble_update_dmt_flag_bits
1655 **
1656 ** Description      Obtain updated adv flag value based on connect and discoverability mode.
1657 **                  Also, setup DMT support value in the flag based on whether the controller
1658 **                  supports both LE and BR/EDR.
1659 **
1660 ** Parameters:      flag_value (Input / Output) - flag value
1661 **                  connect_mode (Input) - Connect mode value
1662 **                  disc_mode (Input) - discoverability mode
1663 **
1664 ** Returns          void
1665 **
1666 *******************************************************************************/
btm_ble_update_dmt_flag_bits(UINT8 * adv_flag_value,const UINT16 connect_mode,const UINT16 disc_mode)1667 void btm_ble_update_dmt_flag_bits(UINT8 *adv_flag_value, const UINT16 connect_mode,
1668                                    const UINT16 disc_mode)
1669 {
1670     /* BR/EDR non-discoverable , non-connectable */
1671     if ((disc_mode & BTM_DISCOVERABLE_MASK) == 0 &&
1672         (connect_mode & BTM_CONNECTABLE_MASK) == 0)
1673         *adv_flag_value |= BTM_BLE_BREDR_NOT_SPT;
1674     else
1675         *adv_flag_value &= ~BTM_BLE_BREDR_NOT_SPT;
1676 
1677     /* if local controller support, mark both controller and host support in flag */
1678     if (controller_get_interface()->supports_simultaneous_le_bredr())
1679         *adv_flag_value |= (BTM_BLE_DMT_CONTROLLER_SPT|BTM_BLE_DMT_HOST_SPT);
1680     else
1681         *adv_flag_value &= ~(BTM_BLE_DMT_CONTROLLER_SPT|BTM_BLE_DMT_HOST_SPT);
1682 }
1683 
1684 /*******************************************************************************
1685 **
1686 ** Function         btm_ble_set_adv_flag
1687 **
1688 ** Description      Set adv flag in adv data.
1689 **
1690 ** Parameters:      connect_mode (Input)- Connect mode value
1691 **                  disc_mode (Input) - discoverability mode
1692 **
1693 ** Returns          void
1694 **
1695 *******************************************************************************/
btm_ble_set_adv_flag(UINT16 connect_mode,UINT16 disc_mode)1696 void btm_ble_set_adv_flag(UINT16 connect_mode, UINT16 disc_mode)
1697 {
1698     UINT8 flag = 0, old_flag = 0;
1699     tBTM_BLE_LOCAL_ADV_DATA *p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1700 
1701     if (p_adv_data->p_flags != NULL)
1702         flag = old_flag = *(p_adv_data->p_flags);
1703 
1704     btm_ble_update_dmt_flag_bits (&flag, connect_mode, disc_mode);
1705 
1706     LOG_DEBUG("disc_mode %04x", disc_mode);
1707     /* update discoverable flag */
1708     if (disc_mode & BTM_BLE_LIMITED_DISCOVERABLE)
1709     {
1710         flag &= ~BTM_BLE_GEN_DISC_FLAG;
1711         flag |= BTM_BLE_LIMIT_DISC_FLAG;
1712     }
1713     else if (disc_mode & BTM_BLE_GENERAL_DISCOVERABLE)
1714     {
1715         flag |= BTM_BLE_GEN_DISC_FLAG;
1716         flag &= ~BTM_BLE_LIMIT_DISC_FLAG;
1717     }
1718     else /* remove all discoverable flags */
1719     {
1720         flag &= ~(BTM_BLE_LIMIT_DISC_FLAG|BTM_BLE_GEN_DISC_FLAG);
1721     }
1722 
1723     if (flag != old_flag)
1724     {
1725         btm_ble_update_adv_flag(flag);
1726     }
1727 }
1728 /*******************************************************************************
1729 **
1730 ** Function         btm_ble_set_discoverability
1731 **
1732 ** Description      This function is called to set BLE discoverable mode.
1733 **
1734 ** Parameters:      combined_mode: discoverability mode.
1735 **
1736 ** Returns          BTM_SUCCESS is status set successfully; otherwise failure.
1737 **
1738 *******************************************************************************/
btm_ble_set_discoverability(UINT16 combined_mode)1739 tBTM_STATUS btm_ble_set_discoverability(UINT16 combined_mode)
1740 {
1741     tBTM_LE_RANDOM_CB   *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1742     tBTM_BLE_INQ_CB     *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1743     UINT16              mode = (combined_mode &  BTM_BLE_DISCOVERABLE_MASK);
1744     UINT8               new_mode = BTM_BLE_ADV_ENABLE;
1745     UINT8               evt_type;
1746     tBTM_STATUS         status = BTM_SUCCESS;
1747     BD_ADDR             p_addr_ptr= {0};
1748     tBLE_ADDR_TYPE      init_addr_type = BLE_ADDR_PUBLIC,
1749                         own_addr_type = p_addr_cb->own_addr_type;
1750     UINT16              adv_int_min, adv_int_max;
1751 
1752     BTM_TRACE_EVENT ("%s mode=0x%0x combined_mode=0x%x", __FUNCTION__, mode, combined_mode);
1753 
1754     /*** Check mode parameter ***/
1755     if (mode > BTM_BLE_MAX_DISCOVERABLE)
1756         return(BTM_ILLEGAL_VALUE);
1757 
1758     p_cb->discoverable_mode = mode;
1759 
1760     evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type, &own_addr_type);
1761 
1762     if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE && mode == BTM_BLE_NON_DISCOVERABLE)
1763         new_mode = BTM_BLE_ADV_DISABLE;
1764 
1765     btm_ble_select_adv_interval(p_cb, evt_type, &adv_int_min, &adv_int_max);
1766 
1767     btu_stop_timer(&p_cb->fast_adv_timer);
1768 
1769     /* update adv params if start advertising */
1770     BTM_TRACE_EVENT ("evt_type=0x%x p-cb->evt_type=0x%x ", evt_type, p_cb->evt_type);
1771 
1772     if (new_mode == BTM_BLE_ADV_ENABLE)
1773     {
1774         btm_ble_set_adv_flag (btm_cb.btm_inq_vars.connectable_mode, combined_mode);
1775 
1776         if (evt_type != p_cb->evt_type ||p_cb->adv_addr_type != own_addr_type
1777             || !p_cb->fast_adv_on)
1778         {
1779             btm_ble_stop_adv();
1780 
1781             /* update adv params */
1782             if (!btsnd_hcic_ble_write_adv_params (adv_int_min,
1783                                                   adv_int_max,
1784                                                   evt_type,
1785                                                   own_addr_type,
1786                                                   init_addr_type,
1787                                                   p_addr_ptr,
1788                                                   p_cb->adv_chnl_map,
1789                                                   p_cb->afp))
1790             {
1791                 status = BTM_NO_RESOURCES;
1792             }
1793             else
1794             {
1795                 p_cb->evt_type = evt_type;
1796                 p_cb->adv_addr_type = own_addr_type;
1797             }
1798         }
1799     }
1800 
1801     if (status == BTM_SUCCESS && p_cb->adv_mode != new_mode)
1802     {
1803         if (new_mode == BTM_BLE_ADV_ENABLE)
1804             status = btm_ble_start_adv();
1805         else
1806             status = btm_ble_stop_adv();
1807     }
1808 
1809     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
1810     {
1811         p_cb->fast_adv_on = TRUE;
1812         /* start initial GAP mode adv timer */
1813         btu_start_timer (&p_cb->fast_adv_timer, BTU_TTYPE_BLE_GAP_FAST_ADV,
1814                           BTM_BLE_GAP_FAST_ADV_TOUT);
1815     }
1816     else
1817     {
1818 #if BLE_PRIVACY_SPT == TRUE
1819         btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
1820 #endif
1821     }
1822 
1823     /* set up stop advertising timer */
1824     if (status == BTM_SUCCESS && mode == BTM_BLE_LIMITED_DISCOVERABLE)
1825     {
1826         BTM_TRACE_EVENT ("start timer for limited disc mode duration=%d (180 secs)", BTM_BLE_GAP_LIM_TOUT);
1827         /* start Tgap(lim_timeout) */
1828         btu_start_timer (&p_cb->inq_timer_ent, BTU_TTYPE_BLE_GAP_LIM_DISC,
1829                          BTM_BLE_GAP_LIM_TOUT);
1830     }
1831     return status;
1832 }
1833 
1834 /*******************************************************************************
1835 **
1836 ** Function         btm_ble_set_connectability
1837 **
1838 ** Description      This function is called to set BLE connectability mode.
1839 **
1840 ** Parameters:      combined_mode: connectability mode.
1841 **
1842 ** Returns          BTM_SUCCESS is status set successfully; otherwise failure.
