1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions that interface with the HCI transport. On
22 * the receive side, it routes events to the appropriate handler, e.g.
23 * L2CAP, ScoMgr. On the transmit side, it manages the command
24 * transmission.
25 *
26 ******************************************************************************/
27
28 #define LOG_TAG "bt_btu_hcif"
29
30 #include <base/callback.h>
31 #include <base/location.h>
32 #include <base/logging.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <string.h>
36
37 #include "bt_common.h"
38 #include "bt_types.h"
39 #include "bt_utils.h"
40 #include "btm_api.h"
41 #include "btm_int.h"
42 #include "btu.h"
43 #include "device/include/controller.h"
44 #include "hci_layer.h"
45 #include "hcimsgs.h"
46 #include "l2c_int.h"
47 #include "osi/include/log.h"
48 #include "osi/include/osi.h"
49
50 using tracked_objects::Location;
51
52 // TODO(zachoverflow): remove this horrible hack
53 extern fixed_queue_t* btu_hci_msg_queue;
54
55 extern void btm_process_cancel_complete(uint8_t status, uint8_t mode);
56 extern void btm_ble_test_command_complete(uint8_t* p);
57
58 /******************************************************************************/
59 /* L O C A L F U N C T I O N P R O T O T Y P E S */
60 /******************************************************************************/
61 static void btu_hcif_inquiry_comp_evt(uint8_t* p);
62 static void btu_hcif_inquiry_result_evt(uint8_t* p);
63 static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p);
64 static void btu_hcif_extended_inquiry_result_evt(uint8_t* p);
65
66 static void btu_hcif_connection_comp_evt(uint8_t* p);
67 static void btu_hcif_connection_request_evt(uint8_t* p);
68 static void btu_hcif_disconnection_comp_evt(uint8_t* p);
69 static void btu_hcif_authentication_comp_evt(uint8_t* p);
70 static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len);
71 static void btu_hcif_encryption_change_evt(uint8_t* p);
72 static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p);
73 static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p);
74 static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p);
75 static void btu_hcif_qos_setup_comp_evt(uint8_t* p);
76 static void btu_hcif_command_complete_evt(BT_HDR* response, void* context);
77 static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
78 void* context);
79 static void btu_hcif_hardware_error_evt(uint8_t* p);
80 static void btu_hcif_flush_occured_evt(void);
81 static void btu_hcif_role_change_evt(uint8_t* p);
82 static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p);
83 static void btu_hcif_mode_change_evt(uint8_t* p);
84 static void btu_hcif_pin_code_request_evt(uint8_t* p);
85 static void btu_hcif_link_key_request_evt(uint8_t* p);
86 static void btu_hcif_link_key_notification_evt(uint8_t* p);
87 static void btu_hcif_loopback_command_evt(void);
88 static void btu_hcif_data_buf_overflow_evt(void);
89 static void btu_hcif_max_slots_changed_evt(void);
90 static void btu_hcif_read_clock_off_comp_evt(uint8_t* p);
91 static void btu_hcif_conn_pkt_type_change_evt(void);
92 static void btu_hcif_qos_violation_evt(uint8_t* p);
93 static void btu_hcif_page_scan_mode_change_evt(void);
94 static void btu_hcif_page_scan_rep_mode_chng_evt(void);
95 static void btu_hcif_esco_connection_comp_evt(uint8_t* p);
96 static void btu_hcif_esco_connection_chg_evt(uint8_t* p);
97
98 /* Simple Pairing Events */
99 static void btu_hcif_host_support_evt(uint8_t* p);
100 static void btu_hcif_io_cap_request_evt(uint8_t* p);
101 static void btu_hcif_io_cap_response_evt(uint8_t* p);
102 static void btu_hcif_user_conf_request_evt(uint8_t* p);
103 static void btu_hcif_user_passkey_request_evt(uint8_t* p);
104 static void btu_hcif_user_passkey_notif_evt(uint8_t* p);
105 static void btu_hcif_keypress_notif_evt(uint8_t* p);
106 static void btu_hcif_rem_oob_request_evt(uint8_t* p);
107
108 static void btu_hcif_simple_pair_complete_evt(uint8_t* p);
109 #if L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE
110 static void btu_hcif_enhanced_flush_complete_evt(void);
111 #endif
112
113 #if (BTM_SSR_INCLUDED == TRUE)
114 static void btu_hcif_ssr_evt(uint8_t* p, uint16_t evt_len);
115 #endif /* BTM_SSR_INCLUDED == TRUE */
116
117 static void btu_ble_ll_conn_complete_evt(uint8_t* p, uint16_t evt_len);
118 static void btu_ble_read_remote_feat_evt(uint8_t* p);
119 static void btu_ble_ll_conn_param_upd_evt(uint8_t* p, uint16_t evt_len);
120 static void btu_ble_proc_ltk_req(uint8_t* p);
121 static void btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t* p);
122 static void btu_ble_data_length_change_evt(uint8_t* p, uint16_t evt_len);
123 #if (BLE_LLT_INCLUDED == TRUE)
124 static void btu_ble_rc_param_req_evt(uint8_t* p);
125 #endif
126 #if (BLE_PRIVACY_SPT == TRUE)
127 static void btu_ble_proc_enhanced_conn_cmpl(uint8_t* p, uint16_t evt_len);
128 #endif
129
130 /*******************************************************************************
131 *
132 * Function btu_hcif_process_event
133 *
134 * Description This function is called when an event is received from
135 * the Host Controller.
136 *
137 * Returns void
138 *
139 ******************************************************************************/
btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id,BT_HDR * p_msg)140 void btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_msg) {
141 uint8_t* p = (uint8_t*)(p_msg + 1) + p_msg->offset;
142 uint8_t hci_evt_code, hci_evt_len;
143 uint8_t ble_sub_code;
144 STREAM_TO_UINT8(hci_evt_code, p);
145 STREAM_TO_UINT8(hci_evt_len, p);
146
147 switch (hci_evt_code) {
148 case HCI_INQUIRY_COMP_EVT:
149 btu_hcif_inquiry_comp_evt(p);
150 break;
151 case HCI_INQUIRY_RESULT_EVT:
152 btu_hcif_inquiry_result_evt(p);
153 break;
154 case HCI_INQUIRY_RSSI_RESULT_EVT:
155 btu_hcif_inquiry_rssi_result_evt(p);
156 break;
157 case HCI_EXTENDED_INQUIRY_RESULT_EVT:
158 btu_hcif_extended_inquiry_result_evt(p);
159 break;
