1 /******************************************************************************
2  *
3  *  Copyright (C) 2008-2014 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains functions for BLE GAP.
22  *
23  ******************************************************************************/
24 
25 #define LOG_TAG "bt_btm_ble"
26 
27 #include <string.h>
28 #include <stdio.h>
29 #include <stddef.h>
30 
31 #include "bt_types.h"
32 #include "bt_utils.h"
33 #include "btm_ble_api.h"
34 #include "btm_int.h"
35 #include "btu.h"
36 #include "device/include/controller.h"
37 #include "gap_api.h"
38 #include "hcimsgs.h"
39 
40 #if BLE_INCLUDED == TRUE
41 
42 #include "btm_ble_int.h"
43 #include "gatt_int.h"
44 #include "gattdefs.h"
45 #include "l2c_int.h"
46 #include "osi/include/log.h"
47 
48 #define BTM_BLE_NAME_SHORT                  0x01
49 #define BTM_BLE_NAME_CMPL                   0x02
50 
51 #define BTM_BLE_FILTER_TARGET_UNKNOWN       0xff
52 #define BTM_BLE_POLICY_UNKNOWN              0xff
53 
54 #define BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS     (30 * 1000)
55 #define MIN_ADV_LENGTH                       2
56 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE 9
57 
58 
59 extern fixed_queue_t *btu_general_alarm_queue;
60 
61 static tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
62 
63 #if BLE_VND_INCLUDED == TRUE
64 static tBTM_BLE_CTRL_FEATURES_CBACK    *p_ctrl_le_feature_rd_cmpl_cback = NULL;
65 #endif
66 
67 /*******************************************************************************
68 **  Local functions
69 *******************************************************************************/
70 static void btm_ble_update_adv_flag(UINT8 flag);
71 static void btm_ble_process_adv_pkt_cont(BD_ADDR bda, UINT8 addr_type, UINT8 evt_type, UINT8 *p);
72 UINT8 *btm_ble_build_adv_data(tBTM_BLE_AD_MASK *p_data_mask, UINT8 **p_dst,
73                               tBTM_BLE_ADV_DATA *p_data);
74 static UINT8 btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB *p_cb,
75                                      BD_ADDR_PTR p_peer_addr_ptr,
76                                      tBLE_ADDR_TYPE *p_peer_addr_type,
77                                      tBLE_ADDR_TYPE *p_own_addr_type);
78 static void btm_ble_stop_observe(void);
79 static void btm_ble_fast_adv_timer_timeout(void *data);
80 static void btm_ble_start_slow_adv(void);
81 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(void *data);
82 static void btm_ble_inquiry_timer_timeout(void *data);
83 static void btm_ble_observer_timer_timeout(void *data);
84 
85 
86 #define BTM_BLE_INQ_RESULT          0x01
87 #define BTM_BLE_OBS_RESULT          0x02
88 #define BTM_BLE_SEL_CONN_RESULT     0x04
89 
90 /* LE states combo bit to check */
91 const UINT8 btm_le_state_combo_tbl[BTM_BLE_STATE_MAX][BTM_BLE_STATE_MAX][2] =
92 {
93     {/* single state support */
94         {HCI_SUPP_LE_STATES_CONN_ADV_MASK, HCI_SUPP_LE_STATES_CONN_ADV_OFF},  /* conn_adv */
95         {HCI_SUPP_LE_STATES_INIT_MASK, HCI_SUPP_LE_STATES_INIT_OFF}, /* init */
96         {HCI_SUPP_LE_STATES_INIT_MASK, HCI_SUPP_LE_STATES_INIT_OFF}, /* master */
97         {HCI_SUPP_LE_STATES_SLAVE_MASK, HCI_SUPP_LE_STATES_SLAVE_OFF}, /* slave */
98         {0, 0},                   /* todo: lo du dir adv, not covered ? */
99         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_OFF}, /* hi duty dir adv */
100         {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_OFF},  /* non connectable adv */
101         {HCI_SUPP_LE_STATES_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_OFF},   /*  passive scan */
102         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_OFF},  /*   active scan */
103         {HCI_SUPP_LE_STATES_SCAN_ADV_MASK, HCI_SUPP_LE_STATESSCAN_ADV_OFF}   /* scanable adv */
104     },
105     {    /* conn_adv =0 */
106         {0, 0},                                                                           /* conn_adv */
107         {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF},      /* init: 32 */
108         {HCI_SUPP_LE_STATES_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_CONN_ADV_MASTER_OFF},  /* master: 35 */
109         {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* slave: 38,*/
110         {0, 0},                                                                           /* lo du dir adv */
111         {0, 0},                                                                            /* hi duty dir adv */
112         {0, 0},  /* non connectable adv */
113         {HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_OFF},   /*  passive scan */
114         {HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_OFF},  /*   active scan */
115         {0, 0}   /* scanable adv */
116     },
117     {   /* init */
118         {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF},      /* conn_adv: 32 */
119         {0, 0},                                                                             /* init */
120         {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF},          /* master 28 */
121         {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* slave 41 */
122         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_OFF} ,/* lo du dir adv 34 */
123         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_OFF},     /* hi duty dir adv 33 */
124         {HCI_SUPP_LE_STATES_NON_CONN_INIT_MASK, HCI_SUPP_LE_STATES_NON_CONN_INIT_OFF},  /*  non connectable adv */
125         {HCI_SUPP_LE_STATES_PASS_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_INIT_OFF},   /* passive scan */
126         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_OFF},  /*  active scan */
127         {HCI_SUPP_LE_STATES_SCAN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_INIT_OFF}   /* scanable adv */
128 
129     },
130     {   /* master */
131         {HCI_SUPP_LE_STATES_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_CONN_ADV_MASTER_OFF},  /* conn_adv: 35 */
132         {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF},          /* init 28 */
133         {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF},          /* master 28 */
134         {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF},      /* slave: 32 */
135         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_OFF},  /* lo duty cycle adv 37 */
136         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_OFF},   /* hi duty cycle adv 36 */
137         {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_OFF},  /*  non connectable adv */
138         {HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_OFF},   /*  passive scan */
139         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_OFF},  /*   active scan */
140         {HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_OFF}   /*  scanable adv */
141 
142     },
143     { /* slave */
144         {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* conn_adv: 38,*/
145         {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* init 41 */
146         {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* master 41 */
147         {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF},        /* slave: 38,*/
148         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_OFF},  /* lo duty cycle adv 40 */
149         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_OFF},   /* hi duty cycle adv 39 */
150         {HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_OFF},  /* non connectable adv */
151         {HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_OFF},   /* passive scan */
152         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_OFF},  /*  active scan */
153         {HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_OFF}   /* scanable adv */
154 
155     },
156     { /* lo duty cycle adv */
157         {0, 0}, /* conn_adv: 38,*/
158         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_OFF} ,/* init 34 */
159         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_OFF}, /* master 37 */
160         {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_OFF}, /* slave: 40 */
161         {0, 0},  /* lo duty cycle adv 40 */
162         {0, 0},   /* hi duty cycle adv 39 */
163         {0, 0},  /*  non connectable adv */
164         {0, 0},   /* TODO: passive scan, not covered? */
165         {0, 0},  /* TODO:  active scan, not covered? */
166         {0, 0}   /*  scanable adv */
167     },
168     { /* hi duty cycle adv */
169         {0, 0}, /* conn_adv: 38,*/
170         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_OFF}, /* init 33 */
171         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_OFF}, /* master 36 */
172         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_OFF},   /* slave: 39*/
173         {0, 0},  /* lo duty cycle adv 40 */
174         {0, 0},   /* hi duty cycle adv 39 */
175         {0, 0},  /* non connectable adv */
176         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_OFF},   /* passive scan */
177         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_OFF},  /* active scan */
178         {0, 0}   /* scanable adv */
179     },
180     { /* non connectable adv */
181         {0, 0}, /* conn_adv: */
182         {HCI_SUPP_LE_STATES_NON_CONN_INIT_MASK, HCI_SUPP_LE_STATES_NON_CONN_INIT_OFF}, /* init  */
183         {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_OFF}, /* master  */
184         {HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_OFF},   /* slave: */
185         {0, 0},  /* lo duty cycle adv */
186         {0, 0},   /* hi duty cycle adv */
187         {0, 0},  /* non connectable adv */
188         {HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_OFF},   /* passive scan */
189         {HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_OFF},  /*  active scan */
190         {0, 0}   /* scanable adv */
191     },
192     { /* passive scan */
193         {HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_OFF}, /* conn_adv: */
194         {HCI_SUPP_LE_STATES_PASS_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_INIT_OFF}, /* init  */
195         {HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_OFF}, /* master  */
196         {HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_OFF},   /* slave: */
197         {0, 0},  /* lo duty cycle adv */
198         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_OFF},   /* hi duty cycle adv */
199         {HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_OFF},  /*  non connectable adv */
200         {0, 0},   /* passive scan */
201         {0, 0},  /* active scan */
202          {HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_OFF}   /* scanable adv */
203     },
204     { /* active scan */
205         {HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_OFF}, /* conn_adv: */
206         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_OFF}, /* init  */
207         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_OFF}, /* master  */
208         {HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_OFF},   /* slave: */
209         {0, 0},  /* lo duty cycle adv */
210         {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_OFF},   /* hi duty cycle adv */
211         {HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_OFF},  /*  non connectable adv */
212         {0, 0},   /* TODO: passive scan */
213         {0, 0},  /* TODO:  active scan */
214         {HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_OFF}   /*  scanable adv */
215     },
216     { /* scanable adv */
217         {0, 0}, /* conn_adv: */
218         {HCI_SUPP_LE_STATES_SCAN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_INIT_OFF}, /* init  */
219         {HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_OFF}, /* master  */
220         {HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_OFF},   /* slave: */
221         {0, 0},  /* lo duty cycle adv */
222         {0, 0},   /* hi duty cycle adv */
223         {0, 0},  /* non connectable adv */
224         {HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_OFF},   /*  passive scan */
225         {HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_OFF},  /*  active scan */
226         {0, 0}   /* scanable adv */
227     }
228 
229 };
230 /* check LE combo state supported */
231 #define BTM_LE_STATES_SUPPORTED(x, y, z)      ((x)[(z)] & (y))
232 
233 /*******************************************************************************
234 **
235 ** Function         BTM_BleUpdateAdvWhitelist
236 **
237 ** Description      Add or remove device from advertising white list
238 **
239 ** Returns          void
240 **
241 *******************************************************************************/
BTM_BleUpdateAdvWhitelist(BOOLEAN add_remove,BD_ADDR remote_bda)242 BOOLEAN BTM_BleUpdateAdvWhitelist(BOOLEAN add_remove, BD_ADDR remote_bda)
243 {
244     UNUSED(add_remove);
245     UNUSED(remote_bda);
246 
247     return FALSE;
248 }
249 
250 /*******************************************************************************
251 **
252 ** Function         BTM_BleUpdateAdvFilterPolicy
253 **
254 ** Description      This function update the filter policy of advertiser.
255 **
256 ** Parameter        adv_policy: advertising filter policy
257 **
258 ** Return           void
259 *******************************************************************************/
BTM_BleUpdateAdvFilterPolicy(tBTM_BLE_AFP adv_policy)260 void BTM_BleUpdateAdvFilterPolicy(tBTM_BLE_AFP adv_policy)
261 {
262     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
263     tBLE_ADDR_TYPE   init_addr_type = BLE_ADDR_PUBLIC;
264     BD_ADDR          p_addr_ptr= {0};
265     UINT8            adv_mode = p_cb->adv_mode;
266 
267     BTM_TRACE_EVENT ("BTM_BleUpdateAdvFilterPolicy");
268 
269     if (!controller_get_interface()->supports_ble())
270         return;
271 
272     if (p_cb->afp != adv_policy)
273     {
274         p_cb->afp = adv_policy;
275 
276         /* if adv active, stop and restart */
277         btm_ble_stop_adv ();
278 
279         if (p_cb->connectable_mode & BTM_BLE_CONNECTABLE)
280             p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
281                                                               &p_cb->adv_addr_type);
282 
283         btsnd_hcic_ble_write_adv_params ((UINT16)(p_cb->adv_interval_min ? p_cb->adv_interval_min :
284                                          BTM_BLE_GAP_ADV_SLOW_INT),
285                                          (UINT16)(p_cb->adv_interval_max ? p_cb->adv_interval_max :
286                                          BTM_BLE_GAP_ADV_SLOW_INT),
287                                          p_cb->evt_type,
288                                          p_cb->adv_addr_type,
289                                          init_addr_type,
290                                          p_addr_ptr,
291                                          p_cb->adv_chnl_map,
292                                          p_cb->afp);
293 
294         if (adv_mode == BTM_BLE_ADV_ENABLE)
295             btm_ble_start_adv ();
296 
297     }
298 }
299 
300 /*******************************************************************************
301 **
302 ** Function         btm_ble_send_extended_scan_params
303 **
304 ** Description      This function sends out the extended scan parameters command to the controller
305 **
306 ** Parameters       scan_type - Scan type
307 **                  scan_int - Scan interval
308 **                  scan_win - Scan window
309 **                  addr_type_own - Own address type
310 **                  scan_filter_policy - Scan filter policy
311 **
312 ** Returns          TRUE or FALSE
313 **
314 *******************************************************************************/
btm_ble_send_extended_scan_params(UINT8 scan_type,UINT32 scan_int,UINT32 scan_win,UINT8 addr_type_own,UINT8 scan_filter_policy)315 BOOLEAN btm_ble_send_extended_scan_params(UINT8 scan_type, UINT32 scan_int,
316                                           UINT32 scan_win, UINT8 addr_type_own,
317                                           UINT8 scan_filter_policy)
318 {
319     UINT8 scan_param[HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM];
320     UINT8 *pp_scan = scan_param;
321 
322     memset(scan_param, 0, HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM);
323 
324     UINT8_TO_STREAM(pp_scan, scan_type);
325     UINT32_TO_STREAM(pp_scan, scan_int);
326     UINT32_TO_STREAM(pp_scan, scan_win);
327     UINT8_TO_STREAM(pp_scan, addr_type_own);
328     UINT8_TO_STREAM(pp_scan, scan_filter_policy);
329 
330     BTM_TRACE_DEBUG("%s, %d, %d", __func__, scan_int, scan_win);
331     if ((BTM_VendorSpecificCommand(HCI_BLE_EXTENDED_SCAN_PARAMS_OCF,
332          HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM, scan_param, NULL)) != BTM_SUCCESS)
333     {
334         BTM_TRACE_ERROR("%s error sending extended scan parameters", __func__);
335         return FALSE;
336     }
337     return TRUE;
338 }
339 
340 /*******************************************************************************
341 **
342 ** Function         BTM_BleObserve
343 **
344 ** Description      This procedure keep the device listening for advertising
345 **                  events from a broadcast device.
346 **
347 ** Parameters       start: start or stop observe.
348 **                  white_list: use white list in observer mode or not.
349 **
350 ** Returns          void
351 **
352 *******************************************************************************/
BTM_BleObserve(BOOLEAN start,UINT8 duration,tBTM_INQ_RESULTS_CB * p_results_cb,tBTM_CMPL_CB * p_cmpl_cb)353 tBTM_STATUS BTM_BleObserve(BOOLEAN start, UINT8 duration,
354                            tBTM_INQ_RESULTS_CB *p_results_cb, tBTM_CMPL_CB *p_cmpl_cb)
355 {
356     tBTM_BLE_INQ_CB *p_inq = &btm_cb.ble_ctr_cb.inq_var;
357     tBTM_STATUS status = BTM_WRONG_MODE;
358 
359     UINT32 scan_interval = !p_inq->scan_interval ? BTM_BLE_GAP_DISC_SCAN_INT : p_inq->scan_interval;
360     UINT32 scan_window = !p_inq->scan_window ? BTM_BLE_GAP_DISC_SCAN_WIN : p_inq->scan_window;
361 
362     BTM_TRACE_EVENT ("%s : scan_type:%d, %d, %d", __func__, btm_cb.btm_inq_vars.scan_type,
363                       p_inq->scan_interval, p_inq->scan_window);
364 
365     if (!controller_get_interface()->supports_ble())
366         return BTM_ILLEGAL_VALUE;
367 
368     if (start)
369     {
370         /* shared inquiry database, do not allow observe if any inquiry is active */
371         if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
372         {
373             BTM_TRACE_ERROR("%s Observe Already Active", __func__);
374             return status;
375         }
376 
377         btm_cb.ble_ctr_cb.p_obs_results_cb = p_results_cb;
378         btm_cb.ble_ctr_cb.p_obs_cmpl_cb = p_cmpl_cb;
379         status = BTM_CMD_STARTED;
380 
381         /* scan is not started */
382         if (!BTM_BLE_IS_SCAN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
383         {
384             /* allow config of scan type */
385             p_inq->scan_type = (p_inq->scan_type == BTM_BLE_SCAN_MODE_NONE) ?
386                                                     BTM_BLE_SCAN_MODE_ACTI: p_inq->scan_type;
387             /* assume observe always not using white list */
388             #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
389                 /* enable resolving list */
390                 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
391             #endif
392 
393             if (cmn_ble_vsc_cb.extended_scan_support == 0)
394             {
395                 btsnd_hcic_ble_set_scan_params(p_inq->scan_type, (UINT16)scan_interval,
396                                                (UINT16)scan_window,
397                                                btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
398                                                BTM_BLE_DEFAULT_SFP);
399             }
400             else
401             {
402                 btm_ble_send_extended_scan_params(p_inq->scan_type, scan_interval, scan_window,
403                                                   btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
404                                                   BTM_BLE_DEFAULT_SFP);
405             }
406 
407             p_inq->scan_duplicate_filter = BTM_BLE_DUPLICATE_DISABLE;
408             status = btm_ble_start_scan();
409         }
410 
411         if (status == BTM_CMD_STARTED)
412         {
413             btm_cb.ble_ctr_cb.scan_activity |= BTM_LE_OBSERVE_ACTIVE;
414             if (duration != 0) {
415                 /* start observer timer */
416                 period_ms_t duration_ms = duration * 1000;
417                 alarm_set_on_queue(btm_cb.ble_ctr_cb.observer_timer,
418                                    duration_ms, btm_ble_observer_timer_timeout,
419                                    NULL, btu_general_alarm_queue);
420             }
421         }
422     }
423     else if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
424     {
425         status = BTM_CMD_STARTED;
426         btm_ble_stop_observe();
427     }
428     else
429     {
430         BTM_TRACE_ERROR("%s Observe not active", __func__);
431     }
432 
433     return status;
434 
435 }
436 
437 /*******************************************************************************
438 **
439 ** Function         BTM_BleBroadcast
440 **
441 ** Description      This function is to start or stop broadcasting.