1843 **
1844 *******************************************************************************/
btm_ble_set_connectability(UINT16 combined_mode)1845 tBTM_STATUS btm_ble_set_connectability(UINT16 combined_mode)
1846 {
1847     tBTM_LE_RANDOM_CB       *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1848     tBTM_BLE_INQ_CB         *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1849     UINT16                  mode = (combined_mode & BTM_BLE_CONNECTABLE_MASK);
1850     UINT8                   new_mode = BTM_BLE_ADV_ENABLE;
1851     UINT8                   evt_type;
1852     tBTM_STATUS             status = BTM_SUCCESS;
1853     BD_ADDR                 p_addr_ptr =  {0};
1854     tBLE_ADDR_TYPE          peer_addr_type = BLE_ADDR_PUBLIC,
1855                             own_addr_type = p_addr_cb->own_addr_type;
1856     UINT16                  adv_int_min, adv_int_max;
1857 
1858     BTM_TRACE_EVENT ("%s mode=0x%0x combined_mode=0x%x", __FUNCTION__, mode, combined_mode);
1859 
1860     /*** Check mode parameter ***/
1861     if (mode > BTM_BLE_MAX_CONNECTABLE)
1862         return(BTM_ILLEGAL_VALUE);
1863 
1864     p_cb->connectable_mode = mode;
1865 
1866     evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &peer_addr_type, &own_addr_type);
1867 
1868     if (mode == BTM_BLE_NON_CONNECTABLE && p_cb->discoverable_mode == BTM_BLE_NON_DISCOVERABLE)
1869         new_mode = BTM_BLE_ADV_DISABLE;
1870 
1871     btm_ble_select_adv_interval(p_cb, evt_type, &adv_int_min, &adv_int_max);
1872 
1873     btu_stop_timer(&p_cb->fast_adv_timer);
1874     /* update adv params if needed */
1875     if (new_mode == BTM_BLE_ADV_ENABLE)
1876     {
1877         btm_ble_set_adv_flag (combined_mode, btm_cb.btm_inq_vars.discoverable_mode);
1878         if (p_cb->evt_type != evt_type || p_cb->adv_addr_type != p_addr_cb->own_addr_type
1879             || !p_cb->fast_adv_on)
1880         {
1881             btm_ble_stop_adv();
1882 
1883             if (!btsnd_hcic_ble_write_adv_params (adv_int_min,
1884                                                   adv_int_max,
1885                                                   evt_type,
1886                                                   own_addr_type,
1887                                                   peer_addr_type,
1888                                                   p_addr_ptr,
1889                                                   p_cb->adv_chnl_map,
1890                                                   p_cb->afp))
1891             {
1892                 status = BTM_NO_RESOURCES;
1893             }
1894             else
1895             {
1896                 p_cb->evt_type = evt_type;
1897                 p_cb->adv_addr_type = own_addr_type;
1898             }
1899         }
1900     }
1901 
1902     /* update advertising mode */
1903     if (status == BTM_SUCCESS && new_mode != p_cb->adv_mode)
1904     {
1905         if (new_mode == BTM_BLE_ADV_ENABLE)
1906             status = btm_ble_start_adv();
1907         else
1908             status = btm_ble_stop_adv();
1909     }
1910 
1911     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
1912     {
1913         p_cb->fast_adv_on = TRUE;
1914         /* start initial GAP mode adv timer */
1915         btu_start_timer (&p_cb->fast_adv_timer, BTU_TTYPE_BLE_GAP_FAST_ADV,
1916                              BTM_BLE_GAP_FAST_ADV_TOUT);
1917     }
1918     else
1919     {
1920 #if BLE_PRIVACY_SPT == TRUE
1921         btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
1922 #endif
1923     }
1924     return status;
1925 }
1926 
1927 
1928 /*******************************************************************************
1929 **
1930 ** Function         btm_ble_start_inquiry
1931 **
1932 ** Description      This function is called to start BLE inquiry procedure.
1933 **                  If the duration is zero, the periodic inquiry mode is cancelled.
1934 **
1935 ** Parameters:      mode - GENERAL or LIMITED inquiry
1936 **                  p_inq_params - pointer to the BLE inquiry parameter.
1937 **                  p_results_cb - callback returning pointer to results (tBTM_INQ_RESULTS)
1938 **                  p_cmpl_cb - callback indicating the end of an inquiry
1939 **
1940 **
1941 **
1942 ** Returns          BTM_CMD_STARTED if successfully started
1943 **                  BTM_NO_RESOURCES if could not allocate a message buffer
1944 **                  BTM_BUSY - if an inquiry is already active
1945 **
1946 *******************************************************************************/
btm_ble_start_inquiry(UINT8 mode,UINT8 duration)1947 tBTM_STATUS btm_ble_start_inquiry (UINT8 mode, UINT8   duration)
1948 {
1949     tBTM_STATUS status = BTM_CMD_STARTED;
1950     tBTM_BLE_CB *p_ble_cb = &btm_cb.ble_ctr_cb;
1951     tBTM_INQUIRY_VAR_ST      *p_inq = &btm_cb.btm_inq_vars;
1952 
1953     BTM_TRACE_DEBUG("btm_ble_start_inquiry: mode = %02x inq_active = 0x%02x", mode, btm_cb.btm_inq_vars.inq_active);
1954 
1955     /* if selective connection is active, or inquiry is already active, reject it */
1956     if (BTM_BLE_IS_INQ_ACTIVE(p_ble_cb->scan_activity) ||
1957         BTM_BLE_IS_SEL_CONN_ACTIVE (p_ble_cb->scan_activity))
1958     {
1959         BTM_TRACE_ERROR("LE Inquiry is active, can not start inquiry");
1960         return(BTM_BUSY);
1961     }
1962 
1963     if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
1964     {
1965         btsnd_hcic_ble_set_scan_params(BTM_BLE_SCAN_MODE_ACTI,
1966                                         BTM_BLE_LOW_LATENCY_SCAN_INT,
1967                                         BTM_BLE_LOW_LATENCY_SCAN_WIN,
1968                                         btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
1969                                         SP_ADV_ALL);
1970 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
1971         /* enable IRK list */
1972         btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
1973 #endif
1974         p_ble_cb->inq_var.scan_duplicate_filter  = BTM_BLE_DUPLICATE_DISABLE;
1975         status = btm_ble_start_scan();
1976     }
1977     else if ((p_ble_cb->inq_var.scan_interval != BTM_BLE_LOW_LATENCY_SCAN_INT) ||
1978             (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
1979         BTM_TRACE_DEBUG("%s, restart LE scan with low latency scan params", __FUNCTION__);
1980         btsnd_hcic_ble_set_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
1981         btsnd_hcic_ble_set_scan_params(BTM_BLE_SCAN_MODE_ACTI,
1982                                         BTM_BLE_LOW_LATENCY_SCAN_INT,
1983                                         BTM_BLE_LOW_LATENCY_SCAN_WIN,
1984                                         btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
1985                                         SP_ADV_ALL);
1986         btsnd_hcic_ble_set_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
1987     }
1988 
1989     if (status == BTM_CMD_STARTED)
1990     {
1991         p_inq->inq_active |= mode;
1992         p_ble_cb->scan_activity |= mode;
1993 
1994         BTM_TRACE_DEBUG("btm_ble_start_inquiry inq_active = 0x%02x", p_inq->inq_active);
1995 
1996         if (duration != 0)
1997         {
1998             /* start inquiry timer */
1999             btu_start_timer (&p_ble_cb->inq_var.inq_timer_ent, BTU_TTYPE_BLE_INQUIRY, duration);
2000         }
2001     }
2002 
2003     return status;
2004 
2005 }
2006 
2007 /*******************************************************************************
2008 **
2009 ** Function         btm_ble_read_remote_name_cmpl
2010 **
2011 ** Description      This function is called when BLE remote name is received.
2012 **
2013 ** Returns          void
2014 **
2015 *******************************************************************************/
btm_ble_read_remote_name_cmpl(BOOLEAN status,BD_ADDR bda,UINT16 length,char * p_name)2016 void btm_ble_read_remote_name_cmpl(BOOLEAN status, BD_ADDR bda, UINT16 length, char *p_name)
2017 {
2018     UINT8   hci_status = HCI_SUCCESS;
2019     BD_NAME bd_name;
2020 
2021     memset(bd_name, 0, (BD_NAME_LEN + 1));
2022     if (length > BD_NAME_LEN)
2023     {
2024         length = BD_NAME_LEN;
2025     }
2026     memcpy((UINT8*)bd_name, p_name, length);
2027 
2028     if ((!status) || (length==0))
2029     {
2030         hci_status = HCI_ERR_HOST_TIMEOUT;
2031     }
2032 
2033     btm_process_remote_name(bda, bd_name, length +1, hci_status);
2034     btm_sec_rmt_name_request_complete (bda, (UINT8 *)p_name, hci_status);
2035 }
2036 
2037 /*******************************************************************************
2038 **
2039 ** Function         btm_ble_read_remote_name
2040 **
2041 ** Description      This function read remote LE device name using GATT read
2042 **                  procedure.
2043 **
2044 ** Parameters:       None.
2045 **
2046 ** Returns          void
2047 **
2048 *******************************************************************************/
btm_ble_read_remote_name(BD_ADDR remote_bda,tBTM_INQ_INFO * p_cur,tBTM_CMPL_CB * p_cb)2049 tBTM_STATUS btm_ble_read_remote_name(BD_ADDR remote_bda, tBTM_INQ_INFO *p_cur, tBTM_CMPL_CB *p_cb)
2050 {
2051     tBTM_INQUIRY_VAR_ST      *p_inq = &btm_cb.btm_inq_vars;
2052 
2053     if (!controller_get_interface()->supports_ble())
2054         return BTM_ERR_PROCESSING;
2055 
2056     if (p_cur &&
2057         p_cur->results.ble_evt_type != BTM_BLE_EVT_CONN_ADV &&
2058         p_cur->results.ble_evt_type != BTM_BLE_EVT_CONN_DIR_ADV)
2059     {
2060         BTM_TRACE_DEBUG("name request to non-connectable device failed.");
2061         return BTM_ERR_PROCESSING;
2062     }
2063 
2064     /* read remote device name using GATT procedure */
2065     if (p_inq->remname_active)
2066         return BTM_BUSY;
2067 
2068     if (!GAP_BleReadPeerDevName(remote_bda, btm_ble_read_remote_name_cmpl))
2069         return BTM_BUSY;
2070 
2071     p_inq->p_remname_cmpl_cb = p_cb;
2072     p_inq->remname_active = TRUE;
2073 
2074     memcpy(p_inq->remname_bda, remote_bda, BD_ADDR_LEN);
2075 
2076     btu_start_timer (&p_inq->rmt_name_timer_ent,
2077                      BTU_TTYPE_BTM_RMT_NAME,
2078                      BTM_EXT_BLE_RMT_NAME_TIMEOUT);
2079 
2080     return BTM_CMD_STARTED;
2081 }
2082 
2083 /*******************************************************************************
2084 **
2085 ** Function         btm_ble_cancel_remote_name
2086 **
2087 ** Description      This function cancel read remote LE device name.