160 case HCI_CONNECTION_COMP_EVT:
161 btu_hcif_connection_comp_evt(p);
162 break;
163 case HCI_CONNECTION_REQUEST_EVT:
164 btu_hcif_connection_request_evt(p);
165 break;
166 case HCI_DISCONNECTION_COMP_EVT:
167 btu_hcif_disconnection_comp_evt(p);
168 break;
169 case HCI_AUTHENTICATION_COMP_EVT:
170 btu_hcif_authentication_comp_evt(p);
171 break;
172 case HCI_RMT_NAME_REQUEST_COMP_EVT:
173 btu_hcif_rmt_name_request_comp_evt(p, hci_evt_len);
174 break;
175 case HCI_ENCRYPTION_CHANGE_EVT:
176 btu_hcif_encryption_change_evt(p);
177 break;
178 case HCI_ENCRYPTION_KEY_REFRESH_COMP_EVT:
179 btu_hcif_encryption_key_refresh_cmpl_evt(p);
180 break;
181 case HCI_READ_RMT_FEATURES_COMP_EVT:
182 btu_hcif_read_rmt_features_comp_evt(p);
183 break;
184 case HCI_READ_RMT_EXT_FEATURES_COMP_EVT:
185 btu_hcif_read_rmt_ext_features_comp_evt(p);
186 break;
187 case HCI_READ_RMT_VERSION_COMP_EVT:
188 btu_hcif_read_rmt_version_comp_evt(p);
189 break;
190 case HCI_QOS_SETUP_COMP_EVT:
191 btu_hcif_qos_setup_comp_evt(p);
192 break;
193 case HCI_COMMAND_COMPLETE_EVT:
194 LOG_ERROR(LOG_TAG,
195 "%s should not have received a command complete event. "
196 "Someone didn't go through the hci transmit_command function.",
197 __func__);
198 break;
199 case HCI_COMMAND_STATUS_EVT:
200 LOG_ERROR(LOG_TAG,
201 "%s should not have received a command status event. "
202 "Someone didn't go through the hci transmit_command function.",
203 __func__);
204 break;
205 case HCI_HARDWARE_ERROR_EVT:
206 btu_hcif_hardware_error_evt(p);
207 break;
208 case HCI_FLUSH_OCCURED_EVT:
209 btu_hcif_flush_occured_evt();
210 break;
211 case HCI_ROLE_CHANGE_EVT:
212 btu_hcif_role_change_evt(p);
213 break;
214 case HCI_NUM_COMPL_DATA_PKTS_EVT:
215 btu_hcif_num_compl_data_pkts_evt(p);
216 break;
217 case HCI_MODE_CHANGE_EVT:
218 btu_hcif_mode_change_evt(p);
219 break;
220 case HCI_PIN_CODE_REQUEST_EVT:
221 btu_hcif_pin_code_request_evt(p);
222 break;
223 case HCI_LINK_KEY_REQUEST_EVT:
224 btu_hcif_link_key_request_evt(p);
225 break;
226 case HCI_LINK_KEY_NOTIFICATION_EVT:
227 btu_hcif_link_key_notification_evt(p);
228 break;
229 case HCI_LOOPBACK_COMMAND_EVT:
230 btu_hcif_loopback_command_evt();
231 break;
232 case HCI_DATA_BUF_OVERFLOW_EVT:
233 btu_hcif_data_buf_overflow_evt();
234 break;
235 case HCI_MAX_SLOTS_CHANGED_EVT:
236 btu_hcif_max_slots_changed_evt();
237 break;
238 case HCI_READ_CLOCK_OFF_COMP_EVT:
239 btu_hcif_read_clock_off_comp_evt(p);
240 break;
241 case HCI_CONN_PKT_TYPE_CHANGE_EVT:
242 btu_hcif_conn_pkt_type_change_evt();
243 break;
244 case HCI_QOS_VIOLATION_EVT:
245 btu_hcif_qos_violation_evt(p);
246 break;
247 case HCI_PAGE_SCAN_MODE_CHANGE_EVT:
248 btu_hcif_page_scan_mode_change_evt();
249 break;
250 case HCI_PAGE_SCAN_REP_MODE_CHNG_EVT:
251 btu_hcif_page_scan_rep_mode_chng_evt();
252 break;
253 case HCI_ESCO_CONNECTION_COMP_EVT:
254 btu_hcif_esco_connection_comp_evt(p);
255 break;
256 case HCI_ESCO_CONNECTION_CHANGED_EVT:
257 btu_hcif_esco_connection_chg_evt(p);
258 break;
259 #if (BTM_SSR_INCLUDED == TRUE)
260 case HCI_SNIFF_SUB_RATE_EVT:
261 btu_hcif_ssr_evt(p, hci_evt_len);
262 break;
263 #endif /* BTM_SSR_INCLUDED == TRUE */
264 case HCI_RMT_HOST_SUP_FEAT_NOTIFY_EVT:
265 btu_hcif_host_support_evt(p);
266 break;
267 case HCI_IO_CAPABILITY_REQUEST_EVT:
268 btu_hcif_io_cap_request_evt(p);
269 break;
270 case HCI_IO_CAPABILITY_RESPONSE_EVT:
271 btu_hcif_io_cap_response_evt(p);
272 break;
273 case HCI_USER_CONFIRMATION_REQUEST_EVT:
274 btu_hcif_user_conf_request_evt(p);
275 break;
276 case HCI_USER_PASSKEY_REQUEST_EVT:
277 btu_hcif_user_passkey_request_evt(p);
278 break;
279 case HCI_REMOTE_OOB_DATA_REQUEST_EVT:
280 btu_hcif_rem_oob_request_evt(p);
281 break;
282 case HCI_SIMPLE_PAIRING_COMPLETE_EVT:
283 btu_hcif_simple_pair_complete_evt(p);
284 break;
285 case HCI_USER_PASSKEY_NOTIFY_EVT:
286 btu_hcif_user_passkey_notif_evt(p);
287 break;
288 case HCI_KEYPRESS_NOTIFY_EVT:
289 btu_hcif_keypress_notif_evt(p);
290 break;
291 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
292 case HCI_ENHANCED_FLUSH_COMPLETE_EVT:
293 btu_hcif_enhanced_flush_complete_evt();
294 break;
295 #endif
296
297 case HCI_BLE_EVENT: {
298 STREAM_TO_UINT8(ble_sub_code, p);
299
300 HCI_TRACE_EVENT("BLE HCI(id=%d) event = 0x%02x)", hci_evt_code,
301 ble_sub_code);
302
303 uint8_t ble_evt_len = hci_evt_len - 1;
304 switch (ble_sub_code) {
305 case HCI_BLE_ADV_PKT_RPT_EVT: /* result of inquiry */
306 HCI_TRACE_EVENT("HCI_BLE_ADV_PKT_RPT_EVT");
307 btm_ble_process_adv_pkt(ble_evt_len, p);
308 break;
309 case HCI_BLE_CONN_COMPLETE_EVT:
310 btu_ble_ll_conn_complete_evt(p, hci_evt_len);
311 break;
312 case HCI_BLE_LL_CONN_PARAM_UPD_EVT:
313 btu_ble_ll_conn_param_upd_evt(p, hci_evt_len);
314 break;
315 case HCI_BLE_READ_REMOTE_FEAT_CMPL_EVT:
316 btu_ble_read_remote_feat_evt(p);
317 break;
318 case HCI_BLE_LTK_REQ_EVT: /* received only at slave device */
319 btu_ble_proc_ltk_req(p);
320 break;
321 #if (BLE_PRIVACY_SPT == TRUE)
322 case HCI_BLE_ENHANCED_CONN_COMPLETE_EVT:
323 btu_ble_proc_enhanced_conn_cmpl(p, hci_evt_len);
324 break;
325 #endif
326 #if (BLE_LLT_INCLUDED == TRUE)
327 case HCI_BLE_RC_PARAM_REQ_EVT:
328 btu_ble_rc_param_req_evt(p);
329 break;
330 #endif
331 case HCI_BLE_DATA_LENGTH_CHANGE_EVT:
332 btu_ble_data_length_change_evt(p, hci_evt_len);
333 break;
334
335 case HCI_LE_PHY_UPDATE_COMPLETE_EVT:
336 btm_ble_process_phy_update_pkt(ble_evt_len, p);
337 break;
338
339 case HCI_LE_EXTENDED_ADVERTISING_REPORT_EVT:
340 btm_ble_process_ext_adv_pkt(hci_evt_len, p);
341 break;
342
343 case HCI_LE_ADVERTISING_SET_TERMINATED_EVT:
344 btm_le_on_advertising_set_terminated(p, hci_evt_len);
345 break;
346 }
347 break;
348 }
349
350 case HCI_VENDOR_SPECIFIC_EVT:
351 btm_vendor_specific_evt(p, hci_evt_len);
352 break;
353 }
354 }
355
356 /*******************************************************************************
357 *
358 * Function btu_hcif_send_cmd
359 *
360 * Description This function is called to send commands to the Host
361 * Controller.