442 **
443 ** Parameters       start: start or stop broadcasting.
444 **
445 ** Returns          status.
446 **
447 *******************************************************************************/
BTM_BleBroadcast(BOOLEAN start)448 tBTM_STATUS BTM_BleBroadcast(BOOLEAN start)
449 {
450     tBTM_STATUS status = BTM_NO_RESOURCES;
451     tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
452     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
453     UINT8 evt_type = p_cb->scan_rsp ? BTM_BLE_DISCOVER_EVT: BTM_BLE_NON_CONNECT_EVT;
454 
455     if (!controller_get_interface()->supports_ble())
456         return BTM_ILLEGAL_VALUE;
457 
458 #ifdef  BTM_BLE_PC_ADV_TEST_MODE
459     if (BTM_BLE_PC_ADV_TEST_MODE)
460     {
461         evt_type = p_cb->scan_rsp ? BTM_BLE_CONNECT_EVT: BTM_BLE_NON_CONNECT_EVT;
462     }
463 #endif
464 
465     if (start && p_cb->adv_mode == BTM_BLE_ADV_DISABLE)
466     {
467         /* update adv params */
468         if (!btsnd_hcic_ble_write_adv_params ((UINT16)(p_cb->adv_interval_min ? p_cb->adv_interval_min :
469                                               BTM_BLE_GAP_ADV_INT),
470                                               (UINT16)(p_cb->adv_interval_max ? p_cb->adv_interval_max :
471                                               BTM_BLE_GAP_ADV_INT),
472                                               evt_type,
473                                               p_addr_cb->own_addr_type,
474                                               p_cb->direct_bda.type,
475                                               p_cb->direct_bda.bda,
476                                               p_cb->adv_chnl_map,
477                                               p_cb->afp))
478 
479             status = BTM_NO_RESOURCES;
480         else
481             p_cb->evt_type = evt_type;
482 
483         status = btm_ble_start_adv ();
484     }
485     else if (!start)
486     {
487         status = btm_ble_stop_adv();
488 #if BLE_PRIVACY_SPT == TRUE
489         btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
490 #endif
491     }
492     else
493     {
494         status = BTM_WRONG_MODE;
495         BTM_TRACE_ERROR("Can not %s Broadcast, device %s in Broadcast mode",
496             (start ? "Start" : "Stop"), (start ? "already" :"not"));
497     }
498     return status;
499 }
500 
501 #if BLE_VND_INCLUDED == TRUE
502 /*******************************************************************************
503 **
504 ** Function         btm_vsc_brcm_features_complete
505 **
506 ** Description      Command Complete callback for HCI_BLE_VENDOR_CAP_OCF
507 **
508 ** Returns          void
509 **
510 *******************************************************************************/
btm_ble_vendor_capability_vsc_cmpl_cback(tBTM_VSC_CMPL * p_vcs_cplt_params)511 static void btm_ble_vendor_capability_vsc_cmpl_cback (tBTM_VSC_CMPL *p_vcs_cplt_params)
512 {
513     UINT8 status = 0xFF;
514     UINT8 *p;
515 
516     BTM_TRACE_DEBUG("%s", __func__);
517 
518     /* Check status of command complete event */
519     if ((p_vcs_cplt_params->opcode == HCI_BLE_VENDOR_CAP_OCF) &&
520         (p_vcs_cplt_params->param_len > 0))
521     {
522         p = p_vcs_cplt_params->p_param_buf;
523         STREAM_TO_UINT8(status, p);
524     }
525 
526     if (status == HCI_SUCCESS)
527     {
528         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.adv_inst_max, p);
529         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.rpa_offloading, p);
530         STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg, p);
531         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz, p);
532         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.filter_support, p);
533         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_filter, p);
534         STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.energy_support, p);
535 
536         if (p_vcs_cplt_params->param_len > BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE)
537         {
538             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.version_supported, p);
539         }
540         else
541         {
542             btm_cb.cmn_ble_vsc_cb.version_supported = BTM_VSC_CHIP_CAPABILITY_L_VERSION;
543         }
544 
545         if (btm_cb.cmn_ble_vsc_cb.version_supported >= BTM_VSC_CHIP_CAPABILITY_M_VERSION)
546         {
547             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.total_trackable_advertisers, p);
548             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.extended_scan_support, p);
549             STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.debug_logging_supported, p);
550         }
551         btm_cb.cmn_ble_vsc_cb.values_read = TRUE;
552     }
553 
554     BTM_TRACE_DEBUG("%s: stat=%d, irk=%d, ADV ins:%d, rpa=%d, ener=%d, ext_scan=%d",
555          __func__, status, btm_cb.cmn_ble_vsc_cb.max_irk_list_sz,
556          btm_cb.cmn_ble_vsc_cb.adv_inst_max, btm_cb.cmn_ble_vsc_cb.rpa_offloading,
557          btm_cb.cmn_ble_vsc_cb.energy_support, btm_cb.cmn_ble_vsc_cb.extended_scan_support);
558 
559     if (BTM_BleMaxMultiAdvInstanceCount() > 0)
560         btm_ble_multi_adv_init();
561 
562     if (btm_cb.cmn_ble_vsc_cb.max_filter > 0)
563         btm_ble_adv_filter_init();
564 
565 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
566     /* VS capability included and non-4.2 device */
567     if (btm_cb.cmn_ble_vsc_cb.max_irk_list_sz > 0 &&
568         controller_get_interface()->get_ble_resolving_list_max_size() == 0)
569         btm_ble_resolving_list_init(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz);
570 #endif  /* (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE) */
571 
572     if (btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg > 0)
573         btm_ble_batchscan_init();
574 
575     if (p_ctrl_le_feature_rd_cmpl_cback != NULL)
576         p_ctrl_le_feature_rd_cmpl_cback(status);
577 }
578 #endif  /* BLE_VND_INCLUDED == TRUE */
579 
580 /*******************************************************************************
581 **
582 ** Function         BTM_BleGetVendorCapabilities
583 **
584 ** Description      This function reads local LE features
585 **
586 ** Parameters       p_cmn_vsc_cb : Locala LE capability structure
587 **
588 ** Returns          void
589 **
590 *******************************************************************************/
BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB * p_cmn_vsc_cb)591 extern void BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB *p_cmn_vsc_cb)
592 {
593     BTM_TRACE_DEBUG("BTM_BleGetVendorCapabilities");
594 
595     if (NULL != p_cmn_vsc_cb)
596     {
597         *p_cmn_vsc_cb = btm_cb.cmn_ble_vsc_cb;
598     }
599 }
600 
601 /******************************************************************************
602 **
603 ** Function         BTM_BleReadControllerFeatures
604 **
605 ** Description      Reads BLE specific controller features
606 **
607 ** Parameters:      tBTM_BLE_CTRL_FEATURES_CBACK : Callback to notify when features are read
608 **
609 ** Returns          void
610 **
611 *******************************************************************************/
BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK * p_vsc_cback)612 extern void BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK  *p_vsc_cback)
613 {
614     if (TRUE == btm_cb.cmn_ble_vsc_cb.values_read)
615         return;
616 
617 #if BLE_VND_INCLUDED == TRUE
618     BTM_TRACE_DEBUG("BTM_BleReadControllerFeatures");
619 
620     p_ctrl_le_feature_rd_cmpl_cback = p_vsc_cback;
621     if ( BTM_VendorSpecificCommand (HCI_BLE_VENDOR_CAP_OCF,
622                                     0,
623                                     NULL,
624                                     btm_ble_vendor_capability_vsc_cmpl_cback)
625                                     != BTM_CMD_STARTED)
626     {
627         BTM_TRACE_ERROR("LE Get_Vendor Capabilities Command Failed.");
628     }
629 #else
630     UNUSED(p_vsc_cback);
631 #endif
632     return ;
633 }
634 
635 /*******************************************************************************
636 **
637 ** Function         BTM_BleEnableMixedPrivacyMode
638 **
639 ** Description      This function is called to enabled Mixed mode if privacy 1.2
640 **                  is applicable in controller.
641 **
642 ** Parameters       mixed_on:  mixed mode to be used or not.
643 **
644 ** Returns          void
645 **
646 *******************************************************************************/
BTM_BleEnableMixedPrivacyMode(BOOLEAN mixed_on)647 void BTM_BleEnableMixedPrivacyMode(BOOLEAN mixed_on)
648 {
649 
650 #if BLE_PRIVACY_SPT == TRUE
651     btm_cb.ble_ctr_cb.mixed_mode = mixed_on;
652 
653     /* TODO: send VSC to enabled mixed mode */
654 #endif
655 }
656 
657 /*******************************************************************************
658 **
659 ** Function         BTM_BleConfigPrivacy
660 **
661 ** Description      This function is called to enable or disable the privacy in
662 **                   LE channel of the local device.
663 **
664 ** Parameters       privacy_mode:  privacy mode on or off.
665 **
666 ** Returns          BOOLEAN privacy mode set success; otherwise failed.
667 **
668 *******************************************************************************/
BTM_BleConfigPrivacy(BOOLEAN privacy_mode)669 BOOLEAN BTM_BleConfigPrivacy(BOOLEAN privacy_mode)
670 {
671 #if BLE_PRIVACY_SPT == TRUE
672     tBTM_BLE_CB  *p_cb = &btm_cb.ble_ctr_cb;
673 
674     BTM_TRACE_EVENT ("%s", __func__);
675 
676     /* if LE is not supported, return error */
677     if (!controller_get_interface()->supports_ble())
678         return FALSE;
679 
680     uint8_t addr_resolution = 0;
681     if(!privacy_mode)/* if privacy disabled, always use public address */
682     {
683         p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
684         p_cb->privacy_mode = BTM_PRIVACY_NONE;
685     }
686     else /* privacy is turned on*/
687     {
688         /* always set host random address, used when privacy 1.1 or priavcy 1.2 is disabled */
689         p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
690         btm_gen_resolvable_private_addr((void *)btm_gen_resolve_paddr_low);
691 
692         if (BTM_BleMaxMultiAdvInstanceCount() > 0)
693             btm_ble_multi_adv_enb_privacy(privacy_mode);
694 
695         /* 4.2 controller only allow privacy 1.2 or mixed mode, resolvable private address in controller */
696         if (controller_get_interface()->supports_ble_privacy())
697         {
698             addr_resolution = 1;
699             /* check vendor specific capability */
700             p_cb->privacy_mode = btm_cb.ble_ctr_cb.mixed_mode ? BTM_PRIVACY_MIXED : BTM_PRIVACY_1_2;
701         }
702         else  /* 4.1/4.0 controller */
703             p_cb->privacy_mode = BTM_PRIVACY_1_1;
704     }
705 
706     GAP_BleAttrDBUpdate (GATT_UUID_GAP_CENTRAL_ADDR_RESOL, (tGAP_BLE_ATTR_VALUE *)&addr_resolution);
707 
708     return TRUE;
709 #else
710     return FALSE;
711 #endif
712 }
713 
714 /*******************************************************************************
715 **
716 ** Function          BTM_BleMaxMultiAdvInstanceCount
717 **
718 ** Description        Returns max number of multi adv instances supported by controller
719 **
720 ** Returns          Max multi adv instance count
721 **
722 *******************************************************************************/
BTM_BleMaxMultiAdvInstanceCount(void)723 extern UINT8  BTM_BleMaxMultiAdvInstanceCount(void)
724 {
725     return btm_cb.cmn_ble_vsc_cb.adv_inst_max < BTM_BLE_MULTI_ADV_MAX ?
726         btm_cb.cmn_ble_vsc_cb.adv_inst_max : BTM_BLE_MULTI_ADV_MAX;
727 }
728 
729 #if BLE_PRIVACY_SPT == TRUE
730 /*******************************************************************************
731 **
732 ** Function         btm_ble_resolve_random_addr_on_adv
733 **
734 ** Description      resolve random address complete callback.
735 **
736 ** Returns          void
737 **
738 *******************************************************************************/
btm_ble_resolve_random_addr_on_adv(void * p_rec,void * p)739 static void btm_ble_resolve_random_addr_on_adv(void * p_rec, void *p)
740 {
741     tBTM_SEC_DEV_REC    *match_rec = (tBTM_SEC_DEV_REC *) p_rec;
742     UINT8       addr_type = BLE_ADDR_RANDOM;
743     BD_ADDR     bda;
744     UINT8       *pp = (UINT8 *)p + 1;
745     UINT8           evt_type;
746 
747     BTM_TRACE_EVENT ("btm_ble_resolve_random_addr_on_adv ");
748 
749     STREAM_TO_UINT8    (evt_type, pp);
750     STREAM_TO_UINT8    (addr_type, pp);
751     STREAM_TO_BDADDR   (bda, pp);
752 
753     if (match_rec)
754     {
755         BTM_TRACE_DEBUG("Random match");
756         match_rec->ble.active_addr_type = BTM_BLE_ADDR_RRA;
757         memcpy(match_rec->ble.cur_rand_addr, bda, BD_ADDR_LEN);
758 
759         if (btm_ble_init_pseudo_addr(match_rec, bda))
760         {
761             memcpy(bda, match_rec->bd_addr, BD_ADDR_LEN);
762         } else {
763             // Assign the original address to be the current report address
764             memcpy(bda, match_rec->ble.pseudo_addr, BD_ADDR_LEN);
765         }
766     }
767 
768     btm_ble_process_adv_pkt_cont(bda, addr_type, evt_type, pp);
769 
770     return;
771 }
772 #endif
773 
774 /*******************************************************************************
775 **
776 ** Function         BTM_BleLocalPrivacyEnabled
777 **
778 ** Description        Checks if local device supports private address
779 **
780 ** Returns          Return TRUE if local privacy is enabled else FALSE
781 **
782 *******************************************************************************/
BTM_BleLocalPrivacyEnabled(void)783 BOOLEAN BTM_BleLocalPrivacyEnabled(void)
784 {
785 #if BLE_PRIVACY_SPT == TRUE
786     return (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE);
787 #else
788     return false;
789 #endif
790 }
791 
792 /*******************************************************************************
793 **
794 ** Function         BTM_BleSetBgConnType
795 **
796 ** Description      This function is called to set BLE connectable mode for a
797 **                  peripheral device.
798 **
799 ** Parameters       bg_conn_type: it can be auto connection, or selective connection.
800 **                  p_select_cback: callback function when selective connection procedure
801 **                              is being used.
802 **
803 ** Returns          void
804 **
805 *******************************************************************************/
BTM_BleSetBgConnType(tBTM_BLE_CONN_TYPE bg_conn_type,tBTM_BLE_SEL_CBACK * p_select_cback)806 BOOLEAN BTM_BleSetBgConnType(tBTM_BLE_CONN_TYPE   bg_conn_type,
807                              tBTM_BLE_SEL_CBACK   *p_select_cback)
808 {
809     BOOLEAN started = TRUE;
810 
811     BTM_TRACE_EVENT ("BTM_BleSetBgConnType ");
812     if (!controller_get_interface()->supports_ble())
813         return FALSE;
814 
815     if (btm_cb.ble_ctr_cb.bg_conn_type != bg_conn_type)
816     {
817         switch (bg_conn_type)
818         {
819             case BTM_BLE_CONN_AUTO:
820                 btm_ble_start_auto_conn(TRUE);
821                 break;
822 
823             case BTM_BLE_CONN_SELECTIVE:
824                 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_AUTO)
825                 {
826                     btm_ble_start_auto_conn(FALSE);
827                 }
828                 btm_ble_start_select_conn(TRUE, p_select_cback);
829                 break;
830 
831             case BTM_BLE_CONN_NONE:
832                 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_AUTO)
833                 {
834                     btm_ble_start_auto_conn(FALSE);
835                 }
836                 else if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_SELECTIVE)
837                 {
838                     btm_ble_start_select_conn(FALSE, NULL);
839                 }
840                 started = TRUE;
841                 break;
842 
843             default:
844                 BTM_TRACE_ERROR("invalid bg connection type : %d ", bg_conn_type);
845                 started = FALSE;
846                 break;
847         }
848 
849         if (started)
850             btm_cb.ble_ctr_cb.bg_conn_type = bg_conn_type;
851     }
852     return started;
853 }
854 
855 /*******************************************************************************
856 **
857 ** Function         BTM_BleClearBgConnDev
858 **
859 ** Description      This function is called to clear the whitelist,
860 **                  end any pending whitelist connections,
861 *                   and reset the local bg device list.
862 **
863 ** Parameters       void
864 **
865 ** Returns          void
866 **
867 *******************************************************************************/
BTM_BleClearBgConnDev(void)868 void BTM_BleClearBgConnDev(void)
869 {
870     btm_ble_start_auto_conn(FALSE);
871     btm_ble_clear_white_list();
872     gatt_reset_bgdev_list();
873 }
874 
875 /*******************************************************************************
876 **
877 ** Function         BTM_BleUpdateBgConnDev
878 **
879 ** Description      This function is called to add or remove a device into/from
880 **                  background connection procedure. The background connection
881 *                   procedure is decided by the background connection type, it can be
882 *                   auto connection, or selective connection.
883 **
884 ** Parameters       add_remove: TRUE to add; FALSE to remove.
885 **                  remote_bda: device address to add/remove.
886 **
887 ** Returns          void
888 **
889 *******************************************************************************/
BTM_BleUpdateBgConnDev(BOOLEAN add_remove,BD_ADDR remote_bda)890 BOOLEAN BTM_BleUpdateBgConnDev(BOOLEAN add_remove, BD_ADDR   remote_bda)
891 {
892     BTM_TRACE_EVENT("%s() add=%d", __func__, add_remove);
893     return btm_update_dev_to_white_list(add_remove, remote_bda);
894 }
895 
896 /*******************************************************************************
897 **
898 ** Function         BTM_BleSetConnectableMode
899 **
900 ** Description      This function is called to set BLE connectable mode for a
901 **                  peripheral device.
902 **
903 ** Parameters       conn_mode:  directed connectable mode, or non-directed.It can
904 **                              be BTM_BLE_CONNECT_EVT, BTM_BLE_CONNECT_DIR_EVT or
905 **                              BTM_BLE_CONNECT_LO_DUTY_DIR_EVT
906 **
907 ** Returns          BTM_ILLEGAL_VALUE if controller does not support BLE.
908 **                  BTM_SUCCESS is status set successfully; otherwise failure.