2088 **
2089 ** Parameters:       None.
2090 **
2091 ** Returns          void
2092 **
2093 *******************************************************************************/
btm_ble_cancel_remote_name(BD_ADDR remote_bda)2094 BOOLEAN btm_ble_cancel_remote_name(BD_ADDR remote_bda)
2095 {
2096     tBTM_INQUIRY_VAR_ST      *p_inq = &btm_cb.btm_inq_vars;
2097     BOOLEAN     status;
2098 
2099     status = GAP_BleCancelReadPeerDevName(remote_bda);
2100 
2101     p_inq->remname_active = FALSE;
2102     memset(p_inq->remname_bda, 0, BD_ADDR_LEN);
2103     btu_stop_timer(&p_inq->rmt_name_timer_ent);
2104 
2105     return status;
2106 }
2107 
2108 /*******************************************************************************
2109 **
2110 ** Function         btm_ble_update_adv_flag
2111 **
2112 ** Description      This function update the limited discoverable flag in the adv
2113 **                  data.
2114 **
2115 ** Parameters:       None.
2116 **
2117 ** Returns          void
2118 **
2119 *******************************************************************************/
btm_ble_update_adv_flag(UINT8 flag)2120 static void btm_ble_update_adv_flag(UINT8 flag)
2121 {
2122     tBTM_BLE_LOCAL_ADV_DATA *p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
2123     UINT8   *p;
2124 
2125     BTM_TRACE_DEBUG ("btm_ble_update_adv_flag new=0x%x", flag);
2126 
2127     if (p_adv_data->p_flags != NULL)
2128     {
2129         BTM_TRACE_DEBUG ("btm_ble_update_adv_flag old=0x%x",   *p_adv_data->p_flags);
2130         *p_adv_data->p_flags = flag;
2131     }
2132     else /* no FLAGS in ADV data*/
2133     {
2134         p = (p_adv_data->p_pad == NULL) ? p_adv_data->ad_data : p_adv_data->p_pad;
2135         /* need 3 bytes space to stuff in the flags, if not */
2136         /* erase all written data, just for flags */
2137         if ((BTM_BLE_AD_DATA_LEN - (p - p_adv_data->ad_data)) < 3)
2138         {
2139             p = p_adv_data->p_pad = p_adv_data->ad_data;
2140             memset(p_adv_data->ad_data, 0, BTM_BLE_AD_DATA_LEN);
2141         }
2142 
2143         *p++ = 2;
2144         *p++ = BTM_BLE_AD_TYPE_FLAG;
2145         p_adv_data->p_flags = p;
2146         *p++ = flag;
2147         p_adv_data->p_pad = p;
2148     }
2149 
2150     if (btsnd_hcic_ble_set_adv_data((UINT8)(p_adv_data->p_pad - p_adv_data->ad_data),
2151                                     p_adv_data->ad_data))
2152         p_adv_data->data_mask |= BTM_BLE_AD_BIT_FLAGS;
2153 
2154 }
2155 
2156 #if 0
2157 /*******************************************************************************
2158 **
2159 ** Function         btm_ble_parse_adv_data
2160 **
2161 ** Description      This function parse the adv data into a structure.
2162 **
2163 ** Returns          pointer to entry, or NULL if not found
2164 **
2165 *******************************************************************************/
2166 static void btm_ble_parse_adv_data(tBTM_INQ_INFO *p_info, UINT8 *p_data,
2167                                    UINT8 len, tBTM_BLE_INQ_DATA *p_adv_data, UINT8 *p_buf)
2168 {
2169     UINT8   *p_cur = p_data;
2170     UINT8   ad_len, ad_type, ad_flag;
2171 
2172     BTM_TRACE_EVENT (" btm_ble_parse_adv_data");
2173 
2174     while (len > 0)
2175     {
2176         BTM_TRACE_DEBUG("btm_ble_parse_adv_data: len = %d", len);
2177         if ((ad_len = *p_cur ++) == 0)
2178             break;
2179 
2180         ad_type = *p_cur ++;
2181 
2182         BTM_TRACE_DEBUG("     ad_type = %02x ad_len = %d", ad_type, ad_len);
2183 
2184         switch (ad_type)
2185         {
2186             case BTM_BLE_AD_TYPE_NAME_SHORT:
2187 
2188             case BTM_BLE_AD_TYPE_NAME_CMPL:
2189                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_DEV_NAME;
2190                 if (p_info)
2191                 {
2192                     p_info->remote_name_type =(ad_type == BTM_BLE_AD_TYPE_NAME_SHORT) ?
2193                                               BTM_BLE_NAME_SHORT: BTM_BLE_NAME_CMPL;
2194                     memcpy(p_info->remote_name, p_cur, ad_len -1);
2195                     p_info->remote_name[ad_len] = 0;
2196                     p_adv_data->p_remote_name = p_info->remote_name;
2197                     p_info->remote_name_len = p_adv_data->remote_name_len = ad_len - 1;
2198                     BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_NAME name = %s",p_adv_data->p_remote_name);
2199                 }
2200                 p_cur += (ad_len -1);
2201 
2202                 break;
2203 
2204             case BTM_BLE_AD_TYPE_FLAG:
2205                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_FLAGS;
2206                 ad_flag = *p_cur ++;
2207                 p_adv_data->flag = (UINT8)(ad_flag & BTM_BLE_ADV_FLAG_MASK) ;
2208                 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_FLAG flag = %s | %s | %s",
2209                                  (p_adv_data->flag & BTM_BLE_LIMIT_DISC_FLAG)? "LE_LIMIT_DISC" : "",
2210                                  (p_adv_data->flag & BTM_BLE_GEN_DISC_FLAG)? "LE_GENERAL_DISC" : "",
2211                                  (p_adv_data->flag & BTM_BLE_BREDR_NOT_SPT)? "LE Only device" : "");
2212                 break;
2213 
2214             case BTM_BLE_AD_TYPE_TX_PWR:
2215                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_TX_PWR;
2216                 p_adv_data->tx_power_level = (INT8)*p_cur ++;
2217                 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_TX_PWR tx_level = %d", p_adv_data->tx_power_level);
2218                 break;
2219 
2220             case BTM_BLE_AD_TYPE_MANU:
2221 
2222             case BTM_BLE_AD_TYPE_16SRV_PART:
2223             case BTM_BLE_AD_TYPE_16SRV_CMPL:
2224                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE;
2225                 /* need allocate memory to store UUID list */
2226                 p_adv_data->service.num_service = (ad_len - 1)/2;
2227                 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2228                 p_cur += (ad_len - 1);
2229                 break;
2230 
2231             case BTM_BLE_AD_TYPE_SOL_SRV_UUID:
2232                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE_SOL;
2233                 /* need allocate memory to store UUID list */
2234                 p_adv_data->service.num_service = (ad_len - 1)/2;
2235                 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2236                 p_cur += (ad_len - 1);
2237                 break;
2238 
2239             case BTM_BLE_AD_TYPE_128SOL_SRV_UUID:
2240                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE_128SOL;
2241                 /* need allocate memory to store UUID list */
2242                 p_adv_data->service.num_service = (ad_len - 1)/16;
2243                 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2244                 p_cur += (ad_len - 1);
2245                 break;
2246 
2247             case BTM_BLE_AD_TYPE_APPEARANCE:
2248             case BTM_BLE_AD_TYPE_PUBLIC_TARGET:
2249             case BTM_BLE_AD_TYPE_RANDOM_TARGET:
2250             default:
2251                 break;
2252         }
2253         len -= (ad_len + 1);
2254     }
2255 }
2256 #endif
2257 
2258 /*******************************************************************************
2259 **
2260 ** Function         btm_ble_cache_adv_data
2261 **
2262 ** Description      Update advertising cache data.