362 *
363 * Returns void
364 *
365 ******************************************************************************/
btu_hcif_send_cmd(UNUSED_ATTR uint8_t controller_id,BT_HDR * p_buf)366 void btu_hcif_send_cmd(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_buf) {
367 if (!p_buf) return;
368
369 uint16_t opcode;
370 uint8_t* stream = p_buf->data + p_buf->offset;
371 void* vsc_callback = NULL;
372
373 STREAM_TO_UINT16(opcode, stream);
374
375 // Eww...horrible hackery here
376 /* If command was a VSC, then extract command_complete callback */
377 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC ||
378 (opcode == HCI_BLE_RAND) || (opcode == HCI_BLE_ENCRYPT)) {
379 vsc_callback = *((void**)(p_buf + 1));
380 }
381
382 hci_layer_get_interface()->transmit_command(
383 p_buf, btu_hcif_command_complete_evt, btu_hcif_command_status_evt,
384 vsc_callback);
385 }
386
387 using hci_cmd_cb = base::Callback<void(uint8_t* /* return_parameters */,
388 uint16_t /* return_parameters_length*/)>;
389
390 struct cmd_with_cb_data {
391 hci_cmd_cb cb;
392 Location posted_from;
393 };
394
cmd_with_cb_data_init(cmd_with_cb_data * cb_wrapper)395 void cmd_with_cb_data_init(cmd_with_cb_data* cb_wrapper) {
396 new (&cb_wrapper->cb) hci_cmd_cb;
397 new (&cb_wrapper->posted_from) Location;
398 }
399
cmd_with_cb_data_cleanup(cmd_with_cb_data * cb_wrapper)400 void cmd_with_cb_data_cleanup(cmd_with_cb_data* cb_wrapper) {
401 cb_wrapper->cb.~hci_cmd_cb();
402 cb_wrapper->posted_from.~Location();
403 }
404
btu_hcif_command_complete_evt_with_cb_on_task(BT_HDR * event)405 static void btu_hcif_command_complete_evt_with_cb_on_task(BT_HDR* event) {
406 command_complete_hack_t* hack = (command_complete_hack_t*)&event->data[0];
407
408 command_opcode_t opcode;
409 uint8_t* stream =
410 hack->response->data + hack->response->offset +
411 3; // 2 to skip the event headers, 1 to skip the command credits
412 STREAM_TO_UINT16(opcode, stream);
413
414 cmd_with_cb_data* cb_wrapper = (cmd_with_cb_data*)hack->context;
415 HCI_TRACE_DEBUG("command complete for: %s",
416 cb_wrapper->posted_from.ToString().c_str());
417 cb_wrapper->cb.Run(stream, hack->response->len - 5);
418 cmd_with_cb_data_cleanup(cb_wrapper);
419 osi_free(cb_wrapper);
420
421 osi_free(hack->response);
422 osi_free(event);
423 }
424
btu_hcif_command_complete_evt_with_cb(BT_HDR * response,void * context)425 static void btu_hcif_command_complete_evt_with_cb(BT_HDR* response,
426 void* context) {
427 BT_HDR* event = static_cast<BT_HDR*>(
428 osi_calloc(sizeof(BT_HDR) + sizeof(command_complete_hack_t)));
429 command_complete_hack_t* hack = (command_complete_hack_t*)&event->data[0];
430
431 hack->callback = btu_hcif_command_complete_evt_with_cb_on_task;
432 hack->response = response;
433 hack->context = context;
434 event->event = BTU_POST_TO_TASK_NO_GOOD_HORRIBLE_HACK;
435
436 fixed_queue_enqueue(btu_hci_msg_queue, event);
437 }
438
btu_hcif_command_status_evt_with_cb_on_task(BT_HDR * event)439 static void btu_hcif_command_status_evt_with_cb_on_task(BT_HDR* event) {
440 command_status_hack_t* hack = (command_status_hack_t*)&event->data[0];
441
442 command_opcode_t opcode;
443 uint8_t* stream = hack->command->data + hack->command->offset;
444 STREAM_TO_UINT16(opcode, stream);
445
446 CHECK(hack->status != 0);
447
448 // report command status error
449 cmd_with_cb_data* cb_wrapper = (cmd_with_cb_data*)hack->context;
450 HCI_TRACE_DEBUG("command status for: %s",
451 cb_wrapper->posted_from.ToString().c_str());
452 cb_wrapper->cb.Run(&hack->status, sizeof(uint16_t));
453 cmd_with_cb_data_cleanup(cb_wrapper);
454 osi_free(cb_wrapper);
455
456 osi_free(hack->command);
457 osi_free(event);
458 }
459
btu_hcif_command_status_evt_with_cb(uint8_t status,BT_HDR * command,void * context)460 static void btu_hcif_command_status_evt_with_cb(uint8_t status, BT_HDR* command,
461 void* context) {
462 // Command is pending, we report only error.
463 if (!status) {
464 osi_free(command);
465 return;
466 }
467
468 BT_HDR* event = static_cast<BT_HDR*>(
469 osi_calloc(sizeof(BT_HDR) + sizeof(command_status_hack_t)));
470 command_status_hack_t* hack = (command_status_hack_t*)&event->data[0];
471
472 hack->callback = btu_hcif_command_status_evt_with_cb_on_task;
473 hack->status = status;
474 hack->command = command;
475 hack->context = context;
476
477 event->event = BTU_POST_TO_TASK_NO_GOOD_HORRIBLE_HACK;
478
479 fixed_queue_enqueue(btu_hci_msg_queue, event);
480 }
481
482 /* This function is called to send commands to the Host Controller. |cb| is
483 * called when command status event is called with error code, or when the
484 * command complete event is received. */
btu_hcif_send_cmd_with_cb(const tracked_objects::Location & posted_from,uint16_t opcode,uint8_t * params,uint8_t params_len,hci_cmd_cb cb)485 void btu_hcif_send_cmd_with_cb(const tracked_objects::Location& posted_from,
486 uint16_t opcode, uint8_t* params,
487 uint8_t params_len, hci_cmd_cb cb) {
488 BT_HDR* p = (BT_HDR*)osi_malloc(HCI_CMD_BUF_SIZE);
489 uint8_t* pp = (uint8_t*)(p + 1);
490
491 p->len = HCIC_PREAMBLE_SIZE + params_len;
492 p->offset = 0;
493
494 UINT16_TO_STREAM(pp, opcode);
495 UINT8_TO_STREAM(pp, params_len);
496 if (params) {
497 memcpy(pp, params, params_len);
498 }
499
500 cmd_with_cb_data* cb_wrapper =
501 (cmd_with_cb_data*)osi_malloc(sizeof(cmd_with_cb_data));
502
503 cmd_with_cb_data_init(cb_wrapper);
504 cb_wrapper->cb = cb;
505 cb_wrapper->posted_from = posted_from;
506
507 hci_layer_get_interface()->transmit_command(
508 p, btu_hcif_command_complete_evt_with_cb,
509 btu_hcif_command_status_evt_with_cb, (void*)cb_wrapper);
510 }
511
512 /*******************************************************************************
513 *
514 * Function btu_hcif_inquiry_comp_evt
515 *
516 * Description Process event HCI_INQUIRY_COMP_EVT
517 *
518 * Returns void
519 *
520 ******************************************************************************/
btu_hcif_inquiry_comp_evt(uint8_t * p)521 static void btu_hcif_inquiry_comp_evt(uint8_t* p) {
522 uint8_t status;
523
524 STREAM_TO_UINT8(status, p);
525
526 /* Tell inquiry processing that we are done */
527 btm_process_inq_complete(status, BTM_BR_INQUIRY_MASK);
528 }
529
530 /*******************************************************************************
531 *
532 * Function btu_hcif_inquiry_result_evt
533 *
534 * Description Process event HCI_INQUIRY_RESULT_EVT
535 *
536 * Returns void
537 *
538 ******************************************************************************/
btu_hcif_inquiry_result_evt(uint8_t * p)539 static void btu_hcif_inquiry_result_evt(uint8_t* p) {
540 /* Store results in the cache */
541 btm_process_inq_results(p, BTM_INQ_RESULT_STANDARD);
542 }
543
544 /*******************************************************************************
545 *
546 * Function btu_hcif_inquiry_rssi_result_evt
547 *
548 * Description Process event HCI_INQUIRY_RSSI_RESULT_EVT
549 *
550 * Returns void
551 *
552 ******************************************************************************/
btu_hcif_inquiry_rssi_result_evt(uint8_t * p)553 static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p) {
554 /* Store results in the cache */
555 btm_process_inq_results(p, BTM_INQ_RESULT_WITH_RSSI);
556 }
557
558 /*******************************************************************************
559 *
560 * Function btu_hcif_extended_inquiry_result_evt
561 *
562 * Description Process event HCI_EXTENDED_INQUIRY_RESULT_EVT
563 *
564 * Returns void
565 *
566 ******************************************************************************/
btu_hcif_extended_inquiry_result_evt(uint8_t * p)567 static void btu_hcif_extended_inquiry_result_evt(uint8_t* p) {
568 /* Store results in the cache */
569 btm_process_inq_results(p, BTM_INQ_RESULT_EXTENDED);
570 }
571
572 /*******************************************************************************