909 **
910 *******************************************************************************/
BTM_BleSetConnectableMode(tBTM_BLE_CONN_MODE connectable_mode)911 tBTM_STATUS BTM_BleSetConnectableMode(tBTM_BLE_CONN_MODE connectable_mode)
912 {
913     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
914 
915     BTM_TRACE_EVENT ("%s connectable_mode = %d ", __func__, connectable_mode);
916     if (!controller_get_interface()->supports_ble())
917         return BTM_ILLEGAL_VALUE;
918 
919     p_cb->directed_conn = connectable_mode;
920     return btm_ble_set_connectability( p_cb->connectable_mode);
921 }
922 
923 #if BLE_PRIVACY_SPT == TRUE
is_resolving_list_bit_set(void * data,void * context)924 static bool is_resolving_list_bit_set(void *data, void *context)
925 {
926     tBTM_SEC_DEV_REC *p_dev_rec = data;
927 
928     if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) != 0)
929         return false;
930 
931     return true;
932 }
933 #endif
934 
935 /*******************************************************************************
936 **
937 ** Function         btm_set_conn_mode_adv_init_addr
938 **
939 ** Description      set initator address type and local address type based on adv
940 **                  mode.
941 **
942 **
943 *******************************************************************************/
btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB * p_cb,BD_ADDR_PTR p_peer_addr_ptr,tBLE_ADDR_TYPE * p_peer_addr_type,tBLE_ADDR_TYPE * p_own_addr_type)944 static UINT8 btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB *p_cb,
945                                      BD_ADDR_PTR p_peer_addr_ptr,
946                                      tBLE_ADDR_TYPE *p_peer_addr_type,
947                                      tBLE_ADDR_TYPE *p_own_addr_type)
948 {
949     UINT8 evt_type;
950 #if BLE_PRIVACY_SPT == TRUE
951     tBTM_SEC_DEV_REC *p_dev_rec;
952 #endif
953 
954     evt_type = (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE) ? \
955                 ((p_cb->scan_rsp) ? BTM_BLE_DISCOVER_EVT : BTM_BLE_NON_CONNECT_EVT )\
956                 : BTM_BLE_CONNECT_EVT;
957 
958     if (evt_type == BTM_BLE_CONNECT_EVT)
959     {
960         evt_type = p_cb->directed_conn;
961 
962         if ( p_cb->directed_conn == BTM_BLE_CONNECT_DIR_EVT ||
963              p_cb->directed_conn == BTM_BLE_CONNECT_LO_DUTY_DIR_EVT)
964         {
965 
966 #if BLE_PRIVACY_SPT == TRUE
967             /* for privacy 1.2, convert peer address as static, own address set as ID addr */
968             if (btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_1_2 ||
969                 btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_MIXED)
970             {
971                 /* only do so for bonded device */
972                  if ((p_dev_rec = btm_find_or_alloc_dev (p_cb->direct_bda.bda)) != NULL &&
973                       p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT)
974                  {
975                      btm_ble_enable_resolving_list(BTM_BLE_RL_ADV);
976                      memcpy(p_peer_addr_ptr, p_dev_rec->ble.static_addr, BD_ADDR_LEN);
977                      *p_peer_addr_type = p_dev_rec->ble.static_addr_type;
978                      *p_own_addr_type = BLE_ADDR_RANDOM_ID;
979                      return evt_type;
980                  }
981                  /* otherwise fall though as normal directed adv */
982                  else
983                  {
984                     btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
985                  }
986             }
987 #endif
988             /* direct adv mode does not have privacy, if privacy is not enabled  */
989             *p_peer_addr_type  = p_cb->direct_bda.type;
990             memcpy(p_peer_addr_ptr, p_cb->direct_bda.bda, BD_ADDR_LEN);
991             return evt_type;
992         }
993     }
994 
995     /* undirect adv mode or non-connectable mode*/
996 #if BLE_PRIVACY_SPT == TRUE
997     /* when privacy 1.2 privacy only mode is used, or mixed mode */
998     if ((btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_1_2 && p_cb->afp != AP_SCAN_CONN_ALL) ||
999         btm_cb.ble_ctr_cb.privacy_mode ==  BTM_PRIVACY_MIXED)
1000     {
1001         list_node_t *n = list_foreach(btm_cb.sec_dev_rec, is_resolving_list_bit_set, NULL);
1002         if (n) {
1003             /* if enhanced privacy is required, set Identity address and matching IRK peer */
1004             tBTM_SEC_DEV_REC  *p_dev_rec = list_node(n);
1005             memcpy(p_peer_addr_ptr, p_dev_rec->ble.static_addr, BD_ADDR_LEN);
1006             *p_peer_addr_type = p_dev_rec->ble.static_addr_type;
1007 
1008             *p_own_addr_type = BLE_ADDR_RANDOM_ID;
1009         } else {
1010             /* resolving list is empty, not enabled */
1011             *p_own_addr_type = BLE_ADDR_RANDOM;
1012         }
1013     }
1014     /* privacy 1.1, or privacy 1.2, general discoverable/connectable mode, disable privacy in */
1015     /* controller fall back to host based privacy */
1016     else if (btm_cb.ble_ctr_cb.privacy_mode !=  BTM_PRIVACY_NONE)
1017     {
1018         *p_own_addr_type = BLE_ADDR_RANDOM;
1019     }
1020 #endif
1021 
1022     /* if no privacy,do not set any peer address,*/
1023     /* local address type go by global privacy setting */
1024     return evt_type;
1025 }
1026 
1027 /*******************************************************************************
1028 **
1029 ** Function         BTM_BleSetAdvParams
1030 **
1031 ** Description      This function is called to set advertising parameters.
1032 **
1033 ** Parameters       adv_int_min: minimum advertising interval
1034 **                  adv_int_max: maximum advertising interval
1035 **                  p_dir_bda: connectable direct initiator's LE device address
1036 **                  chnl_map: advertising channel map.
1037 **
1038 ** Returns          void
1039 **
1040 *******************************************************************************/
BTM_BleSetAdvParams(UINT16 adv_int_min,UINT16 adv_int_max,tBLE_BD_ADDR * p_dir_bda,tBTM_BLE_ADV_CHNL_MAP chnl_map)1041 tBTM_STATUS BTM_BleSetAdvParams(UINT16 adv_int_min, UINT16 adv_int_max,
1042                                 tBLE_BD_ADDR *p_dir_bda,
1043                                 tBTM_BLE_ADV_CHNL_MAP chnl_map)
1044 {
1045     tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1046     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1047     tBTM_STATUS status = BTM_SUCCESS;
1048     BD_ADDR     p_addr_ptr =  {0};
1049     tBLE_ADDR_TYPE   init_addr_type = BLE_ADDR_PUBLIC;
1050     tBLE_ADDR_TYPE   own_addr_type = p_addr_cb->own_addr_type;
1051     UINT8            adv_mode = p_cb->adv_mode;
1052 
1053     BTM_TRACE_EVENT ("BTM_BleSetAdvParams");
1054 
1055     if (!controller_get_interface()->supports_ble())
1056         return BTM_ILLEGAL_VALUE;
1057 
1058     if (!BTM_BLE_ISVALID_PARAM(adv_int_min, BTM_BLE_ADV_INT_MIN, BTM_BLE_ADV_INT_MAX) ||
1059         !BTM_BLE_ISVALID_PARAM(adv_int_max, BTM_BLE_ADV_INT_MIN, BTM_BLE_ADV_INT_MAX))
1060     {
1061         return BTM_ILLEGAL_VALUE;
1062     }
1063 
1064     p_cb->adv_interval_min = adv_int_min;
1065     p_cb->adv_interval_max = adv_int_max;
1066     p_cb->adv_chnl_map = chnl_map;
1067 
1068     if (p_dir_bda)
1069     {
1070         memcpy(&p_cb->direct_bda, p_dir_bda, sizeof(tBLE_BD_ADDR));
1071     }
1072 
1073     BTM_TRACE_EVENT ("update params for an active adv");
1074 
1075     btm_ble_stop_adv();
1076 
1077     p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
1078                                                      &own_addr_type);
1079 
1080     /* update adv params */
1081     btsnd_hcic_ble_write_adv_params (p_cb->adv_interval_min,
1082                                      p_cb->adv_interval_max,
1083                                      p_cb->evt_type,
1084                                      own_addr_type,
1085                                      init_addr_type,
1086                                      p_addr_ptr,
1087                                      p_cb->adv_chnl_map,
1088                                      p_cb->afp);
1089 
1090     if (adv_mode == BTM_BLE_ADV_ENABLE)
1091         btm_ble_start_adv();
1092 
1093     return status;
1094 }
1095 
1096 /*******************************************************************************
1097 **
1098 ** Function         BTM_BleReadAdvParams
1099 **
1100 ** Description      This function is called to set advertising parameters.
1101 **
1102 ** Parameters       adv_int_min: minimum advertising interval
1103 **                  adv_int_max: maximum advertising interval
1104 **                  p_dir_bda: connectable direct initiator's LE device address
1105 **                  chnl_map: advertising channel map.
1106 **
1107 ** Returns          void
1108 **
1109 *******************************************************************************/
BTM_BleReadAdvParams(UINT16 * adv_int_min,UINT16 * adv_int_max,tBLE_BD_ADDR * p_dir_bda,tBTM_BLE_ADV_CHNL_MAP * p_chnl_map)1110 void BTM_BleReadAdvParams (UINT16 *adv_int_min, UINT16 *adv_int_max,
1111                            tBLE_BD_ADDR *p_dir_bda, tBTM_BLE_ADV_CHNL_MAP *p_chnl_map)
1112 {
1113     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1114 
1115     BTM_TRACE_EVENT ("BTM_BleReadAdvParams ");
1116     if (!controller_get_interface()->supports_ble())
1117         return ;
1118 
1119     *adv_int_min = p_cb->adv_interval_min;
1120     *adv_int_max = p_cb->adv_interval_max;
1121     *p_chnl_map = p_cb->adv_chnl_map;
1122 
1123     if (p_dir_bda != NULL)
1124     {
1125         memcpy(p_dir_bda, &p_cb->direct_bda, sizeof(tBLE_BD_ADDR));
1126     }
1127 }
1128 
1129 /*******************************************************************************
1130 **
1131 ** Function         BTM_BleSetScanParams
1132 **
1133 ** Description      This function is called to set scan parameters.
1134 **
1135 ** Parameters       client_if - Client IF
1136 **                  scan_interval - Scan interval
1137 **                  scan_window - Scan window
1138 **                  scan_mode -    Scan mode
1139 **                  scan_setup_status_cback - Scan param setup status callback
1140 **
1141 ** Returns          void
1142 **
1143 *******************************************************************************/
BTM_BleSetScanParams(tGATT_IF client_if,UINT32 scan_interval,UINT32 scan_window,tBLE_SCAN_MODE scan_mode,tBLE_SCAN_PARAM_SETUP_CBACK scan_setup_status_cback)1144 void BTM_BleSetScanParams(tGATT_IF client_if, UINT32 scan_interval, UINT32 scan_window,
1145                           tBLE_SCAN_MODE scan_mode,
1146                           tBLE_SCAN_PARAM_SETUP_CBACK scan_setup_status_cback)
1147 {
1148     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1149     UINT32 max_scan_interval;
1150     UINT32 max_scan_window;
1151 
1152     BTM_TRACE_EVENT ("%s", __func__);
1153     if (!controller_get_interface()->supports_ble())
1154         return;
1155 
1156     /* If not supporting extended scan support, use the older range for checking */
1157     if (btm_cb.cmn_ble_vsc_cb.extended_scan_support == 0)
1158     {
1159         max_scan_interval = BTM_BLE_SCAN_INT_MAX;
1160         max_scan_window = BTM_BLE_SCAN_WIN_MAX;
1161     }
1162     else
1163     {
1164         /* If supporting extended scan support, use the new extended range for checking */
1165         max_scan_interval = BTM_BLE_EXT_SCAN_INT_MAX;
1166         max_scan_window = BTM_BLE_EXT_SCAN_WIN_MAX;
1167     }
1168 
1169     if (BTM_BLE_ISVALID_PARAM(scan_interval, BTM_BLE_SCAN_INT_MIN, max_scan_interval) &&
1170         BTM_BLE_ISVALID_PARAM(scan_window, BTM_BLE_SCAN_WIN_MIN, max_scan_window) &&
1171        (scan_mode == BTM_BLE_SCAN_MODE_ACTI || scan_mode == BTM_BLE_SCAN_MODE_PASS))
1172     {
1173         p_cb->scan_type = scan_mode;
1174         p_cb->scan_interval = scan_interval;
1175         p_cb->scan_window = scan_window;
1176 
1177         if (scan_setup_status_cback != NULL)
1178             scan_setup_status_cback(client_if, BTM_SUCCESS);
1179     }
1180     else
1181     {
1182         if (scan_setup_status_cback != NULL)
1183             scan_setup_status_cback(client_if, BTM_ILLEGAL_VALUE);
1184 
1185         BTM_TRACE_ERROR("Illegal params: scan_interval = %d scan_window = %d",
1186                         scan_interval, scan_window);
1187     }
1188 
1189 }
1190 
1191 /*******************************************************************************
1192 **
1193 ** Function         BTM_BleWriteScanRsp
1194 **
1195 ** Description      This function is called to write LE scan response.
1196 **
1197 ** Parameters:      p_scan_rsp: scan response information.
1198 **
1199 ** Returns          void
1200 **
1201 *******************************************************************************/
BTM_BleWriteScanRsp(tBTM_BLE_AD_MASK data_mask,tBTM_BLE_ADV_DATA * p_data)1202 tBTM_STATUS BTM_BleWriteScanRsp(tBTM_BLE_AD_MASK data_mask, tBTM_BLE_ADV_DATA *p_data)
1203 {
1204     tBTM_STATUS     status = BTM_NO_RESOURCES;
1205     UINT8   rsp_data[BTM_BLE_AD_DATA_LEN],
1206             *p = rsp_data;
1207 
1208     BTM_TRACE_EVENT ("%s: data_mask:%08x", __func__, data_mask);
1209     if (!controller_get_interface()->supports_ble())
1210         return BTM_ILLEGAL_VALUE;
1211 
1212     memset(rsp_data, 0, BTM_BLE_AD_DATA_LEN);
1213     btm_ble_build_adv_data(&data_mask, &p, p_data);
1214 
1215     if (btsnd_hcic_ble_set_scan_rsp_data((UINT8)(p - rsp_data), rsp_data))
1216     {
1217         status = BTM_SUCCESS;
1218 
1219         if (data_mask != 0)
1220             btm_cb.ble_ctr_cb.inq_var.scan_rsp = TRUE;
1221         else
1222             btm_cb.ble_ctr_cb.inq_var.scan_rsp = FALSE;
1223     }
1224     else
1225         status = BTM_ILLEGAL_VALUE;
1226 
1227     return status;
1228 }
1229 
1230 /*******************************************************************************
1231 **
1232 ** Function         BTM_BleWriteAdvData
1233 **
1234 ** Description      This function is called to write advertising data.
1235 **
1236 ** Parameters:       None.
1237 **
1238 ** Returns          void
1239 **
1240 *******************************************************************************/
BTM_BleWriteAdvData(tBTM_BLE_AD_MASK data_mask,tBTM_BLE_ADV_DATA * p_data)1241 tBTM_STATUS BTM_BleWriteAdvData(tBTM_BLE_AD_MASK data_mask, tBTM_BLE_ADV_DATA *p_data)
1242 {
1243     tBTM_BLE_LOCAL_ADV_DATA *p_cb_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1244     UINT8  *p;
1245     tBTM_BLE_AD_MASK   mask = data_mask;
1246 
1247     BTM_TRACE_EVENT ("BTM_BleWriteAdvData ");
1248 
1249     if (!controller_get_interface()->supports_ble())
1250         return BTM_ILLEGAL_VALUE;
1251 
1252     memset(p_cb_data, 0, sizeof(tBTM_BLE_LOCAL_ADV_DATA));
1253     p = p_cb_data->ad_data;
1254     p_cb_data->data_mask = data_mask;
1255 
1256     p_cb_data->p_flags = btm_ble_build_adv_data(&mask, &p, p_data);
1257 
1258     p_cb_data->p_pad = p;
1259 
1260     if (mask != 0)
1261     {
1262         BTM_TRACE_ERROR("Partial data write into ADV");
1263     }
1264 
1265     p_cb_data->data_mask &= ~mask;
1266 
1267     if (btsnd_hcic_ble_set_adv_data((UINT8)(p_cb_data->p_pad - p_cb_data->ad_data),
1268                                     p_cb_data->ad_data))
1269         return BTM_SUCCESS;
1270     else
1271         return BTM_NO_RESOURCES;
1272 
1273 }
1274 
1275 /*******************************************************************************
1276 **
1277 ** Function         BTM_CheckAdvData
1278 **
1279 ** Description      This function is called to get ADV data for a specific type.
1280 **
1281 ** Parameters       p_adv - pointer of ADV data
1282 **                  type   - finding ADV data type
1283 **                  p_length - return the length of ADV data not including type
1284 **
1285 ** Returns          pointer of ADV data
1286 **
1287 *******************************************************************************/
BTM_CheckAdvData(UINT8 * p_adv,UINT8 type,UINT8 * p_length)1288 UINT8 *BTM_CheckAdvData( UINT8 *p_adv, UINT8 type, UINT8 *p_length)
1289 {
1290     UINT8 *p = p_adv;
1291     UINT8 length;
1292     UINT8 adv_type;
1293     BTM_TRACE_API("%s: type=0x%02x", __func__, type);
1294 
1295     STREAM_TO_UINT8(length, p);
1296 
1297     while ( length && (p - p_adv <= BTM_BLE_CACHE_ADV_DATA_MAX))
1298     {
1299         STREAM_TO_UINT8(adv_type, p);
1300 
1301         if ( adv_type == type )
1302         {
1303             /* length doesn't include itself */
1304             *p_length = length - 1; /* minus the length of type */
1305             return p;
1306         }
1307         p += length - 1; /* skip the length of data */
1308         STREAM_TO_UINT8(length, p);
1309     }
1310 
1311     *p_length = 0;
1312     return NULL;
1313 }
1314 
1315 /*******************************************************************************
1316 **
1317 ** Function         BTM__BLEReadDiscoverability
1318 **
1319 ** Description      This function is called to read the current LE discoverability
1320 **                  mode of the device.