2263 **
2264 ** Returns          void
2265 **
2266 *******************************************************************************/
btm_ble_cache_adv_data(tBTM_INQ_RESULTS * p_cur,UINT8 data_len,UINT8 * p,UINT8 evt_type)2267 void btm_ble_cache_adv_data(tBTM_INQ_RESULTS *p_cur, UINT8 data_len, UINT8 *p, UINT8 evt_type)
2268 {
2269     tBTM_BLE_INQ_CB     *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2270     UINT8 *p_cache;
2271     UINT8 length;
2272     UNUSED(p_cur);
2273 
2274     /* cache adv report/scan response data */
2275     if (evt_type != BTM_BLE_SCAN_RSP_EVT)
2276     {
2277         p_le_inq_cb->adv_len = 0;
2278         memset(p_le_inq_cb->adv_data_cache, 0, BTM_BLE_CACHE_ADV_DATA_MAX);
2279     }
2280 
2281     if (data_len > 0)
2282     {
2283         p_cache = &p_le_inq_cb->adv_data_cache[p_le_inq_cb->adv_len];
2284         STREAM_TO_UINT8(length, p);
2285         while ( length && ((p_le_inq_cb->adv_len + length + 1) <= BTM_BLE_CACHE_ADV_DATA_MAX))
2286         {
2287             /* copy from the length byte & data into cache */
2288             memcpy(p_cache, p-1, length+1);
2289             /* advance the cache pointer past data */
2290             p_cache += length+1;
2291             /* increment cache length */
2292             p_le_inq_cb->adv_len += length+1;
2293             /* skip the length of data */
2294             p += length;
2295             STREAM_TO_UINT8(length, p);
2296         }
2297     }
2298 
2299     /* parse service UUID from adv packet and save it in inq db eir_uuid */
2300     /* TODO */
2301 }
2302 
2303 /*******************************************************************************
2304 **
2305 ** Function         btm_ble_is_discoverable
2306 **
2307 ** Description      check ADV flag to make sure device is discoverable and match
2308 **                  the search condition
2309 **
2310 ** Parameters
2311 **
2312 ** Returns          void
2313 **
2314 *******************************************************************************/
btm_ble_is_discoverable(BD_ADDR bda,UINT8 evt_type,UINT8 * p)2315 UINT8 btm_ble_is_discoverable(BD_ADDR bda, UINT8 evt_type, UINT8 *p)
2316 {
2317     UINT8               *p_flag, flag = 0, rt = 0;
2318     UINT8                data_len;
2319     tBTM_INQ_PARMS      *p_cond = &btm_cb.btm_inq_vars.inqparms;
2320     tBTM_BLE_INQ_CB     *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2321 
2322     UNUSED(p);
2323 
2324     /* for observer, always "discoverable */
2325     if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2326         rt |= BTM_BLE_OBS_RESULT;
2327 
2328     if (BTM_BLE_IS_SEL_CONN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity) &&
2329         (evt_type == BTM_BLE_CONNECT_EVT || evt_type == BTM_BLE_CONNECT_DIR_EVT))
2330         rt |= BTM_BLE_SEL_CONN_RESULT;
2331 
2332     /* does not match filter condition */
2333     if (p_cond->filter_cond_type == BTM_FILTER_COND_BD_ADDR &&
2334         memcmp(bda, p_cond->filter_cond.bdaddr_cond, BD_ADDR_LEN) != 0)
2335     {
2336         BTM_TRACE_DEBUG("BD ADDR does not meet filter condition");
2337         return rt;
2338     }
2339 
2340     if (p_le_inq_cb->adv_len != 0)
2341     {
2342         if ((p_flag = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache,
2343             BTM_BLE_AD_TYPE_FLAG, &data_len)) != NULL)
2344         {
2345             flag = * p_flag;
2346 
2347             if ((btm_cb.btm_inq_vars.inq_active & BTM_BLE_GENERAL_INQUIRY) &&
2348                 (flag & (BTM_BLE_LIMIT_DISC_FLAG|BTM_BLE_GEN_DISC_FLAG)) != 0)
2349             {
2350                 BTM_TRACE_DEBUG("Find Generable Discoverable device");
2351                 rt |= BTM_BLE_INQ_RESULT;
2352             }
2353 
2354             else if (btm_cb.btm_inq_vars.inq_active & BTM_BLE_LIMITED_INQUIRY &&
2355                      (flag & BTM_BLE_LIMIT_DISC_FLAG) != 0)
2356             {
2357                 BTM_TRACE_DEBUG("Find limited discoverable device");
2358                 rt |= BTM_BLE_INQ_RESULT;
2359             }
2360         }
2361     }
2362     return rt;
2363 }
2364 
btm_ble_appearance_to_cod(UINT16 appearance,UINT8 * dev_class)2365 static void btm_ble_appearance_to_cod(UINT16 appearance, UINT8 *dev_class)
2366 {
2367     dev_class[0] = 0;
2368 
2369     switch (appearance)
2370     {
2371         case BTM_BLE_APPEARANCE_GENERIC_PHONE:
2372             dev_class[1] = BTM_COD_MAJOR_PHONE;
2373             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2374             break;
2375         case BTM_BLE_APPEARANCE_GENERIC_COMPUTER:
2376             dev_class[1] = BTM_COD_MAJOR_COMPUTER;
2377             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2378             break;
2379         case BTM_BLE_APPEARANCE_GENERIC_REMOTE:
2380             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2381             dev_class[2] = BTM_COD_MINOR_REMOTE_CONTROL;
2382             break;
2383         case BTM_BLE_APPEARANCE_GENERIC_THERMOMETER:
2384         case BTM_BLE_APPEARANCE_THERMOMETER_EAR:
2385             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2386             dev_class[2] = BTM_COD_MINOR_THERMOMETER;
2387             break;
2388         case BTM_BLE_APPEARANCE_GENERIC_HEART_RATE:
2389         case BTM_BLE_APPEARANCE_HEART_RATE_BELT:
2390             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2391             dev_class[2] = BTM_COD_MINOR_HEART_PULSE_MONITOR;
2392             break;
2393         case BTM_BLE_APPEARANCE_GENERIC_BLOOD_PRESSURE:
2394         case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_ARM:
2395         case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_WRIST:
2396             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2397             dev_class[2] = BTM_COD_MINOR_BLOOD_MONITOR;
2398             break;
2399         case BTM_BLE_APPEARANCE_GENERIC_PULSE_OXIMETER:
2400         case BTM_BLE_APPEARANCE_PULSE_OXIMETER_FINGERTIP:
2401         case BTM_BLE_APPEARANCE_PULSE_OXIMETER_WRIST:
2402             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2403             dev_class[2] = BTM_COD_MINOR_PULSE_OXIMETER;
2404             break;
2405         case BTM_BLE_APPEARANCE_GENERIC_GLUCOSE:
2406             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2407             dev_class[2] = BTM_COD_MINOR_GLUCOSE_METER;
2408             break;
2409         case BTM_BLE_APPEARANCE_GENERIC_WEIGHT:
2410             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2411             dev_class[2] = BTM_COD_MINOR_WEIGHING_SCALE;
2412             break;
2413         case BTM_BLE_APPEARANCE_GENERIC_WALKING:
2414         case BTM_BLE_APPEARANCE_WALKING_IN_SHOE:
2415         case BTM_BLE_APPEARANCE_WALKING_ON_SHOE:
2416         case BTM_BLE_APPEARANCE_WALKING_ON_HIP:
2417             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2418             dev_class[2] = BTM_COD_MINOR_STEP_COUNTER;
2419             break;
2420         case BTM_BLE_APPEARANCE_GENERIC_WATCH:
2421         case BTM_BLE_APPEARANCE_SPORTS_WATCH:
2422             dev_class[1] = BTM_COD_MAJOR_WEARABLE;
2423             dev_class[2] = BTM_COD_MINOR_WRIST_WATCH;
2424             break;
2425         case BTM_BLE_APPEARANCE_GENERIC_EYEGLASSES:
2426             dev_class[1] = BTM_COD_MAJOR_WEARABLE;
2427             dev_class[2] = BTM_COD_MINOR_GLASSES;
2428             break;
2429         case BTM_BLE_APPEARANCE_GENERIC_DISPLAY:
2430             dev_class[1] = BTM_COD_MAJOR_IMAGING;
2431             dev_class[2] = BTM_COD_MINOR_DISPLAY;
2432             break;
2433         case BTM_BLE_APPEARANCE_GENERIC_MEDIA_PLAYER:
2434             dev_class[1] = BTM_COD_MAJOR_AUDIO;
2435             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2436             break;
2437         case BTM_BLE_APPEARANCE_GENERIC_BARCODE_SCANNER:
2438         case BTM_BLE_APPEARANCE_HID_BARCODE_SCANNER:
2439         case BTM_BLE_APPEARANCE_GENERIC_HID:
2440             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2441             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2442             break;
2443         case BTM_BLE_APPEARANCE_HID_KEYBOARD:
2444             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2445             dev_class[2] = BTM_COD_MINOR_KEYBOARD;
2446             break;
2447         case BTM_BLE_APPEARANCE_HID_MOUSE:
2448             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2449             dev_class[2] = BTM_COD_MINOR_POINTING;
2450             break;
2451         case BTM_BLE_APPEARANCE_HID_JOYSTICK:
2452             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2453             dev_class[2] = BTM_COD_MINOR_JOYSTICK;
2454             break;
2455         case BTM_BLE_APPEARANCE_HID_GAMEPAD:
2456             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2457             dev_class[2] = BTM_COD_MINOR_GAMEPAD;
2458             break;
2459         case BTM_BLE_APPEARANCE_HID_DIGITIZER_TABLET:
2460             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2461             dev_class[2] = BTM_COD_MINOR_DIGITIZING_TABLET;
2462             break;
2463         case BTM_BLE_APPEARANCE_HID_CARD_READER:
2464             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2465             dev_class[2] = BTM_COD_MINOR_CARD_READER;
2466             break;
2467         case BTM_BLE_APPEARANCE_HID_DIGITAL_PEN:
2468             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2469             dev_class[2] = BTM_COD_MINOR_DIGITAL_PAN;
2470             break;
2471         case BTM_BLE_APPEARANCE_UKNOWN:
2472         case BTM_BLE_APPEARANCE_GENERIC_CLOCK:
2473         case BTM_BLE_APPEARANCE_GENERIC_TAG:
2474         case BTM_BLE_APPEARANCE_GENERIC_KEYRING:
2475         case BTM_BLE_APPEARANCE_GENERIC_CYCLING:
2476         case BTM_BLE_APPEARANCE_CYCLING_COMPUTER:
2477         case BTM_BLE_APPEARANCE_CYCLING_SPEED:
2478         case BTM_BLE_APPEARANCE_CYCLING_CADENCE:
2479         case BTM_BLE_APPEARANCE_CYCLING_POWER:
2480         case BTM_BLE_APPEARANCE_CYCLING_SPEED_CADENCE:
2481         case BTM_BLE_APPEARANCE_GENERIC_OUTDOOR_SPORTS:
2482         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION:
2483         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_AND_NAV:
2484         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD:
2485         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD_AND_NAV:
2486         default:
2487             dev_class[1] = BTM_COD_MAJOR_UNCLASSIFIED;
2488             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2489     };
2490 }
2491 
2492 /*******************************************************************************
2493 **
2494 ** Function         btm_ble_update_inq_result
2495 **
2496 ** Description      Update adv packet information into inquiry result.