573 *
574 * Function btu_hcif_connection_comp_evt
575 *
576 * Description Process event HCI_CONNECTION_COMP_EVT
577 *
578 * Returns void
579 *
580 ******************************************************************************/
btu_hcif_connection_comp_evt(uint8_t * p)581 static void btu_hcif_connection_comp_evt(uint8_t* p) {
582 uint8_t status;
583 uint16_t handle;
584 BD_ADDR bda;
585 uint8_t link_type;
586 uint8_t enc_mode;
587 #if (BTM_SCO_INCLUDED == TRUE)
588 tBTM_ESCO_DATA esco_data;
589 #endif
590
591 STREAM_TO_UINT8(status, p);
592 STREAM_TO_UINT16(handle, p);
593 STREAM_TO_BDADDR(bda, p);
594 STREAM_TO_UINT8(link_type, p);
595 STREAM_TO_UINT8(enc_mode, p);
596
597 handle = HCID_GET_HANDLE(handle);
598
599 if (link_type == HCI_LINK_TYPE_ACL) {
600 btm_sec_connected(bda, handle, status, enc_mode);
601
602 l2c_link_hci_conn_comp(status, handle, bda);
603 }
604 #if (BTM_SCO_INCLUDED == TRUE)
605 else {
606 memset(&esco_data, 0, sizeof(tBTM_ESCO_DATA));
607 /* esco_data.link_type = HCI_LINK_TYPE_SCO; already zero */
608 memcpy(esco_data.bd_addr, bda, BD_ADDR_LEN);
609 btm_sco_connected(status, bda, handle, &esco_data);
610 }
611 #endif /* BTM_SCO_INCLUDED */
612 }
613
614 /*******************************************************************************
615 *
616 * Function btu_hcif_connection_request_evt
617 *
618 * Description Process event HCI_CONNECTION_REQUEST_EVT
619 *
620 * Returns void
621 *
622 ******************************************************************************/
btu_hcif_connection_request_evt(uint8_t * p)623 static void btu_hcif_connection_request_evt(uint8_t* p) {
624 BD_ADDR bda;
625 DEV_CLASS dc;
626 uint8_t link_type;
627
628 STREAM_TO_BDADDR(bda, p);
629 STREAM_TO_DEVCLASS(dc, p);
630 STREAM_TO_UINT8(link_type, p);
631
632 /* Pass request to security manager to check connect filters before */
633 /* passing request to l2cap */
634 if (link_type == HCI_LINK_TYPE_ACL) {
635 btm_sec_conn_req(bda, dc);
636 }
637 #if (BTM_SCO_INCLUDED == TRUE)
638 else {
639 btm_sco_conn_req(bda, dc, link_type);
640 }
641 #endif /* BTM_SCO_INCLUDED */
642 }
643
644 /*******************************************************************************
645 *
646 * Function btu_hcif_disconnection_comp_evt
647 *
648 * Description Process event HCI_DISCONNECTION_COMP_EVT
649 *
650 * Returns void
651 *
652 ******************************************************************************/
btu_hcif_disconnection_comp_evt(uint8_t * p)653 static void btu_hcif_disconnection_comp_evt(uint8_t* p) {
654 uint16_t handle;
655 uint8_t reason;
656
657 ++p;
658 STREAM_TO_UINT16(handle, p);
659 STREAM_TO_UINT8(reason, p);
660
661 handle = HCID_GET_HANDLE(handle);
662
663 #if (BTM_SCO_INCLUDED == TRUE)
664 /* If L2CAP doesn't know about it, send it to SCO */
665 if (!l2c_link_hci_disc_comp(handle, reason)) btm_sco_removed(handle, reason);
666 #else
667 l2c_link_hci_disc_comp(handle, reason);
668 #endif /* BTM_SCO_INCLUDED */
669
670 /* Notify security manager */
671 btm_sec_disconnected(handle, reason);
672 }
673
674 /*******************************************************************************
675 *
676 * Function btu_hcif_authentication_comp_evt
677 *
678 * Description Process event HCI_AUTHENTICATION_COMP_EVT
679 *
680 * Returns void
681 *
682 ******************************************************************************/
btu_hcif_authentication_comp_evt(uint8_t * p)683 static void btu_hcif_authentication_comp_evt(uint8_t* p) {
684 uint8_t status;
685 uint16_t handle;
686
687 STREAM_TO_UINT8(status, p);
688 STREAM_TO_UINT16(handle, p);
689
690 btm_sec_auth_complete(handle, status);
691 }
692
693 /*******************************************************************************
694 *
695 * Function btu_hcif_rmt_name_request_comp_evt
696 *
697 * Description Process event HCI_RMT_NAME_REQUEST_COMP_EVT
698 *
699 * Returns void
700 *
701 ******************************************************************************/
btu_hcif_rmt_name_request_comp_evt(uint8_t * p,uint16_t evt_len)702 static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len) {
703 uint8_t status;
704 BD_ADDR bd_addr;
705
706 STREAM_TO_UINT8(status, p);
707 STREAM_TO_BDADDR(bd_addr, p);
708
709 evt_len -= (1 + BD_ADDR_LEN);
710
711 btm_process_remote_name(bd_addr, p, evt_len, status);
712
713 btm_sec_rmt_name_request_complete(bd_addr, p, status);
714 }
715
716 /*******************************************************************************
717 *
718 * Function btu_hcif_encryption_change_evt
719 *
720 * Description Process event HCI_ENCRYPTION_CHANGE_EVT
721 *
722 * Returns void
723 *
724 ******************************************************************************/
btu_hcif_encryption_change_evt(uint8_t * p)725 static void btu_hcif_encryption_change_evt(uint8_t* p) {
726 uint8_t status;
727 uint16_t handle;
728 uint8_t encr_enable;
729
730 STREAM_TO_UINT8(status, p);
731 STREAM_TO_UINT16(handle, p);
732 STREAM_TO_UINT8(encr_enable, p);
733
734 btm_acl_encrypt_change(handle, status, encr_enable);
735 btm_sec_encrypt_change(handle, status, encr_enable);
736 }
737
738 /*******************************************************************************
739 *
740 * Function btu_hcif_read_rmt_features_comp_evt
741 *
742 * Description Process event HCI_READ_RMT_FEATURES_COMP_EVT
743 *
744 * Returns void
745 *
746 ******************************************************************************/
btu_hcif_read_rmt_features_comp_evt(uint8_t * p)747 static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p) {
748 btm_read_remote_features_complete(p);
749 }
750
751 /*******************************************************************************
752 *
753 * Function btu_hcif_read_rmt_ext_features_comp_evt
754 *
755 * Description Process event HCI_READ_RMT_EXT_FEATURES_COMP_EVT
756 *
757 * Returns void
758 *
759 ******************************************************************************/
btu_hcif_read_rmt_ext_features_comp_evt(uint8_t * p)760 static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p) {
761 uint8_t* p_cur = p;
762 uint8_t status;
763 uint16_t handle;
764
765 STREAM_TO_UINT8(status, p_cur);
766
767 if (status == HCI_SUCCESS)
768 btm_read_remote_ext_features_complete(p);
769 else {
770 STREAM_TO_UINT16(handle, p_cur);
771 btm_read_remote_ext_features_failed(status, handle);
772 }
773 }
774
775 /*******************************************************************************
776 *
777 * Function btu_hcif_read_rmt_version_comp_evt
778 *
779 * Description Process event HCI_READ_RMT_VERSION_COMP_EVT
780 *
781 * Returns void
782 *
783 ******************************************************************************/
btu_hcif_read_rmt_version_comp_evt(uint8_t * p)784 static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p) {
785 btm_read_remote_version_complete(p);
786 }
787
788 /*******************************************************************************
789 *
790 * Function btu_hcif_qos_setup_comp_evt
791 *
792 * Description Process event HCI_QOS_SETUP_COMP_EVT
793 *
794 * Returns void
795 *
796 ******************************************************************************/
btu_hcif_qos_setup_comp_evt(uint8_t * p)797 static void btu_hcif_qos_setup_comp_evt(uint8_t* p) {
798 uint8_t status;
799 uint16_t handle;
800 FLOW_SPEC flow;
801
802 STREAM_TO_UINT8(status, p);
803 STREAM_TO_UINT16(handle, p);
804 STREAM_TO_UINT8(flow.qos_flags, p);
805 STREAM_TO_UINT8(flow.service_type, p);
806 STREAM_TO_UINT32(flow.token_rate, p);
807 STREAM_TO_UINT32(flow.peak_bandwidth, p);
808 STREAM_TO_UINT32(flow.latency, p);
809 STREAM_TO_UINT32(flow.delay_variation, p);
810
811 btm_qos_setup_complete(status, handle, &flow);
812 }
813
814 /*******************************************************************************
815 *