1321 **
1322 ** Returns          BTM_BLE_NON_DISCOVERABLE ,BTM_BLE_LIMITED_DISCOVERABLE or
1323 **                     BTM_BLE_GENRAL_DISCOVERABLE
1324 **
1325 *******************************************************************************/
BTM_BleReadDiscoverability()1326 UINT16 BTM_BleReadDiscoverability()
1327 {
1328     BTM_TRACE_API("%s", __FUNCTION__);
1329 
1330     return (btm_cb.ble_ctr_cb.inq_var.discoverable_mode);
1331 }
1332 
1333 /*******************************************************************************
1334 **
1335 ** Function         BTM__BLEReadConnectability
1336 **
1337 ** Description      This function is called to read the current LE connectibility
1338 **                  mode of the device.
1339 **
1340 ** Returns          BTM_BLE_NON_CONNECTABLE or BTM_BLE_CONNECTABLE
1341 **
1342 *******************************************************************************/
BTM_BleReadConnectability()1343 UINT16 BTM_BleReadConnectability()
1344 {
1345     BTM_TRACE_API ("%s", __FUNCTION__);
1346 
1347     return (btm_cb.ble_ctr_cb.inq_var.connectable_mode);
1348 }
1349 
1350 /*******************************************************************************
1351 **
1352 ** Function         btm_ble_build_adv_data
1353 **
1354 ** Description      This function is called build the adv data and rsp data.
1355 *******************************************************************************/
btm_ble_build_adv_data(tBTM_BLE_AD_MASK * p_data_mask,UINT8 ** p_dst,tBTM_BLE_ADV_DATA * p_data)1356 UINT8 *btm_ble_build_adv_data(tBTM_BLE_AD_MASK *p_data_mask, UINT8 **p_dst,
1357                               tBTM_BLE_ADV_DATA *p_data)
1358 {
1359     UINT32 data_mask = *p_data_mask;
1360     UINT8   *p = *p_dst,
1361     *p_flag = NULL;
1362     UINT16  len = BTM_BLE_AD_DATA_LEN, cp_len = 0;
1363     UINT8   i = 0;
1364     tBTM_BLE_PROP_ELEM      *p_elem;
1365 
1366     BTM_TRACE_EVENT (" btm_ble_build_adv_data");
1367 
1368     /* build the adv data structure and build the data string */
1369     if (data_mask)
1370     {
1371         /* flags */
1372         if (data_mask & BTM_BLE_AD_BIT_FLAGS)
1373         {
1374             *p++ = MIN_ADV_LENGTH;
1375             *p++ = BTM_BLE_AD_TYPE_FLAG;
1376             p_flag = p;
1377             if (p_data)
1378                 *p++ = p_data->flag;
1379             else
1380                 *p++ = 0;
1381 
1382             len -= 3;
1383 
1384             data_mask &= ~BTM_BLE_AD_BIT_FLAGS;
1385         }
1386         /* appearance data */
1387         if (len > 3 && data_mask & BTM_BLE_AD_BIT_APPEARANCE)
1388         {
1389             *p++ = 3; /* length */
1390             *p++ = BTM_BLE_AD_TYPE_APPEARANCE;
1391             UINT16_TO_STREAM(p, p_data->appearance);
1392             len -= 4;
1393 
1394             data_mask &= ~BTM_BLE_AD_BIT_APPEARANCE;
1395         }
1396         /* device name */
1397 #if BTM_MAX_LOC_BD_NAME_LEN > 0
1398         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_DEV_NAME)
1399         {
1400             if (strlen(btm_cb.cfg.bd_name) > (UINT16)(len - MIN_ADV_LENGTH))
1401             {
1402                 *p++ = len - MIN_ADV_LENGTH + 1;
1403                 *p++ = BTM_BLE_AD_TYPE_NAME_SHORT;
1404                 ARRAY_TO_STREAM(p, btm_cb.cfg.bd_name, len - MIN_ADV_LENGTH);
1405             }
1406             else
1407             {
1408                 cp_len = (UINT16)strlen(btm_cb.cfg.bd_name);
1409                 *p++ = cp_len + 1;
1410                 *p++ = BTM_BLE_AD_TYPE_NAME_CMPL;
1411                 ARRAY_TO_STREAM(p, btm_cb.cfg.bd_name, cp_len);
1412             }
1413             len -= (cp_len + MIN_ADV_LENGTH);
1414             data_mask &= ~BTM_BLE_AD_BIT_DEV_NAME;
1415         }
1416 #endif
1417         /* manufacturer data */
1418         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_MANU &&
1419             p_data && p_data->manu.len != 0)
1420         {
1421             if (p_data->manu.len > (len - MIN_ADV_LENGTH))
1422                 cp_len = len - MIN_ADV_LENGTH;
1423             else
1424                 cp_len = p_data->manu.len;
1425 
1426             *p++ = cp_len + 1;
1427             *p++ = BTM_BLE_AD_TYPE_MANU;
1428             ARRAY_TO_STREAM(p, p_data->manu.val, cp_len);
1429 
1430             len -= (cp_len + MIN_ADV_LENGTH);
1431             data_mask &= ~BTM_BLE_AD_BIT_MANU;
1432         }
1433         /* TX power */
1434         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_TX_PWR)
1435         {
1436             *p++ = MIN_ADV_LENGTH;
1437             *p++ = BTM_BLE_AD_TYPE_TX_PWR;
1438             if (p_data->tx_power > BTM_BLE_ADV_TX_POWER_MAX)
1439                 p_data->tx_power = BTM_BLE_ADV_TX_POWER_MAX;
1440             *p++ = btm_ble_map_adv_tx_power(p_data->tx_power);
1441             len -= 3;
1442             data_mask &= ~BTM_BLE_AD_BIT_TX_PWR;
1443         }
1444         /* 16 bits services */
1445         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE &&
1446             p_data && p_data->services.num_service != 0)
1447         {
1448             if (p_data->services.num_service * LEN_UUID_16 > (len - MIN_ADV_LENGTH))
1449             {
1450                 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_16;
1451                 *p ++ = 1 + cp_len * LEN_UUID_16;
1452                 *p++ = BTM_BLE_AD_TYPE_16SRV_PART;
1453             }
1454             else
1455             {
1456                 cp_len = p_data->services.num_service;
1457                 *p++ = 1 + cp_len * LEN_UUID_16;
1458                 *p++ = BTM_BLE_AD_TYPE_16SRV_CMPL;
1459             }
1460             for (i = 0; i < cp_len; i ++)
1461             {
1462                 UINT16_TO_STREAM(p, *(p_data->services.uuid + i));
1463             }
1464 
1465             len -= (cp_len * MIN_ADV_LENGTH + MIN_ADV_LENGTH);
1466             data_mask &= ~BTM_BLE_AD_BIT_SERVICE;
1467         }
1468         /* 32 bits service uuid */
1469         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_32 &&
1470             p_data && p_data->service_32b.num_service != 0)
1471         {
1472             if ((p_data->service_32b.num_service * LEN_UUID_32) > (len - MIN_ADV_LENGTH))
1473             {
1474                 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_32;
1475                 *p ++ = 1 + cp_len * LEN_UUID_32;
1476                 *p++ = BTM_BLE_AD_TYPE_32SRV_PART;
1477             }
1478             else
1479             {
1480                 cp_len = p_data->service_32b.num_service;
1481                 *p++ = 1 + cp_len * LEN_UUID_32;
1482                 *p++ = BTM_BLE_AD_TYPE_32SRV_CMPL;
1483             }
1484             for (i = 0; i < cp_len; i ++)
1485             {
1486                 UINT32_TO_STREAM(p, *(p_data->service_32b.uuid + i));
1487             }
1488 
1489             len -= (cp_len * LEN_UUID_32 + MIN_ADV_LENGTH);
1490             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_32;
1491         }
1492         /* 128 bits services */
1493         if (len >= (MAX_UUID_SIZE + 2) && data_mask & BTM_BLE_AD_BIT_SERVICE_128 &&
1494             p_data && p_data->services_128b.num_service)
1495         {
1496             *p ++ = 1 + MAX_UUID_SIZE;
1497             if (!p_data->services_128b.list_cmpl)
1498                 *p++ = BTM_BLE_AD_TYPE_128SRV_PART;
1499             else
1500                 *p++ = BTM_BLE_AD_TYPE_128SRV_CMPL;
1501 
1502             ARRAY_TO_STREAM(p, p_data->services_128b.uuid128, MAX_UUID_SIZE);
1503 
1504             len -= (MAX_UUID_SIZE + MIN_ADV_LENGTH);
1505             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_128;
1506         }
1507         /* 32 bits Service Solicitation UUIDs */
1508         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_32SOL &&
1509             p_data->sol_service_32b.num_service != 0)
1510         {
1511             if ((p_data->sol_service_32b.num_service * LEN_UUID_32) > (len - MIN_ADV_LENGTH))
1512             {
1513                 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_32;
1514                 *p ++ = 1 + cp_len * LEN_UUID_32;
1515             }
1516             else
1517             {
1518                 cp_len = p_data->sol_service_32b.num_service;
1519                 *p++ = 1 + cp_len * LEN_UUID_32;
1520             }
1521 
1522             *p++ = BTM_BLE_AD_TYPE_32SOL_SRV_UUID;
1523             for (i = 0; i < cp_len; i ++)
1524             {
1525                 UINT32_TO_STREAM(p, *(p_data->sol_service_32b.uuid + i));
1526             }
1527 
1528             len -= (cp_len * LEN_UUID_32 + MIN_ADV_LENGTH);
1529             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_32SOL;
1530         }
1531         /* 128 bits Solicitation services UUID */
1532         if (len >= (MAX_UUID_SIZE + MIN_ADV_LENGTH) && data_mask & BTM_BLE_AD_BIT_SERVICE_128SOL &&
1533             p_data && p_data->sol_service_128b.num_service)
1534         {
1535             *p ++ = 1 + MAX_UUID_SIZE;
1536             *p++ = BTM_BLE_AD_TYPE_128SOL_SRV_UUID;
1537             ARRAY_TO_STREAM(p, p_data->sol_service_128b.uuid128, MAX_UUID_SIZE);
1538             len -= (MAX_UUID_SIZE + MIN_ADV_LENGTH);
1539             data_mask &= ~BTM_BLE_AD_BIT_SERVICE_128SOL;
1540         }
1541         /* 16bits/32bits/128bits Service Data */
1542         if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_DATA &&
1543             p_data && p_data->service_data.len != 0)
1544         {
1545             if (len  > (p_data->service_data.service_uuid.len + MIN_ADV_LENGTH))
1546             {
1547                 if (p_data->service_data.len > (len - MIN_ADV_LENGTH))
1548                     cp_len = len - MIN_ADV_LENGTH- p_data->service_data.service_uuid.len;
1549                 else
1550                     cp_len = p_data->service_data.len;
1551 
1552                 *p++ = cp_len + 1 + p_data->service_data.service_uuid.len;
1553                 if (p_data->service_data.service_uuid.len == LEN_UUID_16)
1554                 {
1555                     *p++ = BTM_BLE_AD_TYPE_SERVICE_DATA;
1556                     UINT16_TO_STREAM(p, p_data->service_data.service_uuid.uu.uuid16);
1557                 }
1558                 else if (p_data->service_data.service_uuid.len == LEN_UUID_32)
1559                 {
1560                     *p++ = BTM_BLE_AD_TYPE_32SERVICE_DATA;
1561                     UINT32_TO_STREAM(p, p_data->service_data.service_uuid.uu.uuid32);
1562                 }
1563                 else
1564                 {
1565                     *p++ = BTM_BLE_AD_TYPE_128SERVICE_DATA;
1566                     ARRAY_TO_STREAM(p, p_data->service_data.service_uuid.uu.uuid128,
1567                                     LEN_UUID_128);
1568                 }
1569 
1570                 ARRAY_TO_STREAM(p, p_data->service_data.val, cp_len);
1571 
1572                 len -= (cp_len + MIN_ADV_LENGTH + p_data->service_data.service_uuid.len);
1573                 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_DATA;
1574             }
1575             else
1576             {
1577                 BTM_TRACE_WARNING("service data does not fit");
1578             }
1579         }
1580 
1581         if (len >= 6 && data_mask & BTM_BLE_AD_BIT_INT_RANGE &&
1582             p_data)
1583         {
1584             *p++ = 5;
1585             *p++ = BTM_BLE_AD_TYPE_INT_RANGE;
1586             UINT16_TO_STREAM(p, p_data->int_range.low);
1587             UINT16_TO_STREAM(p, p_data->int_range.hi);
1588             len -= 6;
1589             data_mask &= ~BTM_BLE_AD_BIT_INT_RANGE;
1590         }
1591         if (data_mask & BTM_BLE_AD_BIT_PROPRIETARY && p_data)
1592         {
1593             for (i = 0; i < p_data->proprietary.num_elem; ++i)
1594             {
1595                 p_elem = &p_data->proprietary.elem[i];
1596 
1597                 if (len >= (MIN_ADV_LENGTH + p_elem->len))/* len byte(1) + ATTR type(1) + Uuid len(2)
1598                                                           + value length */
1599                 {
1600                     *p ++ = p_elem->len + 1; /* Uuid len + value length */
1601                     *p ++ = p_elem->adv_type;
1602                     ARRAY_TO_STREAM(p, p_elem->val, p_elem->len);
1603 
1604                     len -= (MIN_ADV_LENGTH + p_elem->len);
1605                 }
1606                 else
1607                 {
1608                     BTM_TRACE_WARNING("data exceed max adv packet length");
1609                     break;
1610                 }
1611             }
1612             data_mask &= ~BTM_BLE_AD_BIT_PROPRIETARY;
1613         }
1614     }
1615 
1616     *p_data_mask = data_mask;
1617     *p_dst = p;
1618 
1619     return p_flag;
1620 }
1621 /*******************************************************************************
1622 **
1623 ** Function         btm_ble_select_adv_interval
1624 **
1625 ** Description      select adv interval based on device mode
1626 **
1627 ** Returns          void
1628 **
1629 *******************************************************************************/
btm_ble_select_adv_interval(tBTM_BLE_INQ_CB * p_cb,UINT8 evt_type,UINT16 * p_adv_int_min,UINT16 * p_adv_int_max)1630 void btm_ble_select_adv_interval(tBTM_BLE_INQ_CB *p_cb, UINT8 evt_type, UINT16 *p_adv_int_min, UINT16 *p_adv_int_max)
1631 {
1632     if (p_cb->adv_interval_min && p_cb->adv_interval_max)
1633     {
1634         *p_adv_int_min = p_cb->adv_interval_min;
1635         *p_adv_int_max = p_cb->adv_interval_max;
1636     }
1637     else
1638     {
1639         switch (evt_type)
1640         {
1641         case BTM_BLE_CONNECT_EVT:
1642         case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
1643             *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_1;
1644             break;
1645 
1646         case BTM_BLE_NON_CONNECT_EVT:
1647         case BTM_BLE_DISCOVER_EVT:
1648             *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_2;
1649             break;
1650 
1651         /* connectable directed event */
1652         case BTM_BLE_CONNECT_DIR_EVT:
1653             *p_adv_int_min = BTM_BLE_GAP_ADV_DIR_MIN_INT;
1654             *p_adv_int_max = BTM_BLE_GAP_ADV_DIR_MAX_INT;
1655             break;
1656 
1657         default:
1658             *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_SLOW_INT;
1659             break;
1660         }
1661     }
1662     return;
1663 }
1664 
1665 /*******************************************************************************
1666 **
1667 ** Function         btm_ble_update_dmt_flag_bits
1668 **
1669 ** Description      Obtain updated adv flag value based on connect and discoverability mode.
1670 **                  Also, setup DMT support value in the flag based on whether the controller
1671 **                  supports both LE and BR/EDR.
1672 **
1673 ** Parameters:      flag_value (Input / Output) - flag value
1674 **                  connect_mode (Input) - Connect mode value
1675 **                  disc_mode (Input) - discoverability mode
1676 **
1677 ** Returns          void
1678 **
1679 *******************************************************************************/
btm_ble_update_dmt_flag_bits(UINT8 * adv_flag_value,const UINT16 connect_mode,const UINT16 disc_mode)1680 void btm_ble_update_dmt_flag_bits(UINT8 *adv_flag_value, const UINT16 connect_mode,
1681                                    const UINT16 disc_mode)
1682 {
1683     /* BR/EDR non-discoverable , non-connectable */
1684     if ((disc_mode & BTM_DISCOVERABLE_MASK) == 0 &&
1685         (connect_mode & BTM_CONNECTABLE_MASK) == 0)
1686         *adv_flag_value |= BTM_BLE_BREDR_NOT_SPT;
1687     else
1688         *adv_flag_value &= ~BTM_BLE_BREDR_NOT_SPT;
1689 
1690     /* if local controller support, mark both controller and host support in flag */
1691     if (controller_get_interface()->supports_simultaneous_le_bredr())
1692         *adv_flag_value |= (BTM_BLE_DMT_CONTROLLER_SPT|BTM_BLE_DMT_HOST_SPT);
1693     else
1694         *adv_flag_value &= ~(BTM_BLE_DMT_CONTROLLER_SPT|BTM_BLE_DMT_HOST_SPT);
1695 }
1696 
1697 /*******************************************************************************
1698 **
1699 ** Function         btm_ble_set_adv_flag
1700 **
1701 ** Description      Set adv flag in adv data.
1702 **
1703 ** Parameters:      connect_mode (Input)- Connect mode value
1704 **                  disc_mode (Input) - discoverability mode
1705 **
1706 ** Returns          void
1707 **
1708 *******************************************************************************/
btm_ble_set_adv_flag(UINT16 connect_mode,UINT16 disc_mode)1709 void btm_ble_set_adv_flag(UINT16 connect_mode, UINT16 disc_mode)
1710 {
1711     UINT8 flag = 0, old_flag = 0;
1712     tBTM_BLE_LOCAL_ADV_DATA *p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1713 
1714     if (p_adv_data->p_flags != NULL)
1715         flag = old_flag = *(p_adv_data->p_flags);
1716 
1717     btm_ble_update_dmt_flag_bits (&flag, connect_mode, disc_mode);
1718 
1719     LOG_DEBUG(LOG_TAG, "disc_mode %04x", disc_mode);
1720     /* update discoverable flag */
1721     if (disc_mode & BTM_BLE_LIMITED_DISCOVERABLE)
1722     {
1723         flag &= ~BTM_BLE_GEN_DISC_FLAG;
1724         flag |= BTM_BLE_LIMIT_DISC_FLAG;
1725     }
1726     else if (disc_mode & BTM_BLE_GENERAL_DISCOVERABLE)
1727     {
1728         flag |= BTM_BLE_GEN_DISC_FLAG;
1729         flag &= ~BTM_BLE_LIMIT_DISC_FLAG;
1730     }
1731     else /* remove all discoverable flags */
1732     {
1733         flag &= ~(BTM_BLE_LIMIT_DISC_FLAG|BTM_BLE_GEN_DISC_FLAG);
1734     }
1735 
1736     if (flag != old_flag)
1737     {
1738         btm_ble_update_adv_flag(flag);
1739     }
1740 }
1741 /*******************************************************************************
1742 **
1743 ** Function         btm_ble_set_discoverability
1744 **
1745 ** Description      This function is called to set BLE discoverable mode.