2497 **
2498 ** Parameters
2499 **
2500 ** Returns          void
2501 **
2502 *******************************************************************************/
btm_ble_update_inq_result(tINQ_DB_ENT * p_i,UINT8 addr_type,UINT8 evt_type,UINT8 * p)2503 BOOLEAN btm_ble_update_inq_result(tINQ_DB_ENT *p_i, UINT8 addr_type, UINT8 evt_type, UINT8 *p)
2504 {
2505     BOOLEAN             to_report = TRUE;
2506     tBTM_INQ_RESULTS     *p_cur = &p_i->inq_info.results;
2507     UINT8               len;
2508     UINT8               *p_flag;
2509     tBTM_INQUIRY_VAR_ST  *p_inq = &btm_cb.btm_inq_vars;
2510     UINT8                data_len, rssi;
2511     tBTM_BLE_INQ_CB     *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2512     UINT8 *p1;
2513     UINT8               *p_uuid16;
2514 
2515     STREAM_TO_UINT8    (data_len, p);
2516 
2517     if (data_len > BTM_BLE_ADV_DATA_LEN_MAX)
2518     {
2519         BTM_TRACE_WARNING("EIR data too long %d. discard", data_len);
2520         return FALSE;
2521     }
2522     btm_ble_cache_adv_data(p_cur, data_len, p, evt_type);
2523 
2524     p1 = (p + data_len);
2525     STREAM_TO_UINT8 (rssi, p1);
2526 
2527     /* Save the info */
2528     p_cur->inq_result_type = BTM_INQ_RESULT_BLE;
2529     p_cur->ble_addr_type    = addr_type;
2530     p_cur->rssi = rssi;
2531 
2532     /* active scan, always wait until get scan_rsp to report the result */
2533     if ((btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI &&
2534          (evt_type == BTM_BLE_CONNECT_EVT || evt_type == BTM_BLE_DISCOVER_EVT)))
2535     {
2536         BTM_TRACE_DEBUG("btm_ble_update_inq_result scan_rsp=false, to_report=false,\
2537                               scan_type_active=%d", btm_cb.ble_ctr_cb.inq_var.scan_type);
2538         p_i->scan_rsp = FALSE;
2539         to_report = FALSE;
2540     }
2541     else
2542         p_i->scan_rsp = TRUE;
2543 
2544     if (p_i->inq_count != p_inq->inq_counter)
2545         p_cur->device_type = BT_DEVICE_TYPE_BLE;
2546     else
2547         p_cur->device_type |= BT_DEVICE_TYPE_BLE;
2548 
2549     if (evt_type != BTM_BLE_SCAN_RSP_EVT)
2550         p_cur->ble_evt_type     = evt_type;
2551 
2552     p_i->inq_count = p_inq->inq_counter;   /* Mark entry for current inquiry */
2553 
2554     if (p_le_inq_cb->adv_len != 0)
2555     {
2556         if ((p_flag = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache, BTM_BLE_AD_TYPE_FLAG, &len)) != NULL)
2557             p_cur->flag = * p_flag;
2558     }
2559 
2560     if (p_le_inq_cb->adv_len != 0)
2561     {
2562         /* Check to see the BLE device has the Appearance UUID in the advertising data.  If it does
2563          * then try to convert the appearance value to a class of device value Bluedroid can use.
2564          * Otherwise fall back to trying to infer if it is a HID device based on the service class.
2565          */
2566         p_uuid16 = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache, BTM_BLE_AD_TYPE_APPEARANCE, &len);
2567         if (p_uuid16 && len == 2)
2568         {
2569             btm_ble_appearance_to_cod((UINT16)p_uuid16[0] | (p_uuid16[1] << 8), p_cur->dev_class);
2570         }
2571         else
2572         {
2573             if ((p_uuid16 = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache,
2574                                              BTM_BLE_AD_TYPE_16SRV_CMPL, &len)) != NULL)
2575             {
2576                 UINT8 i;
2577                 for (i = 0; i + 2 <= len; i = i + 2)
2578                 {
2579                     /* if this BLE device support HID over LE, set HID Major in class of device */
2580                     if ((p_uuid16[i] | (p_uuid16[i+1] << 8)) == UUID_SERVCLASS_LE_HID)
2581                     {
2582                         p_cur->dev_class[0] = 0;
2583                         p_cur->dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2584                         p_cur->dev_class[2] = 0;
2585                         break;
2586                     }
2587                 }
2588             }
2589         }
2590     }
2591 
2592     /* if BR/EDR not supported is not set, assume is a DUMO device */
2593     if ((p_cur->flag & BTM_BLE_BREDR_NOT_SPT) == 0 &&
2594          evt_type != BTM_BLE_CONNECT_DIR_EVT)
2595     {
2596         if (p_cur->ble_addr_type != BLE_ADDR_RANDOM)
2597         {
2598             BTM_TRACE_DEBUG("BR/EDR NOT support bit not set, treat as DUMO");
2599             p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
2600         } else {
2601             BTM_TRACE_DEBUG("Random address, treating device as LE only");
2602         }
2603     }
2604     else
2605     {
2606         BTM_TRACE_DEBUG("BR/EDR NOT SUPPORT bit set, LE only device");
2607     }
2608 
2609     return to_report;
2610 
2611 }
2612 
2613 /*******************************************************************************
2614 **
2615 ** Function         btm_clear_all_pending_le_entry
2616 **
2617 ** Description      This function is called to clear all LE pending entry in
2618 **                  inquiry database.
2619 **
2620 ** Returns          void
2621 **
2622 *******************************************************************************/
btm_clear_all_pending_le_entry(void)2623 void btm_clear_all_pending_le_entry(void)
2624 {
2625     UINT16       xx;
2626     tINQ_DB_ENT  *p_ent = btm_cb.btm_inq_vars.inq_db;
2627 
2628     for (xx = 0; xx < BTM_INQ_DB_SIZE; xx++, p_ent++)
2629     {
2630         /* mark all pending LE entry as unused if an LE only device has scan response outstanding */
2631         if ((p_ent->in_use) &&
2632             (p_ent->inq_info.results.device_type == BT_DEVICE_TYPE_BLE) &&
2633              !p_ent->scan_rsp)
2634             p_ent->in_use = FALSE;
2635     }
2636 }
2637 
2638 /*******************************************************************************
2639 **
2640 ** Function         btm_send_sel_conn_callback
2641 **
2642 ** Description      send selection connection request callback.
2643 **
2644 ** Parameters
2645 **
2646 ** Returns          void
2647 **
2648 *******************************************************************************/
btm_send_sel_conn_callback(BD_ADDR remote_bda,UINT8 evt_type,UINT8 * p_data,UINT8 addr_type)2649 void btm_send_sel_conn_callback(BD_ADDR remote_bda, UINT8 evt_type, UINT8 *p_data, UINT8 addr_type)
2650 {
2651     UINT8   data_len, len;
2652     UINT8   *p_dev_name, remname[31] = {0};
2653     UNUSED(addr_type);
2654 
2655     if (btm_cb.ble_ctr_cb.p_select_cback == NULL ||
2656         /* non-connectable device */
2657         (evt_type != BTM_BLE_EVT_CONN_ADV && evt_type != BTM_BLE_EVT_CONN_DIR_ADV))
2658         return;
2659 
2660     STREAM_TO_UINT8    (data_len, p_data);
2661 
2662     /* get the device name if exist in ADV data */
2663     if (data_len != 0)
2664     {
2665         p_dev_name = BTM_CheckAdvData(p_data, BTM_BLE_AD_TYPE_NAME_CMPL, &len);
2666 
2667         if (p_dev_name == NULL)
2668             p_dev_name = BTM_CheckAdvData(p_data, BTM_BLE_AD_TYPE_NAME_SHORT, &len);
2669 
2670         if (p_dev_name)
2671             memcpy(remname, p_dev_name, len);
2672     }
2673     /* allow connection */
2674     if ((* btm_cb.ble_ctr_cb.p_select_cback)(remote_bda, remname))
2675     {
2676         /* terminate selective connection, initiate connection */
2677         btm_ble_initiate_select_conn(remote_bda);
2678     }
2679 }
2680 
2681 /*******************************************************************************
2682 **
2683 ** Function         btm_ble_process_adv_pkt
2684 **
2685 ** Description      This function is called when adv packet report events are
2686 **                  received from the device. It updates the inquiry database.
2687 **                  If the inquiry database is full, the oldest entry is discarded.
2688 **
2689 ** Parameters
2690 **
2691 ** Returns          void
2692 **
2693 *******************************************************************************/
btm_ble_process_adv_pkt(UINT8 * p_data)2694 void btm_ble_process_adv_pkt (UINT8 *p_data)
2695 {
2696     BD_ADDR             bda;
2697     UINT8               evt_type = 0, *p = p_data;
2698     UINT8               addr_type = 0;
2699     UINT8               num_reports;
2700     UINT8               data_len;
2701 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
2702     BOOLEAN             match = FALSE;
2703 #endif
2704 
2705     /* Only process the results if the inquiry is still active */
2706     if (!BTM_BLE_IS_SCAN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2707         return;
2708 
2709     /* Extract the number of reports in this event. */
2710     STREAM_TO_UINT8(num_reports, p);
2711 
2712     while (num_reports--)
2713     {
2714         /* Extract inquiry results */
2715         STREAM_TO_UINT8    (evt_type, p);
2716         STREAM_TO_UINT8    (addr_type, p);
2717         STREAM_TO_BDADDR   (bda, p);
2718 
2719 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
2720         /* map address to security record */
2721         match = btm_identity_addr_to_random_pseudo(bda, &addr_type, FALSE);
2722 
2723         BTM_TRACE_DEBUG("btm_ble_process_adv_pkt:bda= %0x:%0x:%0x:%0x:%0x:%0x",
2724                                      bda[0],bda[1],bda[2],bda[3],bda[4],bda[5]);
2725         /* always do RRA resolution on host */
2726         if (!match && BTM_BLE_IS_RESOLVE_BDA(bda))
2727         {
2728             btm_ble_resolve_random_addr(bda, btm_ble_resolve_random_addr_on_adv, p_data);
2729         }
2730         else
2731 #endif
2732             btm_ble_process_adv_pkt_cont(bda, addr_type, evt_type, p);
2733 
2734         STREAM_TO_UINT8(data_len, p);
2735 
2736         /* Advance to the next event data_len + rssi byte */
2737         p += data_len + 1;
2738     }
2739 }
2740 
2741 /*******************************************************************************
2742 **
2743 ** Function         btm_ble_process_adv_pkt_cont
2744 **
2745 ** Description      This function is called after random address resolution is
2746 **                  done, and proceed to process adv packet.