816 * Function btu_hcif_esco_connection_comp_evt
817 *
818 * Description Process event HCI_ESCO_CONNECTION_COMP_EVT
819 *
820 * Returns void
821 *
822 ******************************************************************************/
btu_hcif_esco_connection_comp_evt(uint8_t * p)823 static void btu_hcif_esco_connection_comp_evt(uint8_t* p) {
824 #if (BTM_SCO_INCLUDED == TRUE)
825 tBTM_ESCO_DATA data;
826 uint16_t handle;
827 BD_ADDR bda;
828 uint8_t status;
829
830 STREAM_TO_UINT8(status, p);
831 STREAM_TO_UINT16(handle, p);
832 STREAM_TO_BDADDR(bda, p);
833
834 STREAM_TO_UINT8(data.link_type, p);
835 STREAM_TO_UINT8(data.tx_interval, p);
836 STREAM_TO_UINT8(data.retrans_window, p);
837 STREAM_TO_UINT16(data.rx_pkt_len, p);
838 STREAM_TO_UINT16(data.tx_pkt_len, p);
839 STREAM_TO_UINT8(data.air_mode, p);
840
841 memcpy(data.bd_addr, bda, BD_ADDR_LEN);
842 btm_sco_connected(status, bda, handle, &data);
843 #endif
844 }
845
846 /*******************************************************************************
847 *
848 * Function btu_hcif_esco_connection_chg_evt
849 *
850 * Description Process event HCI_ESCO_CONNECTION_CHANGED_EVT
851 *
852 * Returns void
853 *
854 ******************************************************************************/
btu_hcif_esco_connection_chg_evt(uint8_t * p)855 static void btu_hcif_esco_connection_chg_evt(uint8_t* p) {
856 #if (BTM_SCO_INCLUDED == TRUE)
857 uint16_t handle;
858 uint16_t tx_pkt_len;
859 uint16_t rx_pkt_len;
860 uint8_t status;
861 uint8_t tx_interval;
862 uint8_t retrans_window;
863
864 STREAM_TO_UINT8(status, p);
865 STREAM_TO_UINT16(handle, p);
866
867 STREAM_TO_UINT8(tx_interval, p);
868 STREAM_TO_UINT8(retrans_window, p);
869 STREAM_TO_UINT16(rx_pkt_len, p);
870 STREAM_TO_UINT16(tx_pkt_len, p);
871
872 btm_esco_proc_conn_chg(status, handle, tx_interval, retrans_window,
873 rx_pkt_len, tx_pkt_len);
874 #endif
875 }
876
877 /*******************************************************************************
878 *
879 * Function btu_hcif_hdl_command_complete
880 *
881 * Description Handle command complete event
882 *
883 * Returns void
884 *
885 ******************************************************************************/
btu_hcif_hdl_command_complete(uint16_t opcode,uint8_t * p,uint16_t evt_len,void * p_cplt_cback)886 static void btu_hcif_hdl_command_complete(uint16_t opcode, uint8_t* p,
887 uint16_t evt_len,
888 void* p_cplt_cback) {
889 switch (opcode) {
890 case HCI_INQUIRY_CANCEL:
891 /* Tell inquiry processing that we are done */
892 btm_process_cancel_complete(HCI_SUCCESS, BTM_BR_INQUIRY_MASK);
893 break;
894 case HCI_SET_EVENT_FILTER:
895 btm_event_filter_complete(p);
896 break;
897
898 case HCI_DELETE_STORED_LINK_KEY:
899 btm_delete_stored_link_key_complete(p);
900 break;
901
902 case HCI_READ_LOCAL_NAME:
903 btm_read_local_name_complete(p, evt_len);
904 break;
905
906 case HCI_GET_LINK_QUALITY:
907 btm_read_link_quality_complete(p);
908 break;
909
910 case HCI_READ_RSSI:
911 btm_read_rssi_complete(p);
912 break;
913
914 case HCI_READ_TRANSMIT_POWER_LEVEL:
915 btm_read_tx_power_complete(p, false);
916 break;
917
918 case HCI_CREATE_CONNECTION_CANCEL:
919 btm_create_conn_cancel_complete(p);
920 break;
921
922 case HCI_READ_LOCAL_OOB_DATA:
923 btm_read_local_oob_complete(p);
924 break;
925
926 case HCI_READ_INQ_TX_POWER_LEVEL:
927 btm_read_inq_tx_power_complete(p);
928 break;
929
930 /* BLE Commands sComplete*/
931 case HCI_BLE_ADD_WHITE_LIST:
932 btm_ble_add_2_white_list_complete(*p);
933 break;
934
935 case HCI_BLE_CLEAR_WHITE_LIST:
936 btm_ble_clear_white_list_complete(p, evt_len);
937 break;
938
939 case HCI_BLE_REMOVE_WHITE_LIST:
940 btm_ble_remove_from_white_list_complete(p, evt_len);
941 break;
942
943 case HCI_BLE_RAND:
944 case HCI_BLE_ENCRYPT:
945 btm_ble_rand_enc_complete(p, opcode, (tBTM_RAND_ENC_CB*)p_cplt_cback);
946 break;
947
948 case HCI_BLE_READ_ADV_CHNL_TX_POWER:
949 btm_read_tx_power_complete(p, true);
950 break;
951
952 case HCI_BLE_WRITE_ADV_ENABLE:
953 btm_ble_write_adv_enable_complete(p);
954 break;
955
956 case HCI_BLE_CREATE_LL_CONN:
957 btm_ble_create_ll_conn_complete(*p);
958 break;
959
960 case HCI_BLE_TRANSMITTER_TEST:
961 case HCI_BLE_RECEIVER_TEST:
962 case HCI_BLE_TEST_END:
963 btm_ble_test_command_complete(p);
964 break;
965
966 #if (BLE_PRIVACY_SPT == TRUE)
967 case HCI_BLE_ADD_DEV_RESOLVING_LIST:
968 btm_ble_add_resolving_list_entry_complete(p, evt_len);
969 break;
970
971 case HCI_BLE_RM_DEV_RESOLVING_LIST:
972 btm_ble_remove_resolving_list_entry_complete(p, evt_len);
973 break;
974
975 case HCI_BLE_CLEAR_RESOLVING_LIST:
976 btm_ble_clear_resolving_list_complete(p, evt_len);
977 break;
978
979 case HCI_BLE_READ_RESOLVABLE_ADDR_PEER:
980 btm_ble_read_resolving_list_entry_complete(p, evt_len);
981 break;
982
983 case HCI_BLE_READ_RESOLVABLE_ADDR_LOCAL:
984 case HCI_BLE_SET_ADDR_RESOLUTION_ENABLE:
985 case HCI_BLE_SET_RAND_PRIV_ADDR_TIMOUT:
986 break;
987 #endif
988 default:
989 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
990 btm_vsc_complete(p, opcode, evt_len, (tBTM_CMPL_CB*)p_cplt_cback);
991 break;
992 }
993 }
994
995 /*******************************************************************************
996 *
997 * Function btu_hcif_command_complete_evt
998 *
999 * Description Process event HCI_COMMAND_COMPLETE_EVT
1000 *
1001 * Returns void
1002 *
1003 ******************************************************************************/
btu_hcif_command_complete_evt_on_task(BT_HDR * event)1004 static void btu_hcif_command_complete_evt_on_task(BT_HDR* event) {
1005 command_complete_hack_t* hack = (command_complete_hack_t*)&event->data[0];
1006
1007 command_opcode_t opcode;
1008 uint8_t* stream =
1009 hack->response->data + hack->response->offset +
1010 3; // 2 to skip the event headers, 1 to skip the command credits
1011 STREAM_TO_UINT16(opcode, stream);
1012
1013 btu_hcif_hdl_command_complete(
1014 opcode, stream,
1015 hack->response->len -
1016 5, // 3 for the command complete headers, 2 for the event headers
1017 hack->context);
1018
1019 osi_free(hack->response);
1020 osi_free(event);
1021 }
1022
btu_hcif_command_complete_evt(BT_HDR * response,void * context)1023 static void btu_hcif_command_complete_evt(BT_HDR* response, void* context) {
1024 BT_HDR* event = static_cast<BT_HDR*>(
1025 osi_calloc(sizeof(BT_HDR) + sizeof(command_complete_hack_t)));
1026 command_complete_hack_t* hack = (command_complete_hack_t*)&event->data[0];
1027
1028 hack->callback = btu_hcif_command_complete_evt_on_task;
1029 hack->response = response;
1030 hack->context = context;
1031
1032 event->event = BTU_POST_TO_TASK_NO_GOOD_HORRIBLE_HACK;
1033
1034 fixed_queue_enqueue(btu_hci_msg_queue, event);
1035 }
1036
1037 /*******************************************************************************
1038 *
1039 * Function btu_hcif_hdl_command_status
1040 *
1041 * Description Handle a command status event
1042 *
1043 * Returns void
1044 *
1045 ******************************************************************************/
btu_hcif_hdl_command_status(uint16_t opcode,uint8_t status,uint8_t * p_cmd,void * p_vsc_status_cback)1046 static void btu_hcif_hdl_command_status(uint16_t opcode, uint8_t status,
1047 uint8_t* p_cmd,
1048 void* p_vsc_status_cback) {
1049 BD_ADDR bd_addr;
1050 uint16_t handle;
1051 #if (BTM_SCO_INCLUDED == TRUE)
1052 tBTM_ESCO_DATA esco_data;
1053 #endif
1054
1055 switch (opcode) {
1056 case HCI_EXIT_SNIFF_MODE:
1057 case HCI_EXIT_PARK_MODE:
1058 #if (BTM_SCO_WAKE_PARKED_LINK == TRUE)
1059 if (status != HCI_SUCCESS) {
1060 /* Allow SCO initiation to continue if waiting for change mode event */
1061 if (p_cmd != NULL) {
1062 p_cmd++; /* bypass length field */
1063 STREAM_TO_UINT16(handle, p_cmd);
1064 btm_sco_chk_pend_unpark(status, handle);
1065 }
1066 }
1067 #endif
1068 /* Case Falls Through */
1069
1070 case HCI_HOLD_MODE:
1071 case HCI_SNIFF_MODE:
1072 case HCI_PARK_MODE:
1073 btm_pm_proc_cmd_status(status);
1074 break;
1075
1076 default:
1077 /* If command failed to start, we may need to tell BTM */
1078 if (status != HCI_SUCCESS) {
1079 switch (opcode) {
1080 case HCI_INQUIRY:
1081 /* Tell inquiry processing that we are done */
1082 btm_process_inq_complete(status, BTM_BR_INQUIRY_MASK);
1083 break;
1084
1085 case HCI_RMT_NAME_REQUEST:
1086 /* Tell inquiry processing that we are done */
1087 btm_process_remote_name(NULL, NULL, 0, status);
1088
1089 btm_sec_rmt_name_request_complete(NULL, NULL, status);
1090 break;
1091
1092 case HCI_QOS_SETUP_COMP_EVT:
1093 /* Tell qos setup that we are done */
1094 btm_qos_setup_complete(status, 0, NULL);
1095 break;
1096
1097 case HCI_SWITCH_ROLE:
1098 /* Tell BTM that the command failed */
1099 /* read bd addr out of stored command */
1100 if (p_cmd != NULL) {
1101 p_cmd++;
1102 STREAM_TO_BDADDR(bd_addr, p_cmd);
1103 btm_acl_role_changed(status, bd_addr, BTM_ROLE_UNDEFINED);
1104 } else
1105 btm_acl_role_changed(status, NULL, BTM_ROLE_UNDEFINED);
1106 l2c_link_role_changed(NULL, BTM_ROLE_UNDEFINED,
1107 HCI_ERR_COMMAND_DISALLOWED);
1108 break;
1109
1110 case HCI_CREATE_CONNECTION:
1111 /* read bd addr out of stored command */
1112 if (p_cmd != NULL) {
1113 p_cmd++;
1114 STREAM_TO_BDADDR(bd_addr, p_cmd);
1115 btm_sec_connected(bd_addr, HCI_INVALID_HANDLE, status, 0);
1116 l2c_link_hci_conn_comp(status, HCI_INVALID_HANDLE, bd_addr);
1117 }
1118 break;
1119
1120 case HCI_READ_RMT_EXT_FEATURES:
1121 if (p_cmd != NULL) {
1122 p_cmd++; /* skip command length */
1123 STREAM_TO_UINT16(handle, p_cmd);
1124 } else
1125 handle = HCI_INVALID_HANDLE;
1126
1127 btm_read_remote_ext_features_failed(status, handle);
1128 break;
1129
1130 case HCI_AUTHENTICATION_REQUESTED:
1131 /* Device refused to start authentication. That should be treated
1132 * as authentication failure. */
1133 btm_sec_auth_complete(BTM_INVALID_HCI_HANDLE, status);
1134 break;
1135
1136 case HCI_SET_CONN_ENCRYPTION:
1137 /* Device refused to start encryption. That should be treated as
1138 * encryption failure. */
1139 btm_sec_encrypt_change(BTM_INVALID_HCI_HANDLE, status, false);
1140 break;
1141
1142 case HCI_BLE_CREATE_LL_CONN:
1143 btm_ble_create_ll_conn_complete(status);
1144 break;
1145
1146 #if (BTM_SCO_INCLUDED == TRUE)
1147 case HCI_SETUP_ESCO_CONNECTION:
1148 case HCI_ENH_SETUP_ESCO_CONNECTION:
1149 /* read handle out of stored command */
1150 if (p_cmd != NULL) {
1151 p_cmd++;
1152 STREAM_TO_UINT16(handle, p_cmd);
1153
1154 /* Determine if initial connection failed or is a change
1155 * of setup */
1156 if (btm_is_sco_active(handle))
1157 btm_esco_proc_conn_chg(status, handle, 0, 0, 0, 0);
1158 else
1159 btm_sco_connected(status, NULL, handle, &esco_data);
1160 }
1161 break;
1162 #endif
1163
1164 /* This is commented out until an upper layer cares about returning
1165 event
1166 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
1167 case HCI_ENHANCED_FLUSH:
1168 break;
1169 #endif
1170 */
1171 default:
1172 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
1173 btm_vsc_complete(&status, opcode, 1,
1174 (tBTM_CMPL_CB*)p_vsc_status_cback);
1175 break;
1176 }
1177
1178 } else {
1179 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
1180 btm_vsc_complete(&status, opcode, 1,
1181 (tBTM_CMPL_CB*)p_vsc_status_cback);
1182 }
1183 }
1184 }
1185
1186 /*******************************************************************************
1187 *
1188 * Function btu_hcif_command_status_evt
1189 *
1190 * Description Process event HCI_COMMAND_STATUS_EVT
1191 *
1192 * Returns void
1193 *
1194 ******************************************************************************/
btu_hcif_command_status_evt_on_task(BT_HDR * event)1195 static void btu_hcif_command_status_evt_on_task(BT_HDR* event) {
1196 command_status_hack_t* hack = (command_status_hack_t*)&event->data[0];
1197
1198 command_opcode_t opcode;
1199 uint8_t* stream = hack->command->data + hack->command->offset;
1200 STREAM_TO_UINT16(opcode, stream);
1201
1202 btu_hcif_hdl_command_status(opcode, hack->status, stream, hack->context);
1203
1204 osi_free(hack->command);
1205 osi_free(event);
1206 }
1207
btu_hcif_command_status_evt(uint8_t status,BT_HDR * command,void * context)1208 static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
1209 void* context) {
1210 BT_HDR* event = static_cast<BT_HDR*>(
1211 osi_calloc(sizeof(BT_HDR) + sizeof(command_status_hack_t)));
1212 command_status_hack_t* hack = (command_status_hack_t*)&event->data[0];
1213
1214 hack->callback = btu_hcif_command_status_evt_on_task;
1215 hack->status = status;
1216 hack->command = command;
1217 hack->context = context;
1218
1219 event->event = BTU_POST_TO_TASK_NO_GOOD_HORRIBLE_HACK;
1220
1221 fixed_queue_enqueue(btu_hci_msg_queue, event);
1222 }
1223
1224 /*******************************************************************************
1225 *
1226 * Function btu_hcif_hardware_error_evt
1227 *
1228 * Description Process event HCI_HARDWARE_ERROR_EVT
1229 *
1230 * Returns void
1231 *
1232 ******************************************************************************/
btu_hcif_hardware_error_evt(uint8_t * p)1233 static void btu_hcif_hardware_error_evt(uint8_t* p) {
1234 HCI_TRACE_ERROR("Ctlr H/w error event - code:0x%x", *p);
1235
1236 /* If anyone wants device status notifications, give him one. */
1237 btm_report_device_status(BTM_DEV_STATUS_DOWN);
1238
1239 /* Reset the controller */
1240 if (BTM_IsDeviceUp()) BTM_DeviceReset(NULL);
1241 }
1242
1243 /*******************************************************************************
1244 *
1245 * Function btu_hcif_flush_occured_evt
1246 *
1247 * Description Process event HCI_FLUSH_OCCURED_EVT
1248 *
1249 * Returns void
1250 *
1251 ******************************************************************************/
btu_hcif_flush_occured_evt(void)1252 static void btu_hcif_flush_occured_evt(void) {}
1253
1254 /*******************************************************************************
1255 *
1256 * Function btu_hcif_role_change_evt
1257 *
1258 * Description Process event HCI_ROLE_CHANGE_EVT
1259 *
1260 * Returns void
1261 *
1262 ******************************************************************************/
btu_hcif_role_change_evt(uint8_t * p)1263 static void btu_hcif_role_change_evt(uint8_t* p) {
1264 uint8_t status;
1265 BD_ADDR bda;
1266 uint8_t role;
1267
1268 STREAM_TO_UINT8(status, p);
1269 STREAM_TO_BDADDR(bda, p);
1270 STREAM_TO_UINT8(role, p);
1271
1272 l2c_link_role_changed(bda, role, status);
1273 btm_acl_role_changed(status, bda, role);
1274 }
1275
1276 /*******************************************************************************
1277 *
1278 * Function btu_hcif_num_compl_data_pkts_evt
1279 *
1280 * Description Process event HCI_NUM_COMPL_DATA_PKTS_EVT
1281 *
1282 * Returns void
1283 *
1284 ******************************************************************************/
btu_hcif_num_compl_data_pkts_evt(uint8_t * p)1285 static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p) {
1286 /* Process for L2CAP and SCO */
1287 l2c_link_process_num_completed_pkts(p);
1288
1289 /* Send on to SCO */
1290 /*?? No SCO for now */
1291 }
1292
1293 /*******************************************************************************
1294 *
1295 * Function btu_hcif_mode_change_evt
1296 *
1297 * Description Process event HCI_MODE_CHANGE_EVT
1298 *
1299 * Returns void
1300 *
1301 ******************************************************************************/
btu_hcif_mode_change_evt(uint8_t * p)1302 static void btu_hcif_mode_change_evt(uint8_t* p) {
1303 uint8_t status;
1304 uint16_t handle;
1305 uint8_t current_mode;
1306 uint16_t interval;
1307
1308 STREAM_TO_UINT8(status, p);
1309
1310 STREAM_TO_UINT16(handle, p);
1311 STREAM_TO_UINT8(current_mode, p);
1312 STREAM_TO_UINT16(interval, p);