1746 **
1747 ** Parameters:      combined_mode: discoverability mode.
1748 **
1749 ** Returns          BTM_SUCCESS is status set successfully; otherwise failure.
1750 **
1751 *******************************************************************************/
btm_ble_set_discoverability(UINT16 combined_mode)1752 tBTM_STATUS btm_ble_set_discoverability(UINT16 combined_mode)
1753 {
1754     tBTM_LE_RANDOM_CB   *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1755     tBTM_BLE_INQ_CB     *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1756     UINT16              mode = (combined_mode &  BTM_BLE_DISCOVERABLE_MASK);
1757     UINT8               new_mode = BTM_BLE_ADV_ENABLE;
1758     UINT8               evt_type;
1759     tBTM_STATUS         status = BTM_SUCCESS;
1760     BD_ADDR             p_addr_ptr= {0};
1761     tBLE_ADDR_TYPE      init_addr_type = BLE_ADDR_PUBLIC,
1762                         own_addr_type = p_addr_cb->own_addr_type;
1763     UINT16              adv_int_min, adv_int_max;
1764 
1765     BTM_TRACE_EVENT ("%s mode=0x%0x combined_mode=0x%x", __FUNCTION__, mode, combined_mode);
1766 
1767     /*** Check mode parameter ***/
1768     if (mode > BTM_BLE_MAX_DISCOVERABLE)
1769         return(BTM_ILLEGAL_VALUE);
1770 
1771     p_cb->discoverable_mode = mode;
1772 
1773     evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type, &own_addr_type);
1774 
1775     if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE && mode == BTM_BLE_NON_DISCOVERABLE)
1776         new_mode = BTM_BLE_ADV_DISABLE;
1777 
1778     btm_ble_select_adv_interval(p_cb, evt_type, &adv_int_min, &adv_int_max);
1779 
1780     alarm_cancel(p_cb->fast_adv_timer);
1781 
1782     /* update adv params if start advertising */
1783     BTM_TRACE_EVENT ("evt_type=0x%x p-cb->evt_type=0x%x ", evt_type, p_cb->evt_type);
1784 
1785     if (new_mode == BTM_BLE_ADV_ENABLE)
1786     {
1787         btm_ble_set_adv_flag (btm_cb.btm_inq_vars.connectable_mode, combined_mode);
1788 
1789         if (evt_type != p_cb->evt_type ||p_cb->adv_addr_type != own_addr_type
1790             || !p_cb->fast_adv_on)
1791         {
1792             btm_ble_stop_adv();
1793 
1794             /* update adv params */
1795             if (!btsnd_hcic_ble_write_adv_params (adv_int_min,
1796                                                   adv_int_max,
1797                                                   evt_type,
1798                                                   own_addr_type,
1799                                                   init_addr_type,
1800                                                   p_addr_ptr,
1801                                                   p_cb->adv_chnl_map,
1802                                                   p_cb->afp))
1803             {
1804                 status = BTM_NO_RESOURCES;
1805             }
1806             else
1807             {
1808                 p_cb->evt_type = evt_type;
1809                 p_cb->adv_addr_type = own_addr_type;
1810             }
1811         }
1812     }
1813 
1814     if (status == BTM_SUCCESS && p_cb->adv_mode != new_mode)
1815     {
1816         if (new_mode == BTM_BLE_ADV_ENABLE)
1817             status = btm_ble_start_adv();
1818         else
1819             status = btm_ble_stop_adv();
1820     }
1821 
1822     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
1823     {
1824         p_cb->fast_adv_on = TRUE;
1825         /* start initial GAP mode adv timer */
1826         alarm_set_on_queue(p_cb->fast_adv_timer,
1827                            BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1828                            btm_ble_fast_adv_timer_timeout, NULL,
1829                            btu_general_alarm_queue);
1830     }
1831     else
1832     {
1833 #if BLE_PRIVACY_SPT == TRUE
1834         btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
1835 #endif
1836     }
1837 
1838     /* set up stop advertising timer */
1839     if (status == BTM_SUCCESS && mode == BTM_BLE_LIMITED_DISCOVERABLE)
1840     {
1841         BTM_TRACE_EVENT("start timer for limited disc mode duration=%d ms",
1842                         BTM_BLE_GAP_LIM_TIMEOUT_MS);
1843         /* start Tgap(lim_timeout) */
1844         alarm_set_on_queue(p_cb->inquiry_timer, BTM_BLE_GAP_LIM_TIMEOUT_MS,
1845                            btm_ble_inquiry_timer_gap_limited_discovery_timeout,
1846                            NULL, btu_general_alarm_queue);
1847     }
1848     return status;
1849 }
1850 
1851 /*******************************************************************************
1852 **
1853 ** Function         btm_ble_set_connectability
1854 **
1855 ** Description      This function is called to set BLE connectability mode.
1856 **
1857 ** Parameters:      combined_mode: connectability mode.
1858 **
1859 ** Returns          BTM_SUCCESS is status set successfully; otherwise failure.
1860 **
1861 *******************************************************************************/
btm_ble_set_connectability(UINT16 combined_mode)1862 tBTM_STATUS btm_ble_set_connectability(UINT16 combined_mode)
1863 {
1864     tBTM_LE_RANDOM_CB       *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1865     tBTM_BLE_INQ_CB         *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1866     UINT16                  mode = (combined_mode & BTM_BLE_CONNECTABLE_MASK);
1867     UINT8                   new_mode = BTM_BLE_ADV_ENABLE;
1868     UINT8                   evt_type;
1869     tBTM_STATUS             status = BTM_SUCCESS;
1870     BD_ADDR                 p_addr_ptr =  {0};
1871     tBLE_ADDR_TYPE          peer_addr_type = BLE_ADDR_PUBLIC,
1872                             own_addr_type = p_addr_cb->own_addr_type;
1873     UINT16                  adv_int_min, adv_int_max;
1874 
1875     BTM_TRACE_EVENT ("%s mode=0x%0x combined_mode=0x%x", __FUNCTION__, mode, combined_mode);
1876 
1877     /*** Check mode parameter ***/
1878     if (mode > BTM_BLE_MAX_CONNECTABLE)
1879         return(BTM_ILLEGAL_VALUE);
1880 
1881     p_cb->connectable_mode = mode;
1882 
1883     evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &peer_addr_type, &own_addr_type);
1884 
1885     if (mode == BTM_BLE_NON_CONNECTABLE && p_cb->discoverable_mode == BTM_BLE_NON_DISCOVERABLE)
1886         new_mode = BTM_BLE_ADV_DISABLE;
1887 
1888     btm_ble_select_adv_interval(p_cb, evt_type, &adv_int_min, &adv_int_max);
1889 
1890     alarm_cancel(p_cb->fast_adv_timer);
1891     /* update adv params if needed */
1892     if (new_mode == BTM_BLE_ADV_ENABLE)
1893     {
1894         btm_ble_set_adv_flag (combined_mode, btm_cb.btm_inq_vars.discoverable_mode);
1895         if (p_cb->evt_type != evt_type || p_cb->adv_addr_type != p_addr_cb->own_addr_type
1896             || !p_cb->fast_adv_on)
1897         {
1898             btm_ble_stop_adv();
1899 
1900             if (!btsnd_hcic_ble_write_adv_params (adv_int_min,
1901                                                   adv_int_max,
1902                                                   evt_type,
1903                                                   own_addr_type,
1904                                                   peer_addr_type,
1905                                                   p_addr_ptr,
1906                                                   p_cb->adv_chnl_map,
1907                                                   p_cb->afp))
1908             {
1909                 status = BTM_NO_RESOURCES;
1910             }
1911             else
1912             {
1913                 p_cb->evt_type = evt_type;
1914                 p_cb->adv_addr_type = own_addr_type;
1915             }
1916         }
1917     }
1918 
1919     /* update advertising mode */
1920     if (status == BTM_SUCCESS && new_mode != p_cb->adv_mode)
1921     {
1922         if (new_mode == BTM_BLE_ADV_ENABLE)
1923             status = btm_ble_start_adv();
1924         else
1925             status = btm_ble_stop_adv();
1926     }
1927 
1928     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
1929     {
1930         p_cb->fast_adv_on = TRUE;
1931         /* start initial GAP mode adv timer */
1932         alarm_set_on_queue(p_cb->fast_adv_timer,
1933                            BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1934                            btm_ble_fast_adv_timer_timeout, NULL,
1935                            btu_general_alarm_queue);
1936     }
1937     else
1938     {
1939 #if BLE_PRIVACY_SPT == TRUE
1940         btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
1941 #endif
1942     }
1943     return status;
1944 }
1945 
1946 /*******************************************************************************
1947 **
1948 ** Function         btm_ble_start_inquiry
1949 **
1950 ** Description      This function is called to start BLE inquiry procedure.
1951 **                  If the duration is zero, the periodic inquiry mode is cancelled.
1952 **
1953 ** Parameters:      mode - GENERAL or LIMITED inquiry
1954 **                  p_inq_params - pointer to the BLE inquiry parameter.
1955 **                  p_results_cb - callback returning pointer to results (tBTM_INQ_RESULTS)
1956 **                  p_cmpl_cb - callback indicating the end of an inquiry
1957 **
1958 **
1959 **
1960 ** Returns          BTM_CMD_STARTED if successfully started
1961 **                  BTM_NO_RESOURCES if could not allocate a message buffer
1962 **                  BTM_BUSY - if an inquiry is already active
1963 **
1964 *******************************************************************************/
btm_ble_start_inquiry(UINT8 mode,UINT8 duration)1965 tBTM_STATUS btm_ble_start_inquiry (UINT8 mode, UINT8   duration)
1966 {
1967     tBTM_STATUS status = BTM_CMD_STARTED;
1968     tBTM_BLE_CB *p_ble_cb = &btm_cb.ble_ctr_cb;
1969     tBTM_INQUIRY_VAR_ST      *p_inq = &btm_cb.btm_inq_vars;
1970 
1971     BTM_TRACE_DEBUG("btm_ble_start_inquiry: mode = %02x inq_active = 0x%02x", mode, btm_cb.btm_inq_vars.inq_active);
1972 
1973     /* if selective connection is active, or inquiry is already active, reject it */
1974     if (BTM_BLE_IS_INQ_ACTIVE(p_ble_cb->scan_activity) ||
1975         BTM_BLE_IS_SEL_CONN_ACTIVE (p_ble_cb->scan_activity))
1976     {
1977         BTM_TRACE_ERROR("LE Inquiry is active, can not start inquiry");
1978         return(BTM_BUSY);
1979     }
1980 
1981     if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
1982     {
1983         btsnd_hcic_ble_set_scan_params(BTM_BLE_SCAN_MODE_ACTI,
1984                                         BTM_BLE_LOW_LATENCY_SCAN_INT,
1985                                         BTM_BLE_LOW_LATENCY_SCAN_WIN,
1986                                         btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
1987                                         SP_ADV_ALL);
1988 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
1989         /* enable IRK list */
1990         btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
1991 #endif
1992         p_ble_cb->inq_var.scan_duplicate_filter  = BTM_BLE_DUPLICATE_DISABLE;
1993         status = btm_ble_start_scan();
1994     }
1995     else if ((p_ble_cb->inq_var.scan_interval != BTM_BLE_LOW_LATENCY_SCAN_INT) ||
1996             (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
1997         BTM_TRACE_DEBUG("%s, restart LE scan with low latency scan params", __FUNCTION__);
1998         btsnd_hcic_ble_set_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
1999         btsnd_hcic_ble_set_scan_params(BTM_BLE_SCAN_MODE_ACTI,
2000                                         BTM_BLE_LOW_LATENCY_SCAN_INT,
2001                                         BTM_BLE_LOW_LATENCY_SCAN_WIN,
2002                                         btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
2003                                         SP_ADV_ALL);
2004         btsnd_hcic_ble_set_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
2005     }
2006 
2007     if (status == BTM_CMD_STARTED)
2008     {
2009         p_inq->inq_active |= mode;
2010         p_ble_cb->scan_activity |= mode;
2011 
2012         BTM_TRACE_DEBUG("btm_ble_start_inquiry inq_active = 0x%02x", p_inq->inq_active);
2013 
2014         if (duration != 0) {
2015             /* start inquiry timer */
2016             period_ms_t duration_ms = duration * 1000;
2017             alarm_set_on_queue(p_ble_cb->inq_var.inquiry_timer,
2018                                duration_ms, btm_ble_inquiry_timer_timeout,
2019                                NULL, btu_general_alarm_queue);
2020         }
2021     }
2022 
2023     return status;
2024 
2025 }
2026 
2027 /*******************************************************************************
2028 **
2029 ** Function         btm_ble_read_remote_name_cmpl
2030 **
2031 ** Description      This function is called when BLE remote name is received.
2032 **
2033 ** Returns          void
2034 **
2035 *******************************************************************************/
btm_ble_read_remote_name_cmpl(BOOLEAN status,BD_ADDR bda,UINT16 length,char * p_name)2036 void btm_ble_read_remote_name_cmpl(BOOLEAN status, BD_ADDR bda, UINT16 length, char *p_name)
2037 {
2038     UINT8   hci_status = HCI_SUCCESS;
2039     BD_NAME bd_name;
2040 
2041     memset(bd_name, 0, (BD_NAME_LEN + 1));
2042     if (length > BD_NAME_LEN)
2043     {
2044         length = BD_NAME_LEN;
2045     }
2046     memcpy((UINT8*)bd_name, p_name, length);
2047 
2048     if ((!status) || (length==0))
2049     {
2050         hci_status = HCI_ERR_HOST_TIMEOUT;
2051     }
2052 
2053     btm_process_remote_name(bda, bd_name, length +1, hci_status);
2054     btm_sec_rmt_name_request_complete (bda, (UINT8 *)p_name, hci_status);
2055 }
2056 
2057 /*******************************************************************************
2058 **
2059 ** Function         btm_ble_read_remote_name
2060 **
2061 ** Description      This function read remote LE device name using GATT read
2062 **                  procedure.
2063 **
2064 ** Parameters:       None.
2065 **
2066 ** Returns          void
2067 **
2068 *******************************************************************************/
btm_ble_read_remote_name(BD_ADDR remote_bda,tBTM_INQ_INFO * p_cur,tBTM_CMPL_CB * p_cb)2069 tBTM_STATUS btm_ble_read_remote_name(BD_ADDR remote_bda, tBTM_INQ_INFO *p_cur, tBTM_CMPL_CB *p_cb)
2070 {
2071     tBTM_INQUIRY_VAR_ST      *p_inq = &btm_cb.btm_inq_vars;
2072 
2073     if (!controller_get_interface()->supports_ble())
2074         return BTM_ERR_PROCESSING;
2075 
2076     if (p_cur &&
2077         p_cur->results.ble_evt_type != BTM_BLE_EVT_CONN_ADV &&
2078         p_cur->results.ble_evt_type != BTM_BLE_EVT_CONN_DIR_ADV)
2079     {
2080         BTM_TRACE_DEBUG("name request to non-connectable device failed.");
2081         return BTM_ERR_PROCESSING;
2082     }
2083 
2084     /* read remote device name using GATT procedure */
2085     if (p_inq->remname_active)
2086         return BTM_BUSY;
2087 
2088     if (!GAP_BleReadPeerDevName(remote_bda, btm_ble_read_remote_name_cmpl))
2089         return BTM_BUSY;
2090 
2091     p_inq->p_remname_cmpl_cb = p_cb;
2092     p_inq->remname_active = TRUE;
2093 
2094     memcpy(p_inq->remname_bda, remote_bda, BD_ADDR_LEN);
2095 
2096     alarm_set_on_queue(p_inq->remote_name_timer,
2097                        BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS,
2098                        btm_inq_remote_name_timer_timeout, NULL,
2099                        btu_general_alarm_queue);
2100 
2101     return BTM_CMD_STARTED;
2102 }
2103 
2104 /*******************************************************************************
2105 **
2106 ** Function         btm_ble_cancel_remote_name
2107 **
2108 ** Description      This function cancel read remote LE device name.
2109 **
2110 ** Parameters:       None.
2111 **
2112 ** Returns          void
2113 **
2114 *******************************************************************************/
btm_ble_cancel_remote_name(BD_ADDR remote_bda)2115 BOOLEAN btm_ble_cancel_remote_name(BD_ADDR remote_bda)
2116 {
2117     tBTM_INQUIRY_VAR_ST      *p_inq = &btm_cb.btm_inq_vars;
2118     BOOLEAN     status;
2119 
2120     status = GAP_BleCancelReadPeerDevName(remote_bda);
2121 
2122     p_inq->remname_active = FALSE;
2123     memset(p_inq->remname_bda, 0, BD_ADDR_LEN);
2124     alarm_cancel(p_inq->remote_name_timer);
2125 
2126     return status;
2127 }
2128 
2129 /*******************************************************************************
2130 **
2131 ** Function         btm_ble_update_adv_flag
2132 **
2133 ** Description      This function update the limited discoverable flag in the adv
2134 **                  data.
2135 **
2136 ** Parameters:       None.
2137 **
2138 ** Returns          void
2139 **
2140 *******************************************************************************/
btm_ble_update_adv_flag(UINT8 flag)2141 static void btm_ble_update_adv_flag(UINT8 flag)
2142 {
2143     tBTM_BLE_LOCAL_ADV_DATA *p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
2144     UINT8   *p;
2145 
2146     BTM_TRACE_DEBUG ("btm_ble_update_adv_flag new=0x%x", flag);
2147 
2148     if (p_adv_data->p_flags != NULL)
2149     {
2150         BTM_TRACE_DEBUG ("btm_ble_update_adv_flag old=0x%x",   *p_adv_data->p_flags);
2151         *p_adv_data->p_flags = flag;
2152     }
2153     else /* no FLAGS in ADV data*/
2154     {
2155         p = (p_adv_data->p_pad == NULL) ? p_adv_data->ad_data : p_adv_data->p_pad;
2156         /* need 3 bytes space to stuff in the flags, if not */
2157         /* erase all written data, just for flags */
2158         if ((BTM_BLE_AD_DATA_LEN - (p - p_adv_data->ad_data)) < 3)
2159         {
2160             p = p_adv_data->p_pad = p_adv_data->ad_data;
2161             memset(p_adv_data->ad_data, 0, BTM_BLE_AD_DATA_LEN);
2162         }
2163 
2164         *p++ = 2;
2165         *p++ = BTM_BLE_AD_TYPE_FLAG;
2166         p_adv_data->p_flags = p;
2167         *p++ = flag;
2168         p_adv_data->p_pad = p;
2169     }
2170 
2171     if (btsnd_hcic_ble_set_adv_data((UINT8)(p_adv_data->p_pad - p_adv_data->ad_data),
2172                                     p_adv_data->ad_data))
2173         p_adv_data->data_mask |= BTM_BLE_AD_BIT_FLAGS;
2174 
2175 }
2176 
2177 #if 0
2178 /*******************************************************************************
2179 **
2180 ** Function         btm_ble_parse_adv_data
2181 **
2182 ** Description      This function parse the adv data into a structure.