2747 **
2748 ** Parameters
2749 **
2750 ** Returns          void
2751 **
2752 *******************************************************************************/
btm_ble_process_adv_pkt_cont(BD_ADDR bda,UINT8 addr_type,UINT8 evt_type,UINT8 * p)2753 static void btm_ble_process_adv_pkt_cont(BD_ADDR bda, UINT8 addr_type, UINT8 evt_type, UINT8 *p)
2754 {
2755     tINQ_DB_ENT          *p_i;
2756     tBTM_INQUIRY_VAR_ST  *p_inq = &btm_cb.btm_inq_vars;
2757     tBTM_INQ_RESULTS_CB  *p_inq_results_cb = p_inq->p_inq_results_cb;
2758     tBTM_INQ_RESULTS_CB  *p_obs_results_cb = btm_cb.ble_ctr_cb.p_obs_results_cb;
2759     tBTM_BLE_INQ_CB      *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2760     BOOLEAN     update = TRUE;
2761     UINT8       result = 0;
2762 
2763     p_i = btm_inq_db_find (bda);
2764 
2765     /* Check if this address has already been processed for this inquiry */
2766     if (btm_inq_find_bdaddr(bda))
2767     {
2768         /* never been report as an LE device */
2769         if (p_i &&
2770             (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2771               /* scan repsonse to be updated */
2772               (!p_i->scan_rsp)))
2773         {
2774             update = TRUE;
2775         }
2776         else if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2777         {
2778             update = FALSE;
2779         }
2780         else
2781         {
2782             /* if yes, skip it */
2783             return; /* assumption: one result per event */
2784         }
2785     }
2786     /* If existing entry, use that, else get  a new one (possibly reusing the oldest) */
2787     if (p_i == NULL)
2788     {
2789         if ((p_i = btm_inq_db_new (bda)) != NULL)
2790         {
2791             p_inq->inq_cmpl_info.num_resp++;
2792         }
2793         else
2794             return;
2795     }
2796     else if (p_i->inq_count != p_inq->inq_counter) /* first time seen in this inquiry */
2797     {
2798         p_inq->inq_cmpl_info.num_resp++;
2799     }
2800     /* update the LE device information in inquiry database */
2801     if (!btm_ble_update_inq_result(p_i, addr_type, evt_type, p))
2802         return;
2803 
2804     if ((result = btm_ble_is_discoverable(bda, evt_type, p)) == 0)
2805     {
2806       LOG_WARN("%s device is no longer discoverable so discarding advertising packet pkt",
2807           __func__);
2808         return;
2809     }
2810     if (!update)
2811         result &= ~BTM_BLE_INQ_RESULT;
2812     /* If the number of responses found and limited, issue a cancel inquiry */
2813     if (p_inq->inqparms.max_resps &&
2814         p_inq->inq_cmpl_info.num_resp == p_inq->inqparms.max_resps)
2815     {
2816         /* new device */
2817         if (p_i == NULL ||
2818             /* assume a DUMO device, BR/EDR inquiry is always active */
2819             (p_i &&
2820             (p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE &&
2821              p_i->scan_rsp))
2822         {
2823             BTM_TRACE_WARNING("INQ RES: Extra Response Received...cancelling inquiry..");
2824 
2825             /* if is non-periodic inquiry active, cancel now */
2826             if ((p_inq->inq_active & BTM_BR_INQ_ACTIVE_MASK) != 0 &&
2827                 (p_inq->inq_active & BTM_PERIODIC_INQUIRY_ACTIVE) == 0)
2828                 btsnd_hcic_inq_cancel();
2829 
2830             btm_ble_stop_inquiry();
2831 
2832             btm_acl_update_busy_level (BTM_BLI_INQ_DONE_EVT);
2833         }
2834     }
2835     /* background connection in selective connection mode */
2836     if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_SELECTIVE)
2837     {
2838         if (result & BTM_BLE_SEL_CONN_RESULT)
2839             btm_send_sel_conn_callback(bda, evt_type, p, addr_type);
2840         else
2841         {
2842             BTM_TRACE_DEBUG("None LE device, can not initiate selective connection");
2843         }
2844     }
2845     else
2846     {
2847         if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT))
2848         {
2849             (p_inq_results_cb)((tBTM_INQ_RESULTS *) &p_i->inq_info.results, p_le_inq_cb->adv_data_cache);
2850         }
2851         if (p_obs_results_cb && (result & BTM_BLE_OBS_RESULT))
2852         {
2853             (p_obs_results_cb)((tBTM_INQ_RESULTS *) &p_i->inq_info.results, p_le_inq_cb->adv_data_cache);
2854         }
2855     }
2856 }
2857 
2858 /*******************************************************************************
2859 **
2860 ** Function         btm_ble_start_scan
2861 **
2862 ** Description      Start the BLE scan.
2863 **
2864 ** Returns          void
2865 **
2866 *******************************************************************************/
btm_ble_start_scan(void)2867 tBTM_STATUS btm_ble_start_scan(void)
2868 {
2869     tBTM_BLE_INQ_CB *p_inq = &btm_cb.ble_ctr_cb.inq_var;
2870     tBTM_STATUS status = BTM_CMD_STARTED;
2871 
2872     /* start scan, disable duplicate filtering */
2873     if (!btsnd_hcic_ble_set_scan_enable (BTM_BLE_SCAN_ENABLE, p_inq->scan_duplicate_filter))
2874     {
2875         status = BTM_NO_RESOURCES;
2876     }
2877     else
2878     {
2879         if (p_inq->scan_type == BTM_BLE_SCAN_MODE_ACTI)
2880             btm_ble_set_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2881         else
2882             btm_ble_set_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2883     }
2884     return status;
2885 }
2886 
2887 /*******************************************************************************
2888 **
2889 ** Function         btm_ble_stop_scan
2890 **
2891 ** Description      Stop the BLE scan.
2892 **
2893 ** Returns          void
2894 **
2895 *******************************************************************************/
btm_ble_stop_scan(void)2896 void btm_ble_stop_scan(void)
2897 {
2898     BTM_TRACE_EVENT ("btm_ble_stop_scan ");
2899 
2900     /* Clear the inquiry callback if set */
2901     btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2902 
2903     /* stop discovery now */
2904     btsnd_hcic_ble_set_scan_enable (BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2905 
2906     btm_update_scanner_filter_policy(SP_ADV_ALL);
2907 
2908     btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_SCAN;
2909 }
2910 /*******************************************************************************
2911 **
2912 ** Function         btm_ble_stop_inquiry
2913 **
2914 ** Description      Stop the BLE Inquiry.
2915 **
2916 ** Returns          void
2917 **
2918 *******************************************************************************/
btm_ble_stop_inquiry(void)2919 void btm_ble_stop_inquiry(void)
2920 {
2921     tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2922     tBTM_BLE_CB *p_ble_cb = &btm_cb.ble_ctr_cb;
2923 
2924     btu_stop_timer (&p_ble_cb->inq_var.inq_timer_ent);
2925 
2926     p_ble_cb->scan_activity &=  ~BTM_BLE_INQUIRY_MASK;
2927 
2928     /* If no more scan activity, stop LE scan now */
2929     if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
2930         btm_ble_stop_scan();
2931     else if((p_ble_cb->inq_var.scan_interval != BTM_BLE_LOW_LATENCY_SCAN_INT) ||
2932             (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN))
2933     {
2934         BTM_TRACE_DEBUG("%s: setting default params for ongoing observe", __FUNCTION__);
2935         btm_ble_stop_scan();
2936         btm_ble_start_scan();
2937     }
2938 
2939     /* If we have a callback registered for inquiry complete, call it */
2940     BTM_TRACE_DEBUG ("BTM Inq Compl Callback: status 0x%02x, num results %d",
2941                       p_inq->inq_cmpl_info.status, p_inq->inq_cmpl_info.num_resp);
2942 
2943     btm_process_inq_complete(HCI_SUCCESS, (UINT8)(p_inq->inqparms.mode & BTM_BLE_INQUIRY_MASK));
2944 }
2945 
2946 /*******************************************************************************
2947 **
2948 ** Function         btm_ble_stop_observe
2949 **
2950 ** Description      Stop the BLE Observe.