1313 #if (BTM_SCO_WAKE_PARKED_LINK == TRUE)
1314 btm_sco_chk_pend_unpark(status, handle);
1315 #endif
1316 btm_pm_proc_mode_change(status, handle, current_mode, interval);
1317
1318 #if (HID_DEV_INCLUDED == TRUE && HID_DEV_PM_INCLUDED == TRUE)
1319 hidd_pm_proc_mode_change(status, current_mode, interval);
1320 #endif
1321 }
1322
1323 /*******************************************************************************
1324 *
1325 * Function btu_hcif_ssr_evt
1326 *
1327 * Description Process event HCI_SNIFF_SUB_RATE_EVT
1328 *
1329 * Returns void
1330 *
1331 ******************************************************************************/
1332 #if (BTM_SSR_INCLUDED == TRUE)
btu_hcif_ssr_evt(uint8_t * p,uint16_t evt_len)1333 static void btu_hcif_ssr_evt(uint8_t* p, uint16_t evt_len) {
1334 btm_pm_proc_ssr_evt(p, evt_len);
1335 }
1336 #endif
1337
1338 /*******************************************************************************
1339 *
1340 * Function btu_hcif_pin_code_request_evt
1341 *
1342 * Description Process event HCI_PIN_CODE_REQUEST_EVT
1343 *
1344 * Returns void
1345 *
1346 ******************************************************************************/
btu_hcif_pin_code_request_evt(uint8_t * p)1347 static void btu_hcif_pin_code_request_evt(uint8_t* p) {
1348 BD_ADDR bda;
1349
1350 STREAM_TO_BDADDR(bda, p);
1351
1352 /* Tell L2CAP that there was a PIN code request, */
1353 /* it may need to stretch timeouts */
1354 l2c_pin_code_request(bda);
1355
1356 btm_sec_pin_code_request(bda);
1357 }
1358
1359 /*******************************************************************************
1360 *
1361 * Function btu_hcif_link_key_request_evt
1362 *
1363 * Description Process event HCI_LINK_KEY_REQUEST_EVT
1364 *
1365 * Returns void
1366 *
1367 ******************************************************************************/
btu_hcif_link_key_request_evt(uint8_t * p)1368 static void btu_hcif_link_key_request_evt(uint8_t* p) {
1369 BD_ADDR bda;
1370
1371 STREAM_TO_BDADDR(bda, p);
1372 btm_sec_link_key_request(bda);
1373 }
1374
1375 /*******************************************************************************
1376 *
1377 * Function btu_hcif_link_key_notification_evt
1378 *
1379 * Description Process event HCI_LINK_KEY_NOTIFICATION_EVT
1380 *
1381 * Returns void
1382 *
1383 ******************************************************************************/
btu_hcif_link_key_notification_evt(uint8_t * p)1384 static void btu_hcif_link_key_notification_evt(uint8_t* p) {
1385 BD_ADDR bda;
1386 LINK_KEY key;
1387 uint8_t key_type;
1388
1389 STREAM_TO_BDADDR(bda, p);
1390 STREAM_TO_ARRAY16(key, p);
1391 STREAM_TO_UINT8(key_type, p);
1392
1393 btm_sec_link_key_notification(bda, key, key_type);
1394 }
1395
1396 /*******************************************************************************
1397 *
1398 * Function btu_hcif_loopback_command_evt
1399 *
1400 * Description Process event HCI_LOOPBACK_COMMAND_EVT
1401 *
1402 * Returns void
1403 *
1404 ******************************************************************************/
btu_hcif_loopback_command_evt(void)1405 static void btu_hcif_loopback_command_evt(void) {}
1406
1407 /*******************************************************************************
1408 *
1409 * Function btu_hcif_data_buf_overflow_evt
1410 *
1411 * Description Process event HCI_DATA_BUF_OVERFLOW_EVT
1412 *
1413 * Returns void
1414 *
1415 ******************************************************************************/
btu_hcif_data_buf_overflow_evt(void)1416 static void btu_hcif_data_buf_overflow_evt(void) {}
1417
1418 /*******************************************************************************
1419 *
1420 * Function btu_hcif_max_slots_changed_evt
1421 *
1422 * Description Process event HCI_MAX_SLOTS_CHANGED_EVT
1423 *
1424 * Returns void
1425 *
1426 ******************************************************************************/
btu_hcif_max_slots_changed_evt(void)1427 static void btu_hcif_max_slots_changed_evt(void) {}
1428
1429 /*******************************************************************************
1430 *
1431 * Function btu_hcif_read_clock_off_comp_evt
1432 *
1433 * Description Process event HCI_READ_CLOCK_OFF_COMP_EVT
1434 *
1435 * Returns void
1436 *
1437 ******************************************************************************/
btu_hcif_read_clock_off_comp_evt(uint8_t * p)1438 static void btu_hcif_read_clock_off_comp_evt(uint8_t* p) {
1439 uint8_t status;
1440 uint16_t handle;
1441 uint16_t clock_offset;
1442
1443 STREAM_TO_UINT8(status, p);
1444
1445 /* If failed to get clock offset just drop the result */
1446 if (status != HCI_SUCCESS) return;
1447
1448 STREAM_TO_UINT16(handle, p);
1449 STREAM_TO_UINT16(clock_offset, p);
1450
1451 handle = HCID_GET_HANDLE(handle);
1452
1453 btm_process_clk_off_comp_evt(handle, clock_offset);
1454 btm_sec_update_clock_offset(handle, clock_offset);
1455 }
1456
1457 /*******************************************************************************
1458 *
1459 * Function btu_hcif_conn_pkt_type_change_evt
1460 *
1461 * Description Process event HCI_CONN_PKT_TYPE_CHANGE_EVT
1462 *
1463 * Returns void
1464 *
1465 ******************************************************************************/
btu_hcif_conn_pkt_type_change_evt(void)1466 static void btu_hcif_conn_pkt_type_change_evt(void) {}
1467
1468 /*******************************************************************************
1469 *
1470 * Function btu_hcif_qos_violation_evt
1471 *
1472 * Description Process event HCI_QOS_VIOLATION_EVT
1473 *
1474 * Returns void
1475 *
1476 ******************************************************************************/
btu_hcif_qos_violation_evt(uint8_t * p)1477 static void btu_hcif_qos_violation_evt(uint8_t* p) {
1478 uint16_t handle;
1479
1480 STREAM_TO_UINT16(handle, p);
1481
1482 handle = HCID_GET_HANDLE(handle);
1483
1484 l2c_link_hci_qos_violation(handle);
1485 }
1486
1487 /*******************************************************************************
1488 *
1489 * Function btu_hcif_page_scan_mode_change_evt
1490 *
1491 * Description Process event HCI_PAGE_SCAN_MODE_CHANGE_EVT
1492 *
1493 * Returns void
1494 *
1495 ******************************************************************************/
btu_hcif_page_scan_mode_change_evt(void)1496 static void btu_hcif_page_scan_mode_change_evt(void) {}
1497
1498 /*******************************************************************************
1499 *
1500 * Function btu_hcif_page_scan_rep_mode_chng_evt
1501 *
1502 * Description Process event HCI_PAGE_SCAN_REP_MODE_CHNG_EVT
1503 *
1504 * Returns void
1505 *
1506 ******************************************************************************/
btu_hcif_page_scan_rep_mode_chng_evt(void)1507 static void btu_hcif_page_scan_rep_mode_chng_evt(void) {}
1508
1509 /**********************************************
1510 * Simple Pairing Events
1511 **********************************************/
1512
1513 /*******************************************************************************
1514 *
1515 * Function btu_hcif_host_support_evt
1516 *
1517 * Description Process event HCI_RMT_HOST_SUP_FEAT_NOTIFY_EVT
1518 *
1519 * Returns void
1520 *
1521 ******************************************************************************/
btu_hcif_host_support_evt(uint8_t * p)1522 static void btu_hcif_host_support_evt(uint8_t* p) {
1523 btm_sec_rmt_host_support_feat_evt(p);
1524 }
1525
1526 /*******************************************************************************
1527 *
1528 * Function btu_hcif_io_cap_request_evt
1529 *
1530 * Description Process event HCI_IO_CAPABILITY_REQUEST_EVT
1531 *
1532 * Returns void
1533 *
1534 ******************************************************************************/
btu_hcif_io_cap_request_evt(uint8_t * p)1535 static void btu_hcif_io_cap_request_evt(uint8_t* p) {
1536 btm_io_capabilities_req(p);