2183 **
2184 ** Returns          pointer to entry, or NULL if not found
2185 **
2186 *******************************************************************************/
2187 static void btm_ble_parse_adv_data(tBTM_INQ_INFO *p_info, UINT8 *p_data,
2188                                    UINT8 len, tBTM_BLE_INQ_DATA *p_adv_data, UINT8 *p_buf)
2189 {
2190     UINT8   *p_cur = p_data;
2191     UINT8   ad_len, ad_type, ad_flag;
2192 
2193     BTM_TRACE_EVENT (" btm_ble_parse_adv_data");
2194 
2195     while (len > 0)
2196     {
2197         BTM_TRACE_DEBUG("btm_ble_parse_adv_data: len = %d", len);
2198         if ((ad_len = *p_cur ++) == 0)
2199             break;
2200 
2201         ad_type = *p_cur ++;
2202 
2203         BTM_TRACE_DEBUG("     ad_type = %02x ad_len = %d", ad_type, ad_len);
2204 
2205         switch (ad_type)
2206         {
2207             case BTM_BLE_AD_TYPE_NAME_SHORT:
2208 
2209             case BTM_BLE_AD_TYPE_NAME_CMPL:
2210                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_DEV_NAME;
2211                 if (p_info)
2212                 {
2213                     p_info->remote_name_type =(ad_type == BTM_BLE_AD_TYPE_NAME_SHORT) ?
2214                                               BTM_BLE_NAME_SHORT: BTM_BLE_NAME_CMPL;
2215                     memcpy(p_info->remote_name, p_cur, ad_len -1);
2216                     p_info->remote_name[ad_len] = 0;
2217                     p_adv_data->p_remote_name = p_info->remote_name;
2218                     p_info->remote_name_len = p_adv_data->remote_name_len = ad_len - 1;
2219                     BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_NAME name = %s",p_adv_data->p_remote_name);
2220                 }
2221                 p_cur += (ad_len -1);
2222 
2223                 break;
2224 
2225             case BTM_BLE_AD_TYPE_FLAG:
2226                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_FLAGS;
2227                 ad_flag = *p_cur ++;
2228                 p_adv_data->flag = (UINT8)(ad_flag & BTM_BLE_ADV_FLAG_MASK) ;
2229                 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_FLAG flag = %s | %s | %s",
2230                                  (p_adv_data->flag & BTM_BLE_LIMIT_DISC_FLAG)? "LE_LIMIT_DISC" : "",
2231                                  (p_adv_data->flag & BTM_BLE_GEN_DISC_FLAG)? "LE_GENERAL_DISC" : "",
2232                                  (p_adv_data->flag & BTM_BLE_BREDR_NOT_SPT)? "LE Only device" : "");
2233                 break;
2234 
2235             case BTM_BLE_AD_TYPE_TX_PWR:
2236                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_TX_PWR;
2237                 p_adv_data->tx_power_level = (INT8)*p_cur ++;
2238                 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_TX_PWR tx_level = %d", p_adv_data->tx_power_level);
2239                 break;
2240 
2241             case BTM_BLE_AD_TYPE_MANU:
2242 
2243             case BTM_BLE_AD_TYPE_16SRV_PART:
2244             case BTM_BLE_AD_TYPE_16SRV_CMPL:
2245                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE;
2246                 /* need allocate memory to store UUID list */
2247                 p_adv_data->service.num_service = (ad_len - 1)/2;
2248                 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2249                 p_cur += (ad_len - 1);
2250                 break;
2251 
2252             case BTM_BLE_AD_TYPE_SOL_SRV_UUID:
2253                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE_SOL;
2254                 /* need allocate memory to store UUID list */
2255                 p_adv_data->service.num_service = (ad_len - 1)/2;
2256                 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2257                 p_cur += (ad_len - 1);
2258                 break;
2259 
2260             case BTM_BLE_AD_TYPE_128SOL_SRV_UUID:
2261                 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE_128SOL;
2262                 /* need allocate memory to store UUID list */
2263                 p_adv_data->service.num_service = (ad_len - 1)/16;
2264                 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2265                 p_cur += (ad_len - 1);
2266                 break;
2267 
2268             case BTM_BLE_AD_TYPE_APPEARANCE:
2269             case BTM_BLE_AD_TYPE_PUBLIC_TARGET:
2270             case BTM_BLE_AD_TYPE_RANDOM_TARGET:
2271             default:
2272                 break;
2273         }
2274         len -= (ad_len + 1);
2275     }
2276 }
2277 #endif
2278 
2279 /*******************************************************************************
2280 **
2281 ** Function         btm_ble_cache_adv_data
2282 **
2283 ** Description      Update advertising cache data.
2284 **
2285 ** Returns          void
2286 **
2287 *******************************************************************************/
btm_ble_cache_adv_data(tBTM_INQ_RESULTS * p_cur,UINT8 data_len,UINT8 * p,UINT8 evt_type)2288 void btm_ble_cache_adv_data(tBTM_INQ_RESULTS *p_cur, UINT8 data_len, UINT8 *p, UINT8 evt_type)
2289 {
2290     tBTM_BLE_INQ_CB     *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2291     UINT8 *p_cache;
2292     UINT8 length;
2293     UNUSED(p_cur);
2294 
2295     /* cache adv report/scan response data */
2296     if (evt_type != BTM_BLE_SCAN_RSP_EVT)
2297     {
2298         p_le_inq_cb->adv_len = 0;
2299         memset(p_le_inq_cb->adv_data_cache, 0, BTM_BLE_CACHE_ADV_DATA_MAX);
2300     }
2301 
2302     if (data_len > 0)
2303     {
2304         p_cache = &p_le_inq_cb->adv_data_cache[p_le_inq_cb->adv_len];
2305         STREAM_TO_UINT8(length, p);
2306         while ( length && ((p_le_inq_cb->adv_len + length + 1) <= BTM_BLE_CACHE_ADV_DATA_MAX))
2307         {
2308             /* copy from the length byte & data into cache */
2309             memcpy(p_cache, p-1, length+1);
2310             /* advance the cache pointer past data */
2311             p_cache += length+1;
2312             /* increment cache length */
2313             p_le_inq_cb->adv_len += length+1;
2314             /* skip the length of data */
2315             p += length;
2316             STREAM_TO_UINT8(length, p);
2317         }
2318     }
2319 
2320     /* parse service UUID from adv packet and save it in inq db eir_uuid */
2321     /* TODO */
2322 }
2323 
2324 /*******************************************************************************
2325 **
2326 ** Function         btm_ble_is_discoverable
2327 **
2328 ** Description      check ADV flag to make sure device is discoverable and match
2329 **                  the search condition
2330 **
2331 ** Parameters
2332 **
2333 ** Returns          void
2334 **
2335 *******************************************************************************/
btm_ble_is_discoverable(BD_ADDR bda,UINT8 evt_type,UINT8 * p)2336 UINT8 btm_ble_is_discoverable(BD_ADDR bda, UINT8 evt_type, UINT8 *p)
2337 {
2338     UINT8               *p_flag, flag = 0, rt = 0;
2339     UINT8                data_len;
2340     tBTM_INQ_PARMS      *p_cond = &btm_cb.btm_inq_vars.inqparms;
2341     tBTM_BLE_INQ_CB     *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2342 
2343     UNUSED(p);
2344 
2345     /* for observer, always "discoverable */
2346     if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2347         rt |= BTM_BLE_OBS_RESULT;
2348 
2349     if (BTM_BLE_IS_SEL_CONN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity) &&
2350         (evt_type == BTM_BLE_CONNECT_EVT || evt_type == BTM_BLE_CONNECT_DIR_EVT))
2351         rt |= BTM_BLE_SEL_CONN_RESULT;
2352 
2353     /* does not match filter condition */
2354     if (p_cond->filter_cond_type == BTM_FILTER_COND_BD_ADDR &&
2355         memcmp(bda, p_cond->filter_cond.bdaddr_cond, BD_ADDR_LEN) != 0)
2356     {
2357         BTM_TRACE_DEBUG("BD ADDR does not meet filter condition");
2358         return rt;
2359     }
2360 
2361     if (p_le_inq_cb->adv_len != 0)
2362     {
2363         if ((p_flag = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache,
2364             BTM_BLE_AD_TYPE_FLAG, &data_len)) != NULL)
2365         {
2366             flag = * p_flag;
2367 
2368             if ((btm_cb.btm_inq_vars.inq_active & BTM_BLE_GENERAL_INQUIRY) &&
2369                 (flag & (BTM_BLE_LIMIT_DISC_FLAG|BTM_BLE_GEN_DISC_FLAG)) != 0)
2370             {
2371                 BTM_TRACE_DEBUG("Find Generable Discoverable device");
2372                 rt |= BTM_BLE_INQ_RESULT;
2373             }
2374 
2375             else if (btm_cb.btm_inq_vars.inq_active & BTM_BLE_LIMITED_INQUIRY &&
2376                      (flag & BTM_BLE_LIMIT_DISC_FLAG) != 0)
2377             {
2378                 BTM_TRACE_DEBUG("Find limited discoverable device");
2379                 rt |= BTM_BLE_INQ_RESULT;
2380             }
2381         }
2382     }
2383     return rt;
2384 }
2385 
btm_ble_appearance_to_cod(UINT16 appearance,UINT8 * dev_class)2386 static void btm_ble_appearance_to_cod(UINT16 appearance, UINT8 *dev_class)
2387 {
2388     dev_class[0] = 0;
2389 
2390     switch (appearance)
2391     {
2392         case BTM_BLE_APPEARANCE_GENERIC_PHONE:
2393             dev_class[1] = BTM_COD_MAJOR_PHONE;
2394             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2395             break;
2396         case BTM_BLE_APPEARANCE_GENERIC_COMPUTER:
2397             dev_class[1] = BTM_COD_MAJOR_COMPUTER;
2398             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2399             break;
2400         case BTM_BLE_APPEARANCE_GENERIC_REMOTE:
2401             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2402             dev_class[2] = BTM_COD_MINOR_REMOTE_CONTROL;
2403             break;
2404         case BTM_BLE_APPEARANCE_GENERIC_THERMOMETER:
2405         case BTM_BLE_APPEARANCE_THERMOMETER_EAR:
2406             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2407             dev_class[2] = BTM_COD_MINOR_THERMOMETER;
2408             break;
2409         case BTM_BLE_APPEARANCE_GENERIC_HEART_RATE:
2410         case BTM_BLE_APPEARANCE_HEART_RATE_BELT:
2411             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2412             dev_class[2] = BTM_COD_MINOR_HEART_PULSE_MONITOR;
2413             break;
2414         case BTM_BLE_APPEARANCE_GENERIC_BLOOD_PRESSURE:
2415         case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_ARM:
2416         case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_WRIST:
2417             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2418             dev_class[2] = BTM_COD_MINOR_BLOOD_MONITOR;
2419             break;
2420         case BTM_BLE_APPEARANCE_GENERIC_PULSE_OXIMETER:
2421         case BTM_BLE_APPEARANCE_PULSE_OXIMETER_FINGERTIP:
2422         case BTM_BLE_APPEARANCE_PULSE_OXIMETER_WRIST:
2423             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2424             dev_class[2] = BTM_COD_MINOR_PULSE_OXIMETER;
2425             break;
2426         case BTM_BLE_APPEARANCE_GENERIC_GLUCOSE:
2427             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2428             dev_class[2] = BTM_COD_MINOR_GLUCOSE_METER;
2429             break;
2430         case BTM_BLE_APPEARANCE_GENERIC_WEIGHT:
2431             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2432             dev_class[2] = BTM_COD_MINOR_WEIGHING_SCALE;
2433             break;
2434         case BTM_BLE_APPEARANCE_GENERIC_WALKING:
2435         case BTM_BLE_APPEARANCE_WALKING_IN_SHOE:
2436         case BTM_BLE_APPEARANCE_WALKING_ON_SHOE:
2437         case BTM_BLE_APPEARANCE_WALKING_ON_HIP:
2438             dev_class[1] = BTM_COD_MAJOR_HEALTH;
2439             dev_class[2] = BTM_COD_MINOR_STEP_COUNTER;
2440             break;
2441         case BTM_BLE_APPEARANCE_GENERIC_WATCH:
2442         case BTM_BLE_APPEARANCE_SPORTS_WATCH:
2443             dev_class[1] = BTM_COD_MAJOR_WEARABLE;
2444             dev_class[2] = BTM_COD_MINOR_WRIST_WATCH;
2445             break;
2446         case BTM_BLE_APPEARANCE_GENERIC_EYEGLASSES:
2447             dev_class[1] = BTM_COD_MAJOR_WEARABLE;
2448             dev_class[2] = BTM_COD_MINOR_GLASSES;
2449             break;
2450         case BTM_BLE_APPEARANCE_GENERIC_DISPLAY:
2451             dev_class[1] = BTM_COD_MAJOR_IMAGING;
2452             dev_class[2] = BTM_COD_MINOR_DISPLAY;
2453             break;
2454         case BTM_BLE_APPEARANCE_GENERIC_MEDIA_PLAYER:
2455             dev_class[1] = BTM_COD_MAJOR_AUDIO;
2456             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2457             break;
2458         case BTM_BLE_APPEARANCE_GENERIC_BARCODE_SCANNER:
2459         case BTM_BLE_APPEARANCE_HID_BARCODE_SCANNER:
2460         case BTM_BLE_APPEARANCE_GENERIC_HID:
2461             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2462             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2463             break;
2464         case BTM_BLE_APPEARANCE_HID_KEYBOARD:
2465             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2466             dev_class[2] = BTM_COD_MINOR_KEYBOARD;
2467             break;
2468         case BTM_BLE_APPEARANCE_HID_MOUSE:
2469             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2470             dev_class[2] = BTM_COD_MINOR_POINTING;
2471             break;
2472         case BTM_BLE_APPEARANCE_HID_JOYSTICK:
2473             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2474             dev_class[2] = BTM_COD_MINOR_JOYSTICK;
2475             break;
2476         case BTM_BLE_APPEARANCE_HID_GAMEPAD:
2477             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2478             dev_class[2] = BTM_COD_MINOR_GAMEPAD;
2479             break;
2480         case BTM_BLE_APPEARANCE_HID_DIGITIZER_TABLET:
2481             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2482             dev_class[2] = BTM_COD_MINOR_DIGITIZING_TABLET;
2483             break;
2484         case BTM_BLE_APPEARANCE_HID_CARD_READER:
2485             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2486             dev_class[2] = BTM_COD_MINOR_CARD_READER;
2487             break;
2488         case BTM_BLE_APPEARANCE_HID_DIGITAL_PEN:
2489             dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2490             dev_class[2] = BTM_COD_MINOR_DIGITAL_PAN;
2491             break;
2492         case BTM_BLE_APPEARANCE_UKNOWN:
2493         case BTM_BLE_APPEARANCE_GENERIC_CLOCK:
2494         case BTM_BLE_APPEARANCE_GENERIC_TAG:
2495         case BTM_BLE_APPEARANCE_GENERIC_KEYRING:
2496         case BTM_BLE_APPEARANCE_GENERIC_CYCLING:
2497         case BTM_BLE_APPEARANCE_CYCLING_COMPUTER:
2498         case BTM_BLE_APPEARANCE_CYCLING_SPEED:
2499         case BTM_BLE_APPEARANCE_CYCLING_CADENCE:
2500         case BTM_BLE_APPEARANCE_CYCLING_POWER:
2501         case BTM_BLE_APPEARANCE_CYCLING_SPEED_CADENCE:
2502         case BTM_BLE_APPEARANCE_GENERIC_OUTDOOR_SPORTS:
2503         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION:
2504         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_AND_NAV:
2505         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD:
2506         case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD_AND_NAV:
2507         default:
2508             dev_class[1] = BTM_COD_MAJOR_UNCLASSIFIED;
2509             dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2510     };
2511 }
2512 
2513 /*******************************************************************************
2514 **
2515 ** Function         btm_ble_update_inq_result
2516 **
2517 ** Description      Update adv packet information into inquiry result.
2518 **
2519 ** Parameters
2520 **
2521 ** Returns          void
2522 **
2523 *******************************************************************************/
btm_ble_update_inq_result(tINQ_DB_ENT * p_i,UINT8 addr_type,UINT8 evt_type,UINT8 * p)2524 BOOLEAN btm_ble_update_inq_result(tINQ_DB_ENT *p_i, UINT8 addr_type, UINT8 evt_type, UINT8 *p)
2525 {
2526     BOOLEAN             to_report = TRUE;
2527     tBTM_INQ_RESULTS     *p_cur = &p_i->inq_info.results;
2528     UINT8               len;
2529     UINT8               *p_flag;
2530     tBTM_INQUIRY_VAR_ST  *p_inq = &btm_cb.btm_inq_vars;
2531     UINT8                data_len, rssi;
2532     tBTM_BLE_INQ_CB     *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2533     UINT8 *p1;
2534     UINT8               *p_uuid16;
2535 
2536     STREAM_TO_UINT8    (data_len, p);
2537 
2538     if (data_len > BTM_BLE_ADV_DATA_LEN_MAX)
2539     {
2540         BTM_TRACE_WARNING("EIR data too long %d. discard", data_len);
2541         return FALSE;
2542     }
2543     btm_ble_cache_adv_data(p_cur, data_len, p, evt_type);
2544 
2545     p1 = (p + data_len);
2546     STREAM_TO_UINT8 (rssi, p1);
2547 
2548     /* Save the info */
2549     p_cur->inq_result_type = BTM_INQ_RESULT_BLE;
2550     p_cur->ble_addr_type    = addr_type;
2551     p_cur->rssi = rssi;
2552 
2553     /* active scan, always wait until get scan_rsp to report the result */
2554     if ((btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI &&
2555          (evt_type == BTM_BLE_CONNECT_EVT || evt_type == BTM_BLE_DISCOVER_EVT)))
2556     {
2557         BTM_TRACE_DEBUG("btm_ble_update_inq_result scan_rsp=false, to_report=false,\
2558                               scan_type_active=%d", btm_cb.ble_ctr_cb.inq_var.scan_type);
2559         p_i->scan_rsp = FALSE;
2560         to_report = FALSE;
2561     }
2562     else
2563         p_i->scan_rsp = TRUE;
2564 
2565     if (p_i->inq_count != p_inq->inq_counter)
2566         p_cur->device_type = BT_DEVICE_TYPE_BLE;
2567     else
2568         p_cur->device_type |= BT_DEVICE_TYPE_BLE;
2569 
2570     if (evt_type != BTM_BLE_SCAN_RSP_EVT)
2571         p_cur->ble_evt_type     = evt_type;
2572 
2573     p_i->inq_count = p_inq->inq_counter;   /* Mark entry for current inquiry */
2574 
2575     if (p_le_inq_cb->adv_len != 0)
2576     {
2577         if ((p_flag = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache, BTM_BLE_AD_TYPE_FLAG, &len)) != NULL)
2578             p_cur->flag = * p_flag;
2579     }
2580 
2581     if (p_le_inq_cb->adv_len != 0)
2582     {
2583         /* Check to see the BLE device has the Appearance UUID in the advertising data.  If it does
2584          * then try to convert the appearance value to a class of device value Bluedroid can use.