2951 **
2952 ** Returns          void
2953 **
2954 *******************************************************************************/
btm_ble_stop_observe(void)2955 static void btm_ble_stop_observe(void)
2956 {
2957     tBTM_BLE_CB *p_ble_cb = & btm_cb.ble_ctr_cb;
2958     tBTM_CMPL_CB *p_obs_cb = p_ble_cb->p_obs_cmpl_cb;
2959 
2960     btu_stop_timer (&p_ble_cb->obs_timer_ent);
2961 
2962     p_ble_cb->scan_activity &= ~BTM_LE_OBSERVE_ACTIVE;
2963 
2964     p_ble_cb->p_obs_results_cb = NULL;
2965     p_ble_cb->p_obs_cmpl_cb = NULL;
2966 
2967     if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
2968         btm_ble_stop_scan();
2969 
2970     if (p_obs_cb)
2971         (p_obs_cb)((tBTM_INQUIRY_CMPL *) &btm_cb.btm_inq_vars.inq_cmpl_info);
2972 }
2973 /*******************************************************************************
2974 **
2975 ** Function         btm_ble_adv_states_operation
2976 **
2977 ** Description      Set or clear adv states in topology mask
2978 **
2979 ** Returns          operation status. TRUE if sucessful, FALSE otherwise.
2980 **
2981 *******************************************************************************/
2982 typedef BOOLEAN (BTM_TOPOLOGY_FUNC_PTR)(tBTM_BLE_STATE_MASK);
btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR * p_handler,UINT8 adv_evt)2983 static BOOLEAN btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR *p_handler, UINT8 adv_evt)
2984 {
2985     BOOLEAN rt = FALSE;
2986 
2987     switch (adv_evt)
2988     {
2989     case BTM_BLE_CONNECT_EVT:
2990         rt  = (*p_handler)(BTM_BLE_STATE_CONN_ADV_BIT);
2991         break;
2992 
2993     case  BTM_BLE_NON_CONNECT_EVT:
2994         rt  = (*p_handler) (BTM_BLE_STATE_NON_CONN_ADV_BIT);
2995         break;
2996     case BTM_BLE_CONNECT_DIR_EVT:
2997         rt  =  (*p_handler) (BTM_BLE_STATE_HI_DUTY_DIR_ADV_BIT);
2998         break;
2999 
3000     case BTM_BLE_DISCOVER_EVT:
3001         rt  =  (*p_handler) (BTM_BLE_STATE_SCAN_ADV_BIT);
3002         break;
3003 
3004     case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
3005         rt = (*p_handler) (BTM_BLE_STATE_LO_DUTY_DIR_ADV_BIT);
3006         break;
3007 
3008     default:
3009         BTM_TRACE_ERROR("unknown adv event : %d", adv_evt);
3010         break;
3011     }
3012 
3013     return rt;
3014 }
3015 
3016 
3017 /*******************************************************************************
3018 **
3019 ** Function         btm_ble_start_adv
3020 **
3021 ** Description      start the BLE advertising.
3022 **
3023 ** Returns          void
3024 **
3025 *******************************************************************************/
btm_ble_start_adv(void)3026 tBTM_STATUS btm_ble_start_adv(void)
3027 {
3028     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3029     tBTM_STATUS     rt = BTM_NO_RESOURCES;
3030 
3031     if (!btm_ble_adv_states_operation (btm_ble_topology_check, p_cb->evt_type))
3032         return BTM_WRONG_MODE;
3033 
3034 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
3035     /* To relax resolving list,  always have resolving list enabled, unless directed adv */
3036     if (p_cb->evt_type != BTM_BLE_CONNECT_LO_DUTY_DIR_EVT &&
3037         p_cb->evt_type != BTM_BLE_CONNECT_DIR_EVT)
3038         /* enable resolving list is desired */
3039         btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_ADV);
3040 #endif
3041     if (p_cb->afp != AP_SCAN_CONN_ALL)
3042     {
3043         btm_execute_wl_dev_operation();
3044         btm_cb.ble_ctr_cb.wl_state |= BTM_BLE_WL_ADV;
3045     }
3046 
3047     if (btsnd_hcic_ble_set_adv_enable (BTM_BLE_ADV_ENABLE))
3048     {
3049          p_cb->adv_mode = BTM_BLE_ADV_ENABLE;
3050          btm_ble_adv_states_operation(btm_ble_set_topology_mask, p_cb->evt_type);
3051          rt = BTM_SUCCESS;
3052     }
3053     else
3054     {
3055         p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
3056         btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_ADV;
3057     }
3058     return rt;
3059 }
3060 
3061 /*******************************************************************************
3062 **
3063 ** Function         btm_ble_stop_adv
3064 **
3065 ** Description      Stop the BLE advertising.
3066 **
3067 ** Returns          void
3068 **
3069 *******************************************************************************/
btm_ble_stop_adv(void)3070 tBTM_STATUS btm_ble_stop_adv(void)
3071 {
3072     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3073     tBTM_STATUS rt = BTM_SUCCESS;
3074 
3075     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
3076     {
3077         if (btsnd_hcic_ble_set_adv_enable (BTM_BLE_ADV_DISABLE))
3078         {
3079             p_cb->fast_adv_on = FALSE;
3080             p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
3081             btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_ADV;
3082 
3083             /* clear all adv states */
3084             btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_ADV_MASK);
3085         }
3086         else
3087             rt = BTM_NO_RESOURCES;
3088     }
3089     return rt;
3090 }
3091 
3092 
3093 /*******************************************************************************
3094 **
3095 ** Function         btm_ble_start_slow_adv
3096 **
3097 ** Description      Restart adv with slow adv interval
3098 **
3099 ** Returns          void
3100 **
3101 *******************************************************************************/
btm_ble_start_slow_adv(void)3102 static void btm_ble_start_slow_adv (void)
3103 {
3104     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3105 
3106     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
3107     {
3108         tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
3109         BD_ADDR p_addr_ptr = {0};
3110         tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
3111         tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
3112 
3113         btm_ble_stop_adv();
3114 
3115         p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
3116                                                          &own_addr_type);
3117 
3118         /* slow adv mode never goes into directed adv */
3119         btsnd_hcic_ble_write_adv_params (BTM_BLE_GAP_ADV_SLOW_INT, BTM_BLE_GAP_ADV_SLOW_INT,
3120                                          p_cb->evt_type, own_addr_type,
3121                                          init_addr_type, p_addr_ptr,
3122                                          p_cb->adv_chnl_map, p_cb->afp);
3123 
3124         btm_ble_start_adv();
3125     }
3126 }
3127 /*******************************************************************************
3128 **
3129 ** Function         btm_ble_timeout
3130 **
3131 ** Description      Called when BTM BLE inquiry timer expires
3132 **
3133 ** Returns          void
3134 **
3135 *******************************************************************************/
btm_ble_timeout(TIMER_LIST_ENT * p_tle)3136 void btm_ble_timeout(TIMER_LIST_ENT *p_tle)
3137 {
3138     BTM_TRACE_EVENT ("btm_ble_timeout");
3139 
3140     switch (p_tle->event)
3141     {
3142         case BTU_TTYPE_BLE_OBSERVE:
3143             btm_ble_stop_observe();
3144             break;
3145 
3146         case BTU_TTYPE_BLE_INQUIRY:
3147             btm_ble_stop_inquiry();
3148             break;
3149 
3150         case BTU_TTYPE_BLE_GAP_LIM_DISC:
3151             /* lim_timeout expiried, limited discovery should exit now */
3152             btm_cb.btm_inq_vars.discoverable_mode &= ~BTM_BLE_LIMITED_DISCOVERABLE;
3153             btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode, btm_cb.btm_inq_vars.discoverable_mode);
3154             break;
3155 
3156         case BTU_TTYPE_BLE_RANDOM_ADDR:
3157             if (btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type == BLE_ADDR_RANDOM)
3158             {
3159                 if (NULL == (void *)(p_tle->param))
3160                 {
3161                     /* refresh the random addr */
3162                     btm_gen_resolvable_private_addr((void *)btm_gen_resolve_paddr_low);
3163                 }
3164                 else
3165                 {
3166                     if (BTM_BleMaxMultiAdvInstanceCount() > 0)
3167                        btm_ble_multi_adv_configure_rpa((tBTM_BLE_MULTI_ADV_INST*)p_tle->param);
3168                 }
3169             }
3170             break;
3171 
3172         case BTU_TTYPE_BLE_GAP_FAST_ADV:
3173             /* fast adv is completed, fall back to slow adv interval */
3174             btm_ble_start_slow_adv();
3175             break;
3176 
3177         default:
3178             break;
3179 
3180     }
3181 }
3182 
3183 
3184 /*******************************************************************************
3185 **
3186 ** Function         btm_ble_read_remote_features_complete
3187 **
3188 ** Description      This function is called when the command complete message
3189 **                  is received from the HCI for the read LE remote feature supported
3190 **                  complete event.
3191 **
3192 ** Returns          void
3193 **
3194 *******************************************************************************/
btm_ble_read_remote_features_complete(UINT8 * p)3195 void btm_ble_read_remote_features_complete(UINT8 *p)
3196 {
3197     tACL_CONN        *p_acl_cb = &btm_cb.acl_db[0];
3198     UINT16            handle;
3199     UINT8             status;
3200     int               xx;
3201 
3202     BTM_TRACE_EVENT ("btm_ble_read_remote_features_complete ");
3203 
3204     STREAM_TO_UINT8(status, p);
3205 
3206     // if LE read remote feature failed for HCI_ERR_CONN_FAILED_ESTABLISHMENT,
3207     // expect disconnect complete to be received
3208     if (status != HCI_ERR_CONN_FAILED_ESTABLISHMENT)
3209     {
3210         STREAM_TO_UINT16 (handle, p);
3211 
3212         /* Look up the connection by handle and copy features */
3213         for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++)
3214         {
3215             if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle))
3216             {
3217                 STREAM_TO_ARRAY(p_acl_cb->peer_le_features, p, BD_FEATURES_LEN);
3218                 /*notify link up here */
3219                 l2cble_notify_le_connection (p_acl_cb->remote_addr);
3220                 break;
3221             }
3222         }
3223     }
3224 
3225 }
3226 
3227 /*******************************************************************************
3228 **
3229 ** Function         btm_ble_write_adv_enable_complete
3230 **
3231 ** Description      This function process the write adv enable command complete.