1537 }
1538
1539 /*******************************************************************************
1540 *
1541 * Function btu_hcif_io_cap_response_evt
1542 *
1543 * Description Process event HCI_IO_CAPABILITY_RESPONSE_EVT
1544 *
1545 * Returns void
1546 *
1547 ******************************************************************************/
btu_hcif_io_cap_response_evt(uint8_t * p)1548 static void btu_hcif_io_cap_response_evt(uint8_t* p) {
1549 btm_io_capabilities_rsp(p);
1550 }
1551
1552 /*******************************************************************************
1553 *
1554 * Function btu_hcif_user_conf_request_evt
1555 *
1556 * Description Process event HCI_USER_CONFIRMATION_REQUEST_EVT
1557 *
1558 * Returns void
1559 *
1560 ******************************************************************************/
btu_hcif_user_conf_request_evt(uint8_t * p)1561 static void btu_hcif_user_conf_request_evt(uint8_t* p) {
1562 btm_proc_sp_req_evt(BTM_SP_CFM_REQ_EVT, p);
1563 }
1564
1565 /*******************************************************************************
1566 *
1567 * Function btu_hcif_user_passkey_request_evt
1568 *
1569 * Description Process event HCI_USER_PASSKEY_REQUEST_EVT
1570 *
1571 * Returns void
1572 *
1573 ******************************************************************************/
btu_hcif_user_passkey_request_evt(uint8_t * p)1574 static void btu_hcif_user_passkey_request_evt(uint8_t* p) {
1575 btm_proc_sp_req_evt(BTM_SP_KEY_REQ_EVT, p);
1576 }
1577
1578 /*******************************************************************************
1579 *
1580 * Function btu_hcif_user_passkey_notif_evt
1581 *
1582 * Description Process event HCI_USER_PASSKEY_NOTIFY_EVT
1583 *
1584 * Returns void
1585 *
1586 ******************************************************************************/
btu_hcif_user_passkey_notif_evt(uint8_t * p)1587 static void btu_hcif_user_passkey_notif_evt(uint8_t* p) {
1588 btm_proc_sp_req_evt(BTM_SP_KEY_NOTIF_EVT, p);
1589 }
1590
1591 /*******************************************************************************
1592 *
1593 * Function btu_hcif_keypress_notif_evt
1594 *
1595 * Description Process event HCI_KEYPRESS_NOTIFY_EVT
1596 *
1597 * Returns void
1598 *
1599 ******************************************************************************/
btu_hcif_keypress_notif_evt(uint8_t * p)1600 static void btu_hcif_keypress_notif_evt(uint8_t* p) {
1601 btm_keypress_notif_evt(p);
1602 }
1603
1604 /*******************************************************************************
1605 *
1606 * Function btu_hcif_rem_oob_request_evt
1607 *
1608 * Description Process event HCI_REMOTE_OOB_DATA_REQUEST_EVT
1609 *
1610 * Returns void
1611 *
1612 ******************************************************************************/
btu_hcif_rem_oob_request_evt(uint8_t * p)1613 static void btu_hcif_rem_oob_request_evt(uint8_t* p) { btm_rem_oob_req(p); }
1614
1615 /*******************************************************************************
1616 *
1617 * Function btu_hcif_simple_pair_complete_evt
1618 *
1619 * Description Process event HCI_SIMPLE_PAIRING_COMPLETE_EVT
1620 *
1621 * Returns void
1622 *
1623 ******************************************************************************/
btu_hcif_simple_pair_complete_evt(uint8_t * p)1624 static void btu_hcif_simple_pair_complete_evt(uint8_t* p) {
1625 btm_simple_pair_complete(p);
1626 }
1627
1628 /*******************************************************************************
1629 *
1630 * Function btu_hcif_enhanced_flush_complete_evt
1631 *
1632 * Description Process event HCI_ENHANCED_FLUSH_COMPLETE_EVT
1633 *
1634 * Returns void
1635 *
1636 ******************************************************************************/
1637 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
btu_hcif_enhanced_flush_complete_evt(void)1638 static void btu_hcif_enhanced_flush_complete_evt(void) {
1639 /* This is empty until an upper layer cares about returning event */
1640 }
1641 #endif
1642 /**********************************************
1643 * End of Simple Pairing Events
1644 **********************************************/
1645
1646 /**********************************************
1647 * BLE Events
1648 **********************************************/
btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t * p)1649 static void btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t* p) {
1650 uint8_t status;
1651 uint8_t enc_enable = 0;
1652 uint16_t handle;
1653
1654 STREAM_TO_UINT8(status, p);
1655 STREAM_TO_UINT16(handle, p);
1656
1657 if (status == HCI_SUCCESS) enc_enable = 1;
1658
1659 btm_sec_encrypt_change(handle, status, enc_enable);
1660 }
1661
btu_ble_ll_conn_complete_evt(uint8_t * p,uint16_t evt_len)1662 static void btu_ble_ll_conn_complete_evt(uint8_t* p, uint16_t evt_len) {
1663 btm_ble_conn_complete(p, evt_len, false);
1664 }
1665 #if (BLE_PRIVACY_SPT == TRUE)
btu_ble_proc_enhanced_conn_cmpl(uint8_t * p,uint16_t evt_len)1666 static void btu_ble_proc_enhanced_conn_cmpl(uint8_t* p, uint16_t evt_len) {
1667 btm_ble_conn_complete(p, evt_len, true);
1668 }
1669 #endif
1670
1671 extern void gatt_notify_conn_update(uint16_t handle, uint16_t interval,
1672 uint16_t latency, uint16_t timeout,
1673 uint8_t status);
1674
btu_ble_ll_conn_param_upd_evt(uint8_t * p,uint16_t evt_len)1675 static void btu_ble_ll_conn_param_upd_evt(uint8_t* p, uint16_t evt_len) {
1676 /* LE connection update has completed successfully as a master. */
1677 /* We can enable the update request if the result is a success. */
1678 /* extract the HCI handle first */
1679 uint8_t status;
1680 uint16_t handle;
1681 uint16_t interval;
1682 uint16_t latency;
1683 uint16_t timeout;
1684
1685 STREAM_TO_UINT8(status, p);
1686 STREAM_TO_UINT16(handle, p);
1687 STREAM_TO_UINT16(interval, p);
1688 STREAM_TO_UINT16(latency, p);
1689 STREAM_TO_UINT16(timeout, p);
1690
1691 l2cble_process_conn_update_evt(handle, status, interval, latency, timeout);
1692
1693 gatt_notify_conn_update(handle & 0x0FFF, interval, latency, timeout, status);
1694 }
1695
btu_ble_read_remote_feat_evt(uint8_t * p)1696 static void btu_ble_read_remote_feat_evt(uint8_t* p) {
1697 btm_ble_read_remote_features_complete(p);
1698 }
1699
btu_ble_proc_ltk_req(uint8_t * p)1700 static void btu_ble_proc_ltk_req(uint8_t* p) {
1701 uint16_t ediv, handle;
1702 uint8_t* pp;
1703
1704 STREAM_TO_UINT16(handle, p);
1705 pp = p + 8;
1706 STREAM_TO_UINT16(ediv, pp);
1707 btm_ble_ltk_request(handle, p, ediv);
1708 /* This is empty until an upper layer cares about returning event */
1709 }
1710
btu_ble_data_length_change_evt(uint8_t * p,uint16_t evt_len)1711 static void btu_ble_data_length_change_evt(uint8_t* p, uint16_t evt_len) {
1712 uint16_t handle;
1713 uint16_t tx_data_len;
1714 uint16_t rx_data_len;
1715
1716 if (!controller_get_interface()->supports_ble_packet_extension()) {
1717 HCI_TRACE_WARNING("%s, request not supported", __func__);
1718 return;
1719 }
1720
1721 STREAM_TO_UINT16(handle, p);
1722 STREAM_TO_UINT16(tx_data_len, p);
1723 p += 2; /* Skip the TxTimer */
1724 STREAM_TO_UINT16(rx_data_len, p);
1725
1726 l2cble_process_data_length_change_event(handle, tx_data_len, rx_data_len);
1727 }
1728
1729 /**********************************************
1730 * End of BLE Events Handler
1731 **********************************************/
1732 #if (BLE_LLT_INCLUDED == TRUE)
btu_ble_rc_param_req_evt(uint8_t * p)1733 static void btu_ble_rc_param_req_evt(uint8_t* p) {
1734 uint16_t handle;
1735 uint16_t int_min, int_max, latency, timeout;
1736
1737 STREAM_TO_UINT16(handle, p);
1738 STREAM_TO_UINT16(int_min, p);
1739 STREAM_TO_UINT16(int_max, p);
1740 STREAM_TO_UINT16(latency, p);
1741 STREAM_TO_UINT16(timeout, p);
1742
1743 l2cble_process_rc_param_request_evt(handle, int_min, int_max, latency,
1744 timeout);
1745 }
1746 #endif /* BLE_LLT_INCLUDED */
1747