2585          * Otherwise fall back to trying to infer if it is a HID device based on the service class.
2586          */
2587         p_uuid16 = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache, BTM_BLE_AD_TYPE_APPEARANCE, &len);
2588         if (p_uuid16 && len == 2)
2589         {
2590             btm_ble_appearance_to_cod((UINT16)p_uuid16[0] | (p_uuid16[1] << 8), p_cur->dev_class);
2591         }
2592         else
2593         {
2594             if ((p_uuid16 = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache,
2595                                              BTM_BLE_AD_TYPE_16SRV_CMPL, &len)) != NULL)
2596             {
2597                 UINT8 i;
2598                 for (i = 0; i + 2 <= len; i = i + 2)
2599                 {
2600                     /* if this BLE device support HID over LE, set HID Major in class of device */
2601                     if ((p_uuid16[i] | (p_uuid16[i+1] << 8)) == UUID_SERVCLASS_LE_HID)
2602                     {
2603                         p_cur->dev_class[0] = 0;
2604                         p_cur->dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2605                         p_cur->dev_class[2] = 0;
2606                         break;
2607                     }
2608                 }
2609             }
2610         }
2611     }
2612 
2613     /* if BR/EDR not supported is not set, assume is a DUMO device */
2614     if ((p_cur->flag & BTM_BLE_BREDR_NOT_SPT) == 0 &&
2615          evt_type != BTM_BLE_CONNECT_DIR_EVT)
2616     {
2617         if (p_cur->ble_addr_type != BLE_ADDR_RANDOM)
2618         {
2619             BTM_TRACE_DEBUG("BR/EDR NOT support bit not set, treat as DUMO");
2620             p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
2621         } else {
2622             BTM_TRACE_DEBUG("Random address, treating device as LE only");
2623         }
2624     }
2625     else
2626     {
2627         BTM_TRACE_DEBUG("BR/EDR NOT SUPPORT bit set, LE only device");
2628     }
2629 
2630     return to_report;
2631 
2632 }
2633 
2634 /*******************************************************************************
2635 **
2636 ** Function         btm_clear_all_pending_le_entry
2637 **
2638 ** Description      This function is called to clear all LE pending entry in
2639 **                  inquiry database.
2640 **
2641 ** Returns          void
2642 **
2643 *******************************************************************************/
btm_clear_all_pending_le_entry(void)2644 void btm_clear_all_pending_le_entry(void)
2645 {
2646     UINT16       xx;
2647     tINQ_DB_ENT  *p_ent = btm_cb.btm_inq_vars.inq_db;
2648 
2649     for (xx = 0; xx < BTM_INQ_DB_SIZE; xx++, p_ent++)
2650     {
2651         /* mark all pending LE entry as unused if an LE only device has scan response outstanding */
2652         if ((p_ent->in_use) &&
2653             (p_ent->inq_info.results.device_type == BT_DEVICE_TYPE_BLE) &&
2654              !p_ent->scan_rsp)
2655             p_ent->in_use = FALSE;
2656     }
2657 }
2658 
2659 /*******************************************************************************
2660 **
2661 ** Function         btm_send_sel_conn_callback
2662 **
2663 ** Description      send selection connection request callback.
2664 **
2665 ** Parameters
2666 **
2667 ** Returns          void
2668 **
2669 *******************************************************************************/
btm_send_sel_conn_callback(BD_ADDR remote_bda,UINT8 evt_type,UINT8 * p_data,UINT8 addr_type)2670 void btm_send_sel_conn_callback(BD_ADDR remote_bda, UINT8 evt_type, UINT8 *p_data, UINT8 addr_type)
2671 {
2672     UINT8   data_len, len;
2673     UINT8   *p_dev_name, remname[31] = {0};
2674     UNUSED(addr_type);
2675 
2676     if (btm_cb.ble_ctr_cb.p_select_cback == NULL ||
2677         /* non-connectable device */
2678         (evt_type != BTM_BLE_EVT_CONN_ADV && evt_type != BTM_BLE_EVT_CONN_DIR_ADV))
2679         return;
2680 
2681     STREAM_TO_UINT8    (data_len, p_data);
2682 
2683     /* get the device name if exist in ADV data */
2684     if (data_len != 0)
2685     {
2686         p_dev_name = BTM_CheckAdvData(p_data, BTM_BLE_AD_TYPE_NAME_CMPL, &len);
2687 
2688         if (p_dev_name == NULL)
2689             p_dev_name = BTM_CheckAdvData(p_data, BTM_BLE_AD_TYPE_NAME_SHORT, &len);
2690 
2691         if (p_dev_name)
2692             memcpy(remname, p_dev_name, len);
2693     }
2694     /* allow connection */
2695     if ((* btm_cb.ble_ctr_cb.p_select_cback)(remote_bda, remname))
2696     {
2697         /* terminate selective connection, initiate connection */
2698         btm_ble_initiate_select_conn(remote_bda);
2699     }
2700 }
2701 
2702 /*******************************************************************************
2703 **
2704 ** Function         btm_ble_process_adv_pkt
2705 **
2706 ** Description      This function is called when adv packet report events are
2707 **                  received from the device. It updates the inquiry database.
2708 **                  If the inquiry database is full, the oldest entry is discarded.
2709 **
2710 ** Parameters
2711 **
2712 ** Returns          void
2713 **
2714 *******************************************************************************/
btm_ble_process_adv_pkt(UINT8 * p_data)2715 void btm_ble_process_adv_pkt (UINT8 *p_data)
2716 {
2717     BD_ADDR             bda;
2718     UINT8               evt_type = 0, *p = p_data;
2719     UINT8               addr_type = 0;
2720     UINT8               num_reports;
2721     UINT8               data_len;
2722 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
2723     BOOLEAN             match = FALSE;
2724 #endif
2725 
2726     /* Only process the results if the inquiry is still active */
2727     if (!BTM_BLE_IS_SCAN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2728         return;
2729 
2730     /* Extract the number of reports in this event. */
2731     STREAM_TO_UINT8(num_reports, p);
2732 
2733     while (num_reports--)
2734     {
2735         /* Extract inquiry results */
2736         STREAM_TO_UINT8    (evt_type, p);
2737         STREAM_TO_UINT8    (addr_type, p);
2738         STREAM_TO_BDADDR   (bda, p);
2739 
2740 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
2741         /* map address to security record */
2742         match = btm_identity_addr_to_random_pseudo(bda, &addr_type, FALSE);
2743 
2744         BTM_TRACE_DEBUG("btm_ble_process_adv_pkt:bda= %0x:%0x:%0x:%0x:%0x:%0x",
2745                                      bda[0],bda[1],bda[2],bda[3],bda[4],bda[5]);
2746         /* always do RRA resolution on host */
2747         if (!match && BTM_BLE_IS_RESOLVE_BDA(bda))
2748         {
2749             btm_ble_resolve_random_addr(bda, btm_ble_resolve_random_addr_on_adv, p_data);
2750         }
2751         else
2752 #endif
2753             btm_ble_process_adv_pkt_cont(bda, addr_type, evt_type, p);
2754 
2755         STREAM_TO_UINT8(data_len, p);
2756 
2757         /* Advance to the next event data_len + rssi byte */
2758         p += data_len + 1;
2759     }
2760 }
2761 
2762 /*******************************************************************************
2763 **
2764 ** Function         btm_ble_process_adv_pkt_cont
2765 **
2766 ** Description      This function is called after random address resolution is
2767 **                  done, and proceed to process adv packet.
2768 **
2769 ** Parameters
2770 **
2771 ** Returns          void
2772 **
2773 *******************************************************************************/
btm_ble_process_adv_pkt_cont(BD_ADDR bda,UINT8 addr_type,UINT8 evt_type,UINT8 * p)2774 static void btm_ble_process_adv_pkt_cont(BD_ADDR bda, UINT8 addr_type, UINT8 evt_type, UINT8 *p)
2775 {
2776     tINQ_DB_ENT          *p_i;
2777     tBTM_INQUIRY_VAR_ST  *p_inq = &btm_cb.btm_inq_vars;
2778     tBTM_INQ_RESULTS_CB  *p_inq_results_cb = p_inq->p_inq_results_cb;
2779     tBTM_INQ_RESULTS_CB  *p_obs_results_cb = btm_cb.ble_ctr_cb.p_obs_results_cb;
2780     tBTM_BLE_INQ_CB      *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2781     BOOLEAN     update = TRUE;
2782     UINT8       result = 0;
2783 
2784     p_i = btm_inq_db_find (bda);
2785 
2786     /* Check if this address has already been processed for this inquiry */
2787     if (btm_inq_find_bdaddr(bda))
2788     {
2789         /* never been report as an LE device */
2790         if (p_i &&
2791             (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2792               /* scan repsonse to be updated */
2793               (!p_i->scan_rsp)))
2794         {
2795             update = TRUE;
2796         }
2797         else if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2798         {
2799             update = FALSE;
2800         }
2801         else
2802         {
2803             /* if yes, skip it */
2804             return; /* assumption: one result per event */
2805         }
2806     }
2807     /* If existing entry, use that, else get  a new one (possibly reusing the oldest) */
2808     if (p_i == NULL)
2809     {
2810         if ((p_i = btm_inq_db_new (bda)) != NULL)
2811         {
2812             p_inq->inq_cmpl_info.num_resp++;
2813         }
2814         else
2815             return;
2816     }
2817     else if (p_i->inq_count != p_inq->inq_counter) /* first time seen in this inquiry */
2818     {
2819         p_inq->inq_cmpl_info.num_resp++;
2820     }
2821     /* update the LE device information in inquiry database */
2822     if (!btm_ble_update_inq_result(p_i, addr_type, evt_type, p))
2823         return;
2824 
2825     if ((result = btm_ble_is_discoverable(bda, evt_type, p)) == 0)
2826     {
2827       LOG_WARN(LOG_TAG, "%s device is no longer discoverable so discarding advertising packet pkt",
2828           __func__);
2829         return;
2830     }
2831     if (!update)
2832         result &= ~BTM_BLE_INQ_RESULT;
2833     /* If the number of responses found and limited, issue a cancel inquiry */
2834     if (p_inq->inqparms.max_resps &&
2835         p_inq->inq_cmpl_info.num_resp == p_inq->inqparms.max_resps)
2836     {
2837         /* new device */
2838         if (p_i == NULL ||
2839             /* assume a DUMO device, BR/EDR inquiry is always active */
2840             (p_i &&
2841             (p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE &&
2842              p_i->scan_rsp))
2843         {
2844             BTM_TRACE_WARNING("INQ RES: Extra Response Received...cancelling inquiry..");
2845 
2846             /* if is non-periodic inquiry active, cancel now */
2847             if ((p_inq->inq_active & BTM_BR_INQ_ACTIVE_MASK) != 0 &&
2848                 (p_inq->inq_active & BTM_PERIODIC_INQUIRY_ACTIVE) == 0)
2849                 btsnd_hcic_inq_cancel();
2850 
2851             btm_ble_stop_inquiry();
2852 
2853             btm_acl_update_busy_level (BTM_BLI_INQ_DONE_EVT);
2854         }
2855     }
2856     /* background connection in selective connection mode */
2857     if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_SELECTIVE)
2858     {
2859         if (result & BTM_BLE_SEL_CONN_RESULT)
2860             btm_send_sel_conn_callback(bda, evt_type, p, addr_type);
2861         else
2862         {
2863             BTM_TRACE_DEBUG("None LE device, can not initiate selective connection");
2864         }
2865     }
2866     else
2867     {
2868         if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT))
2869         {
2870             (p_inq_results_cb)((tBTM_INQ_RESULTS *) &p_i->inq_info.results, p_le_inq_cb->adv_data_cache);
2871         }
2872         if (p_obs_results_cb && (result & BTM_BLE_OBS_RESULT))
2873         {
2874             (p_obs_results_cb)((tBTM_INQ_RESULTS *) &p_i->inq_info.results, p_le_inq_cb->adv_data_cache);
2875         }
2876     }
2877 }
2878 
2879 /*******************************************************************************
2880 **
2881 ** Function         btm_ble_start_scan
2882 **
2883 ** Description      Start the BLE scan.
2884 **
2885 ** Returns          void
2886 **
2887 *******************************************************************************/
btm_ble_start_scan(void)2888 tBTM_STATUS btm_ble_start_scan(void)
2889 {
2890     tBTM_BLE_INQ_CB *p_inq = &btm_cb.ble_ctr_cb.inq_var;
2891     tBTM_STATUS status = BTM_CMD_STARTED;
2892 
2893     /* start scan, disable duplicate filtering */
2894     if (!btsnd_hcic_ble_set_scan_enable (BTM_BLE_SCAN_ENABLE, p_inq->scan_duplicate_filter))
2895     {
2896         status = BTM_NO_RESOURCES;
2897     }
2898     else
2899     {
2900         if (p_inq->scan_type == BTM_BLE_SCAN_MODE_ACTI)
2901             btm_ble_set_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2902         else
2903             btm_ble_set_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2904     }
2905     return status;
2906 }
2907 
2908 /*******************************************************************************
2909 **
2910 ** Function         btm_ble_stop_scan
2911 **
2912 ** Description      Stop the BLE scan.
2913 **
2914 ** Returns          void
2915 **
2916 *******************************************************************************/
btm_ble_stop_scan(void)2917 void btm_ble_stop_scan(void)
2918 {
2919     BTM_TRACE_EVENT ("btm_ble_stop_scan ");
2920 
2921     /* Clear the inquiry callback if set */
2922     btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2923 
2924     /* stop discovery now */
2925     btsnd_hcic_ble_set_scan_enable (BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2926 
2927     btm_update_scanner_filter_policy(SP_ADV_ALL);
2928 
2929     btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_SCAN;
2930 }
2931 /*******************************************************************************
2932 **
2933 ** Function         btm_ble_stop_inquiry
2934 **
2935 ** Description      Stop the BLE Inquiry.
2936 **
2937 ** Returns          void
2938 **
2939 *******************************************************************************/
btm_ble_stop_inquiry(void)2940 void btm_ble_stop_inquiry(void)
2941 {
2942     tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2943     tBTM_BLE_CB *p_ble_cb = &btm_cb.ble_ctr_cb;
2944 
2945     alarm_cancel(p_ble_cb->inq_var.inquiry_timer);
2946 
2947     p_ble_cb->scan_activity &=  ~BTM_BLE_INQUIRY_MASK;
2948 
2949     /* If no more scan activity, stop LE scan now */
2950     if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
2951         btm_ble_stop_scan();
2952     else if((p_ble_cb->inq_var.scan_interval != BTM_BLE_LOW_LATENCY_SCAN_INT) ||
2953             (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN))
2954     {
2955         BTM_TRACE_DEBUG("%s: setting default params for ongoing observe", __FUNCTION__);
2956         btm_ble_stop_scan();
2957         btm_ble_start_scan();
2958     }
2959 
2960     /* If we have a callback registered for inquiry complete, call it */
2961     BTM_TRACE_DEBUG ("BTM Inq Compl Callback: status 0x%02x, num results %d",
2962                       p_inq->inq_cmpl_info.status, p_inq->inq_cmpl_info.num_resp);
2963 
2964     btm_process_inq_complete(HCI_SUCCESS, (UINT8)(p_inq->inqparms.mode & BTM_BLE_INQUIRY_MASK));
2965 }
2966 
2967 /*******************************************************************************
2968 **
2969 ** Function         btm_ble_stop_observe
2970 **
2971 ** Description      Stop the BLE Observe.
2972 **
2973 ** Returns          void
2974 **
2975 *******************************************************************************/
btm_ble_stop_observe(void)2976 static void btm_ble_stop_observe(void)
2977 {
2978     tBTM_BLE_CB *p_ble_cb = & btm_cb.ble_ctr_cb;
2979     tBTM_CMPL_CB *p_obs_cb = p_ble_cb->p_obs_cmpl_cb;
2980 
2981     alarm_cancel(p_ble_cb->observer_timer);
2982 
2983     p_ble_cb->scan_activity &= ~BTM_LE_OBSERVE_ACTIVE;
2984 
2985     p_ble_cb->p_obs_results_cb = NULL;
2986     p_ble_cb->p_obs_cmpl_cb = NULL;
2987 
2988     if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
2989         btm_ble_stop_scan();
2990 
2991     if (p_obs_cb)
2992         (p_obs_cb)((tBTM_INQUIRY_CMPL *) &btm_cb.btm_inq_vars.inq_cmpl_info);
2993 }
2994 /*******************************************************************************
2995 **
2996 ** Function         btm_ble_adv_states_operation
2997 **
2998 ** Description      Set or clear adv states in topology mask
2999 **
3000 ** Returns          operation status. TRUE if sucessful, FALSE otherwise.