3232 **
3233 ** Returns          void
3234 **
3235 *******************************************************************************/
btm_ble_write_adv_enable_complete(UINT8 * p)3236 void btm_ble_write_adv_enable_complete(UINT8 * p)
3237 {
3238     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3239 
3240     /* if write adv enable/disbale not succeed */
3241     if (*p != HCI_SUCCESS)
3242     {
3243         /* toggle back the adv mode */
3244         p_cb->adv_mode = !p_cb->adv_mode;
3245     }
3246 }
3247 
3248 /*******************************************************************************
3249 **
3250 ** Function         btm_ble_dir_adv_tout
3251 **
3252 ** Description      when directed adv time out
3253 **
3254 ** Returns          void
3255 **
3256 *******************************************************************************/
btm_ble_dir_adv_tout(void)3257 void btm_ble_dir_adv_tout(void)
3258 {
3259     btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3260 
3261     /* make device fall back into undirected adv mode by default */
3262     btm_cb.ble_ctr_cb.inq_var.directed_conn = FALSE;
3263 }
3264 
3265 /*******************************************************************************
3266 **
3267 ** Function         btm_ble_set_topology_mask
3268 **
3269 ** Description      set BLE topology mask
3270 **
3271 ** Returns          TRUE is request is allowed, FALSE otherwise.
3272 **
3273 *******************************************************************************/
btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)3274 BOOLEAN btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)
3275 {
3276     request_state_mask &= BTM_BLE_STATE_ALL_MASK;
3277     btm_cb.ble_ctr_cb.cur_states |= (request_state_mask & BTM_BLE_STATE_ALL_MASK);
3278     return TRUE;
3279 }
3280 
3281 /*******************************************************************************
3282 **
3283 ** Function         btm_ble_clear_topology_mask
3284 **
3285 ** Description      Clear BLE topology bit mask
3286 **
3287 ** Returns          TRUE is request is allowed, FALSE otherwise.
3288 **
3289 *******************************************************************************/
btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)3290 BOOLEAN btm_ble_clear_topology_mask (tBTM_BLE_STATE_MASK request_state_mask)
3291 {
3292     request_state_mask &= BTM_BLE_STATE_ALL_MASK;
3293     btm_cb.ble_ctr_cb.cur_states &= ~request_state_mask;
3294     return TRUE;
3295 }
3296 
3297 /*******************************************************************************
3298 **
3299 ** Function         btm_ble_update_link_topology_mask
3300 **
3301 ** Description      This function update the link topology mask
3302 **
3303 ** Returns          void
3304 **
3305 *******************************************************************************/
btm_ble_update_link_topology_mask(UINT8 link_role,BOOLEAN increase)3306 void btm_ble_update_link_topology_mask(UINT8 link_role, BOOLEAN increase)
3307 {
3308     btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_CONN_MASK);
3309 
3310     if (increase)
3311         btm_cb.ble_ctr_cb.link_count[link_role]++;
3312     else if (btm_cb.ble_ctr_cb.link_count[link_role] > 0)
3313         btm_cb.ble_ctr_cb.link_count[link_role]--;
3314 
3315     if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_MASTER])
3316         btm_ble_set_topology_mask (BTM_BLE_STATE_MASTER_BIT);
3317 
3318     if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_SLAVE])
3319         btm_ble_set_topology_mask(BTM_BLE_STATE_SLAVE_BIT);
3320 
3321     if (link_role == HCI_ROLE_SLAVE && increase)
3322     {
3323         btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3324         /* make device fall back into undirected adv mode by default */
3325         btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_CONNECT_EVT;
3326         /* clear all adv states */
3327         btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
3328     }
3329 }
3330 
3331 /*******************************************************************************
3332 **
3333 ** Function         btm_ble_update_mode_operation
3334 **
3335 ** Description      This function update the GAP role operation when a link status
3336 **                  is updated.
3337 **
3338 ** Returns          void
3339 **
3340 *******************************************************************************/
btm_ble_update_mode_operation(UINT8 link_role,BD_ADDR bd_addr,UINT8 status)3341 void btm_ble_update_mode_operation(UINT8 link_role, BD_ADDR bd_addr, UINT8 status)
3342 {
3343     if (status == HCI_ERR_DIRECTED_ADVERTISING_TIMEOUT)
3344     {
3345         btm_cb.ble_ctr_cb.inq_var.adv_mode  = BTM_BLE_ADV_DISABLE;
3346         /* make device fall back into undirected adv mode by default */
3347         btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_CONNECT_EVT;
3348         /* clear all adv states */
3349         btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_ADV_MASK);
3350     }
3351 
3352     if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_CONNECTABLE)
3353     {
3354         btm_ble_set_connectability(btm_cb.btm_inq_vars.connectable_mode |
3355                                    btm_cb.ble_ctr_cb.inq_var.connectable_mode);
3356     }
3357 
3358     /* when no connection is attempted, and controller is not rejecting last request
3359        due to resource limitation, start next direct connection or background connection
3360        now in order */
3361     if (btm_ble_get_conn_st() == BLE_CONN_IDLE && status != HCI_ERR_HOST_REJECT_RESOURCES &&
3362         !btm_send_pending_direct_conn())
3363     {
3364          btm_ble_resume_bg_conn();
3365     }
3366 }
3367 
3368 /*******************************************************************************
3369 **
3370 ** Function         btm_ble_init
3371 **
3372 ** Description      Initialize the control block variable values.
3373 **
3374 ** Returns          void
3375 **
3376 *******************************************************************************/
btm_ble_init(void)3377 void btm_ble_init (void)
3378 {
3379     tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb;
3380 
3381     BTM_TRACE_DEBUG("%s", __func__);
3382 
3383     memset(p_cb, 0, sizeof(tBTM_BLE_CB));
3384     memset(&(btm_cb.cmn_ble_vsc_cb), 0 , sizeof(tBTM_BLE_VSC_CB));
3385     btm_cb.cmn_ble_vsc_cb.values_read = FALSE;
3386     p_cb->cur_states       = 0;
3387 
3388     p_cb->inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3389     p_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
3390     p_cb->inq_var.adv_chnl_map = BTM_BLE_DEFAULT_ADV_CHNL_MAP;
3391     p_cb->inq_var.afp = BTM_BLE_DEFAULT_AFP;
3392     p_cb->inq_var.sfp = BTM_BLE_DEFAULT_SFP;
3393     p_cb->inq_var.connectable_mode = BTM_BLE_NON_CONNECTABLE;
3394     p_cb->inq_var.discoverable_mode = BTM_BLE_NON_DISCOVERABLE;
3395 
3396     /* for background connection, reset connection params to be undefined */
3397     p_cb->scan_int = p_cb->scan_win = BTM_BLE_SCAN_PARAM_UNDEF;
3398 
3399     p_cb->inq_var.evt_type = BTM_BLE_NON_CONNECT_EVT;
3400 
3401 #if BLE_VND_INCLUDED == FALSE
3402     btm_ble_adv_filter_init();
3403 #endif
3404 }
3405 
3406 /*******************************************************************************
3407 **
3408 ** Function         btm_ble_topology_check
3409 **
3410 ** Description      check to see requested state is supported. One state check at
3411 **                  a time is supported
3412 **
3413 ** Returns          TRUE is request is allowed, FALSE otherwise.
3414 **
3415 *******************************************************************************/
btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)3416 BOOLEAN btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)
3417 {
3418     BOOLEAN rt = FALSE;
3419 
3420     UINT8   state_offset = 0;
3421     UINT16  cur_states = btm_cb.ble_ctr_cb.cur_states;
3422     UINT8   mask, offset;
3423     UINT8   request_state = 0;
3424 
3425     /* check only one bit is set and within valid range */
3426     if (request_state_mask == BTM_BLE_STATE_INVALID ||
3427         request_state_mask > BTM_BLE_STATE_SCAN_ADV_BIT ||
3428         (request_state_mask & (request_state_mask -1 )) != 0)
3429     {
3430         BTM_TRACE_ERROR("illegal state requested: %d", request_state_mask);
3431         return rt;
3432     }
3433 
3434     while (request_state_mask)
3435     {
3436         request_state_mask >>= 1;
3437         request_state ++;
3438     }
3439 
3440     /* check if the requested state is supported or not */
3441     mask = btm_le_state_combo_tbl[0][request_state - 1][0];
3442     offset = btm_le_state_combo_tbl[0][request_state-1][1];
3443 
3444     const uint8_t *ble_supported_states = controller_get_interface()->get_ble_supported_states();
3445 
3446     if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, mask, offset))
3447     {
3448         BTM_TRACE_ERROR("state requested not supported: %d", request_state);
3449         return rt;
3450     }
3451 
3452     rt = TRUE;
3453     /* make sure currently active states are all supported in conjunction with the requested
3454        state. If the bit in table is not set, the combination is not supported */
3455     while (cur_states != 0)
3456     {
3457         if (cur_states & 0x01)
3458         {
3459             mask = btm_le_state_combo_tbl[request_state][state_offset][0];
3460             offset = btm_le_state_combo_tbl[request_state][state_offset][1];
3461 
3462             if (mask != 0 && offset != 0)
3463             {
3464                 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, mask, offset))
3465                 {
3466                     rt = FALSE;
3467                     break;
3468                 }
3469             }
3470         }
3471         cur_states >>= 1;
3472         state_offset ++;
3473     }
3474     return rt;
3475 }
3476 
3477 
3478 #endif  /* BLE_INCLUDED */
3479