3001 **
3002 *******************************************************************************/
3003 typedef BOOLEAN (BTM_TOPOLOGY_FUNC_PTR)(tBTM_BLE_STATE_MASK);
btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR * p_handler,UINT8 adv_evt)3004 static BOOLEAN btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR *p_handler, UINT8 adv_evt)
3005 {
3006     BOOLEAN rt = FALSE;
3007 
3008     switch (adv_evt)
3009     {
3010     case BTM_BLE_CONNECT_EVT:
3011         rt  = (*p_handler)(BTM_BLE_STATE_CONN_ADV_BIT);
3012         break;
3013 
3014     case  BTM_BLE_NON_CONNECT_EVT:
3015         rt  = (*p_handler) (BTM_BLE_STATE_NON_CONN_ADV_BIT);
3016         break;
3017     case BTM_BLE_CONNECT_DIR_EVT:
3018         rt  =  (*p_handler) (BTM_BLE_STATE_HI_DUTY_DIR_ADV_BIT);
3019         break;
3020 
3021     case BTM_BLE_DISCOVER_EVT:
3022         rt  =  (*p_handler) (BTM_BLE_STATE_SCAN_ADV_BIT);
3023         break;
3024 
3025     case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
3026         rt = (*p_handler) (BTM_BLE_STATE_LO_DUTY_DIR_ADV_BIT);
3027         break;
3028 
3029     default:
3030         BTM_TRACE_ERROR("unknown adv event : %d", adv_evt);
3031         break;
3032     }
3033 
3034     return rt;
3035 }
3036 
3037 /*******************************************************************************
3038 **
3039 ** Function         btm_ble_start_adv
3040 **
3041 ** Description      start the BLE advertising.
3042 **
3043 ** Returns          void
3044 **
3045 *******************************************************************************/
btm_ble_start_adv(void)3046 tBTM_STATUS btm_ble_start_adv(void)
3047 {
3048     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3049     tBTM_STATUS     rt = BTM_NO_RESOURCES;
3050 
3051     if (!btm_ble_adv_states_operation (btm_ble_topology_check, p_cb->evt_type))
3052         return BTM_WRONG_MODE;
3053 
3054 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
3055     /* To relax resolving list,  always have resolving list enabled, unless directed adv */
3056     if (p_cb->evt_type != BTM_BLE_CONNECT_LO_DUTY_DIR_EVT &&
3057         p_cb->evt_type != BTM_BLE_CONNECT_DIR_EVT)
3058         /* enable resolving list is desired */
3059         btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_ADV);
3060 #endif
3061     if (p_cb->afp != AP_SCAN_CONN_ALL)
3062     {
3063         btm_execute_wl_dev_operation();
3064         btm_cb.ble_ctr_cb.wl_state |= BTM_BLE_WL_ADV;
3065     }
3066 
3067     if (btsnd_hcic_ble_set_adv_enable (BTM_BLE_ADV_ENABLE))
3068     {
3069          p_cb->adv_mode = BTM_BLE_ADV_ENABLE;
3070          btm_ble_adv_states_operation(btm_ble_set_topology_mask, p_cb->evt_type);
3071          rt = BTM_SUCCESS;
3072     }
3073     else
3074     {
3075         p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
3076         btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_ADV;
3077     }
3078     return rt;
3079 }
3080 
3081 /*******************************************************************************
3082 **
3083 ** Function         btm_ble_stop_adv
3084 **
3085 ** Description      Stop the BLE advertising.
3086 **
3087 ** Returns          void
3088 **
3089 *******************************************************************************/
btm_ble_stop_adv(void)3090 tBTM_STATUS btm_ble_stop_adv(void)
3091 {
3092     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3093     tBTM_STATUS rt = BTM_SUCCESS;
3094 
3095     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
3096     {
3097         if (btsnd_hcic_ble_set_adv_enable (BTM_BLE_ADV_DISABLE))
3098         {
3099             p_cb->fast_adv_on = FALSE;
3100             p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
3101             btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_ADV;
3102 
3103             /* clear all adv states */
3104             btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_ADV_MASK);
3105         }
3106         else
3107             rt = BTM_NO_RESOURCES;
3108     }
3109     return rt;
3110 }
3111 
btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void * data)3112 static void btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void *data)
3113 {
3114     /* fast adv is completed, fall back to slow adv interval */
3115     btm_ble_start_slow_adv();
3116 }
3117 
3118 /*******************************************************************************
3119 **
3120 ** Function         btm_ble_start_slow_adv
3121 **
3122 ** Description      Restart adv with slow adv interval
3123 **
3124 ** Returns          void
3125 **
3126 *******************************************************************************/
btm_ble_start_slow_adv(void)3127 static void btm_ble_start_slow_adv(void)
3128 {
3129     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3130 
3131     if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
3132     {
3133         tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
3134         BD_ADDR p_addr_ptr = {0};
3135         tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
3136         tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
3137 
3138         btm_ble_stop_adv();
3139 
3140         p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
3141                                                          &own_addr_type);
3142 
3143         /* slow adv mode never goes into directed adv */
3144         btsnd_hcic_ble_write_adv_params (BTM_BLE_GAP_ADV_SLOW_INT, BTM_BLE_GAP_ADV_SLOW_INT,
3145                                          p_cb->evt_type, own_addr_type,
3146                                          init_addr_type, p_addr_ptr,
3147                                          p_cb->adv_chnl_map, p_cb->afp);
3148 
3149         btm_ble_start_adv();
3150     }
3151 }
3152 
btm_ble_inquiry_timer_gap_limited_discovery_timeout(UNUSED_ATTR void * data)3153 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(UNUSED_ATTR void *data)
3154 {
3155     /* lim_timeout expired, limited discovery should exit now */
3156     btm_cb.btm_inq_vars.discoverable_mode &= ~BTM_BLE_LIMITED_DISCOVERABLE;
3157     btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode,
3158                          btm_cb.btm_inq_vars.discoverable_mode);
3159 }
3160 
btm_ble_inquiry_timer_timeout(UNUSED_ATTR void * data)3161 static void btm_ble_inquiry_timer_timeout(UNUSED_ATTR void *data)
3162 {
3163     btm_ble_stop_inquiry();
3164 }
3165 
btm_ble_observer_timer_timeout(UNUSED_ATTR void * data)3166 static void btm_ble_observer_timer_timeout(UNUSED_ATTR void *data)
3167 {
3168     btm_ble_stop_observe();
3169 }
3170 
btm_ble_adv_raddr_timer_timeout(void * data)3171 void btm_ble_adv_raddr_timer_timeout(void *data)
3172 {
3173     if ((btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type == BLE_ADDR_RANDOM) &&
3174         (BTM_BleMaxMultiAdvInstanceCount() > 0)) {
3175         btm_ble_multi_adv_configure_rpa((tBTM_BLE_MULTI_ADV_INST *)data);
3176     }
3177 }
3178 
btm_ble_refresh_raddr_timer_timeout(UNUSED_ATTR void * data)3179 void btm_ble_refresh_raddr_timer_timeout(UNUSED_ATTR void *data)
3180 {
3181     if (btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type == BLE_ADDR_RANDOM) {
3182         /* refresh the random addr */
3183         btm_gen_resolvable_private_addr((void *)btm_gen_resolve_paddr_low);
3184     }
3185 }
3186 
3187 /*******************************************************************************
3188 **
3189 ** Function         btm_ble_read_remote_features_complete
3190 **
3191 ** Description      This function is called when the command complete message
3192 **                  is received from the HCI for the read LE remote feature supported
3193 **                  complete event.
3194 **
3195 ** Returns          void
3196 **
3197 *******************************************************************************/
btm_ble_read_remote_features_complete(UINT8 * p)3198 void btm_ble_read_remote_features_complete(UINT8 *p)
3199 {
3200     tACL_CONN        *p_acl_cb = &btm_cb.acl_db[0];
3201     UINT16            handle;
3202     UINT8             status;
3203     int               xx;
3204 
3205     BTM_TRACE_EVENT ("btm_ble_read_remote_features_complete ");
3206 
3207     STREAM_TO_UINT8(status, p);
3208 
3209     // if LE read remote feature failed for HCI_ERR_CONN_FAILED_ESTABLISHMENT,
3210     // expect disconnect complete to be received
3211     if (status != HCI_ERR_CONN_FAILED_ESTABLISHMENT)
3212     {
3213         STREAM_TO_UINT16 (handle, p);
3214 
3215         /* Look up the connection by handle and copy features */
3216         for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++)
3217         {
3218             if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle))
3219             {
3220                 STREAM_TO_ARRAY(p_acl_cb->peer_le_features, p, BD_FEATURES_LEN);
3221                 btsnd_hcic_rmt_ver_req (p_acl_cb->hci_handle);
3222                 break;
3223             }
3224         }
3225     }
3226 
3227 }
3228 
3229 /*******************************************************************************
3230 **
3231 ** Function         btm_ble_write_adv_enable_complete
3232 **
3233 ** Description      This function process the write adv enable command complete.
3234 **
3235 ** Returns          void
3236 **
3237 *******************************************************************************/
btm_ble_write_adv_enable_complete(UINT8 * p)3238 void btm_ble_write_adv_enable_complete(UINT8 * p)
3239 {
3240     tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3241 
3242     /* if write adv enable/disbale not succeed */
3243     if (*p != HCI_SUCCESS)
3244     {
3245         /* toggle back the adv mode */
3246         p_cb->adv_mode = !p_cb->adv_mode;
3247     }
3248 }
3249 
3250 /*******************************************************************************
3251 **
3252 ** Function         btm_ble_dir_adv_tout
3253 **
3254 ** Description      when directed adv time out
3255 **
3256 ** Returns          void
3257 **
3258 *******************************************************************************/
btm_ble_dir_adv_tout(void)3259 void btm_ble_dir_adv_tout(void)
3260 {
3261     btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3262 
3263     /* make device fall back into undirected adv mode by default */
3264     btm_cb.ble_ctr_cb.inq_var.directed_conn = FALSE;
3265 }
3266 
3267 /*******************************************************************************
3268 **
3269 ** Function         btm_ble_set_topology_mask
3270 **
3271 ** Description      set BLE topology mask
3272 **
3273 ** Returns          TRUE is request is allowed, FALSE otherwise.
3274 **
3275 *******************************************************************************/
btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)3276 BOOLEAN btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)
3277 {
3278     request_state_mask &= BTM_BLE_STATE_ALL_MASK;
3279     btm_cb.ble_ctr_cb.cur_states |= (request_state_mask & BTM_BLE_STATE_ALL_MASK);
3280     return TRUE;
3281 }
3282 
3283 /*******************************************************************************
3284 **
3285 ** Function         btm_ble_clear_topology_mask
3286 **
3287 ** Description      Clear BLE topology bit mask
3288 **
3289 ** Returns          TRUE is request is allowed, FALSE otherwise.
3290 **
3291 *******************************************************************************/
btm_ble_clear_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)3292 BOOLEAN btm_ble_clear_topology_mask (tBTM_BLE_STATE_MASK request_state_mask)
3293 {
3294     request_state_mask &= BTM_BLE_STATE_ALL_MASK;
3295     btm_cb.ble_ctr_cb.cur_states &= ~request_state_mask;
3296     return TRUE;
3297 }
3298 
3299 /*******************************************************************************
3300 **
3301 ** Function         btm_ble_update_link_topology_mask
3302 **
3303 ** Description      This function update the link topology mask
3304 **
3305 ** Returns          void
3306 **
3307 *******************************************************************************/
btm_ble_update_link_topology_mask(UINT8 link_role,BOOLEAN increase)3308 void btm_ble_update_link_topology_mask(UINT8 link_role, BOOLEAN increase)
3309 {
3310     btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_CONN_MASK);
3311 
3312     if (increase)
3313         btm_cb.ble_ctr_cb.link_count[link_role]++;
3314     else if (btm_cb.ble_ctr_cb.link_count[link_role] > 0)
3315         btm_cb.ble_ctr_cb.link_count[link_role]--;
3316 
3317     if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_MASTER])
3318         btm_ble_set_topology_mask (BTM_BLE_STATE_MASTER_BIT);
3319 
3320     if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_SLAVE])
3321         btm_ble_set_topology_mask(BTM_BLE_STATE_SLAVE_BIT);
3322 
3323     if (link_role == HCI_ROLE_SLAVE && increase)
3324     {
3325         btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3326         /* make device fall back into undirected adv mode by default */
3327         btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_CONNECT_EVT;
3328         /* clear all adv states */
3329         btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
3330     }
3331 }
3332 
3333 /*******************************************************************************
3334 **
3335 ** Function         btm_ble_update_mode_operation
3336 **
3337 ** Description      This function update the GAP role operation when a link status
3338 **                  is updated.
3339 **
3340 ** Returns          void
3341 **
3342 *******************************************************************************/
btm_ble_update_mode_operation(UINT8 link_role,BD_ADDR bd_addr,UINT8 status)3343 void btm_ble_update_mode_operation(UINT8 link_role, BD_ADDR bd_addr, UINT8 status)
3344 {
3345     if (status == HCI_ERR_DIRECTED_ADVERTISING_TIMEOUT)
3346     {
3347         btm_cb.ble_ctr_cb.inq_var.adv_mode  = BTM_BLE_ADV_DISABLE;
3348         /* make device fall back into undirected adv mode by default */
3349         btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_CONNECT_EVT;
3350         /* clear all adv states */
3351         btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_ADV_MASK);
3352     }
3353 
3354     if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_CONNECTABLE)
3355     {
3356         btm_ble_set_connectability(btm_cb.btm_inq_vars.connectable_mode |
3357                                    btm_cb.ble_ctr_cb.inq_var.connectable_mode);
3358     }
3359 
3360     /* when no connection is attempted, and controller is not rejecting last request
3361        due to resource limitation, start next direct connection or background connection
3362        now in order */
3363     if (btm_ble_get_conn_st() == BLE_CONN_IDLE && status != HCI_ERR_HOST_REJECT_RESOURCES &&
3364         !btm_send_pending_direct_conn())
3365     {
3366          btm_ble_resume_bg_conn();
3367     }
3368 }
3369 
3370 /*******************************************************************************
3371 **
3372 ** Function         btm_ble_init
3373 **
3374 ** Description      Initialize the control block variable values.
3375 **
3376 ** Returns          void
3377 **
3378 *******************************************************************************/
btm_ble_init(void)3379 void btm_ble_init(void)
3380 {
3381     tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb;
3382 
3383     BTM_TRACE_DEBUG("%s", __func__);
3384 
3385     alarm_free(p_cb->observer_timer);
3386     alarm_free(p_cb->inq_var.fast_adv_timer);
3387     memset(p_cb, 0, sizeof(tBTM_BLE_CB));
3388     memset(&(btm_cb.cmn_ble_vsc_cb), 0 , sizeof(tBTM_BLE_VSC_CB));
3389     btm_cb.cmn_ble_vsc_cb.values_read = FALSE;
3390 
3391     p_cb->observer_timer = alarm_new("btm_ble.observer_timer");
3392     p_cb->cur_states       = 0;
3393     p_cb->conn_pending_q = fixed_queue_new(SIZE_MAX);
3394 
3395     p_cb->inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3396     p_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
3397     p_cb->inq_var.adv_chnl_map = BTM_BLE_DEFAULT_ADV_CHNL_MAP;
3398     p_cb->inq_var.afp = BTM_BLE_DEFAULT_AFP;
3399     p_cb->inq_var.sfp = BTM_BLE_DEFAULT_SFP;
3400     p_cb->inq_var.connectable_mode = BTM_BLE_NON_CONNECTABLE;
3401     p_cb->inq_var.discoverable_mode = BTM_BLE_NON_DISCOVERABLE;
3402     p_cb->inq_var.fast_adv_timer = alarm_new("btm_ble_inq.fast_adv_timer");
3403     p_cb->inq_var.inquiry_timer = alarm_new("btm_ble_inq.inquiry_timer");
3404 
3405     /* for background connection, reset connection params to be undefined */
3406     p_cb->scan_int = p_cb->scan_win = BTM_BLE_SCAN_PARAM_UNDEF;
3407 
3408     p_cb->inq_var.evt_type = BTM_BLE_NON_CONNECT_EVT;
3409 
3410     p_cb->addr_mgnt_cb.refresh_raddr_timer =
3411         alarm_new("btm_ble_addr.refresh_raddr_timer");
3412 
3413 #if BLE_VND_INCLUDED == FALSE
3414     btm_ble_adv_filter_init();
3415 #endif
3416 }
3417 
3418 /*******************************************************************************
3419 **
3420 ** Function         btm_ble_topology_check
3421 **
3422 ** Description      check to see requested state is supported. One state check at
3423 **                  a time is supported
3424 **
3425 ** Returns          TRUE is request is allowed, FALSE otherwise.
3426 **
3427 *******************************************************************************/
btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)3428 BOOLEAN btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)
3429 {
3430     BOOLEAN rt = FALSE;
3431 
3432     UINT8   state_offset = 0;
3433     UINT16  cur_states = btm_cb.ble_ctr_cb.cur_states;
3434     UINT8   mask, offset;
3435     UINT8   request_state = 0;
3436 
3437     /* check only one bit is set and within valid range */
3438     if (request_state_mask == BTM_BLE_STATE_INVALID ||
3439         request_state_mask > BTM_BLE_STATE_SCAN_ADV_BIT ||
3440         (request_state_mask & (request_state_mask -1 )) != 0)
3441     {
3442         BTM_TRACE_ERROR("illegal state requested: %d", request_state_mask);
3443         return rt;
3444     }
3445 
3446     while (request_state_mask)
3447     {
3448         request_state_mask >>= 1;
3449         request_state ++;
3450     }
3451 
3452     /* check if the requested state is supported or not */
3453     mask = btm_le_state_combo_tbl[0][request_state - 1][0];
3454     offset = btm_le_state_combo_tbl[0][request_state-1][1];
3455 
3456     const uint8_t *ble_supported_states = controller_get_interface()->get_ble_supported_states();
3457 
3458     if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, mask, offset))
3459     {
3460         BTM_TRACE_ERROR("state requested not supported: %d", request_state);
3461         return rt;
3462     }
3463 
3464     rt = TRUE;
3465     /* make sure currently active states are all supported in conjunction with the requested
3466        state. If the bit in table is not set, the combination is not supported */
3467     while (cur_states != 0)
3468     {
3469         if (cur_states & 0x01)
3470         {
3471             mask = btm_le_state_combo_tbl[request_state][state_offset][0];
3472             offset = btm_le_state_combo_tbl[request_state][state_offset][1];
3473 
3474             if (mask != 0 && offset != 0)
3475             {
3476                 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, mask, offset))
3477                 {
3478                     rt = FALSE;
3479                     break;
3480                 }
3481             }
3482         }
3483         cur_states >>= 1;
3484         state_offset ++;
3485     }
3486     return rt;
3487 }
3488 
3489 #endif  /* BLE_INCLUDED */
3490