Home | History | Annotate | Download | only in jv
      1 /******************************************************************************
      2  *
      3  *  Copyright (C) 2006-2012 Broadcom Corporation
      4  *
      5  *  Licensed under the Apache License, Version 2.0 (the "License");
      6  *  you may not use this file except in compliance with the License.
      7  *  You may obtain a copy of the License at:
      8  *
      9  *  http://www.apache.org/licenses/LICENSE-2.0
     10  *
     11  *  Unless required by applicable law or agreed to in writing, software
     12  *  distributed under the License is distributed on an "AS IS" BASIS,
     13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14  *  See the License for the specific language governing permissions and
     15  *  limitations under the License.
     16  *
     17  ******************************************************************************/
     18 
     19 /******************************************************************************
     20  *
     21  *  This file contains action functions for BTA JV APIs.
     22  *
     23  ******************************************************************************/
     24 #include <hardware/bluetooth.h>
     25 #include <arpa/inet.h>
     26 
     27 #include "bt_types.h"
     28 #include "gki.h"
     29 #include "bd.h"
     30 #include "utl.h"
     31 #include "bta_sys.h"
     32 #include "bta_api.h"
     33 #include "bta_jv_api.h"
     34 #include "bta_jv_int.h"
     35 #include "bta_jv_co.h"
     36 #include "btm_api.h"
     37 #include "btm_int.h"
     38 #include "sdp_api.h"
     39 #include "l2c_api.h"
     40 #include "port_api.h"
     41 #include <string.h>
     42 #include "rfcdefs.h"
     43 #include "avct_api.h"
     44 #include "avdt_api.h"
     45 #include "gap_api.h"
     46 
     47 
     48 #define HDL2CB(handle) \
     49     UINT32  __hi = ((handle) & BTA_JV_RFC_HDL_MASK) - 1; \
     50     UINT32  __si = BTA_JV_RFC_HDL_TO_SIDX(handle); \
     51     tBTA_JV_RFC_CB  *p_cb = &bta_jv_cb.rfc_cb[__hi]; \
     52     tBTA_JV_PCB   *p_pcb = &bta_jv_cb.port_cb[p_cb->rfc_hdl[__si] - 1]
     53 
     54 extern void uuid_to_string(bt_uuid_t *p_uuid, char *str);
     55 static inline void logu(const char* title, const uint8_t * p_uuid)
     56 {
     57     char uuids[128];
     58     uuid_to_string((bt_uuid_t*)p_uuid, uuids);
     59     APPL_TRACE_DEBUG2("%s: %s", title, uuids);
     60 }
     61 
     62 
     63 static tBTA_JV_PCB * bta_jv_add_rfc_port(tBTA_JV_RFC_CB *p_cb, tBTA_JV_PCB *p_pcb_open);
     64 static tBTA_JV_STATUS bta_jv_free_set_pm_profile_cb(UINT32 jv_handle);
     65 static void bta_jv_pm_conn_busy(tBTA_JV_PM_CB *p_cb);
     66 static void bta_jv_pm_conn_idle(tBTA_JV_PM_CB *p_cb);
     67 static void bta_jv_pm_state_change(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE state);
     68 tBTA_JV_STATUS bta_jv_set_pm_conn_state(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE
     69         new_st);
     70 
     71 /*******************************************************************************
     72 **
     73 ** Function     bta_jv_get_local_device_addr_cback
     74 **
     75 ** Description  Callback from btm after local bdaddr is read
     76 **
     77 ** Returns      void
     78 **
     79 *******************************************************************************/
     80 static void bta_jv_get_local_device_addr_cback(BD_ADDR bd_addr)
     81 {
     82     if(bta_jv_cb.p_dm_cback)
     83         bta_jv_cb.p_dm_cback(BTA_JV_LOCAL_ADDR_EVT, (tBTA_JV *)bd_addr, 0);
     84 }
     85 
     86 /*******************************************************************************
     87 **
     88 ** Function     bta_jv_get_remote_device_name_cback
     89 **
     90 ** Description  Callback from btm after remote name is read
     91 **
     92 ** Returns      void
     93 **
     94 *******************************************************************************/
     95 static void bta_jv_get_remote_device_name_cback(tBTM_REMOTE_DEV_NAME *p_name)
     96 {
     97     tBTA_JV evt_data;
     98     evt_data.p_name = p_name->remote_bd_name;
     99     if(bta_jv_cb.p_dm_cback)
    100         bta_jv_cb.p_dm_cback(BTA_JV_REMOTE_NAME_EVT, &evt_data, 0);
    101 }
    102 
    103 /*******************************************************************************
    104 **
    105 ** Function     bta_jv_alloc_sec_id
    106 **
    107 ** Description  allocate a security id
    108 **
    109 ** Returns
    110 **
    111 *******************************************************************************/
    112 UINT8 bta_jv_alloc_sec_id(void)
    113 {
    114     UINT8 ret = 0;
    115     int i;
    116     for(i=0; i<BTA_JV_NUM_SERVICE_ID; i++)
    117     {
    118         if(0 == bta_jv_cb.sec_id[i])
    119         {
    120             bta_jv_cb.sec_id[i] = BTA_JV_FIRST_SERVICE_ID + i;
    121             ret = bta_jv_cb.sec_id[i];
    122             break;
    123         }
    124     }
    125     return ret;
    126 
    127 }
    128 static int get_sec_id_used(void)
    129 {
    130     int i;
    131     int used = 0;
    132     for(i=0; i<BTA_JV_NUM_SERVICE_ID; i++)
    133     {
    134         if(bta_jv_cb.sec_id[i])
    135             used++;
    136     }
    137     if (used == BTA_JV_NUM_SERVICE_ID)
    138         APPL_TRACE_ERROR1("get_sec_id_used, sec id exceeds the limit:%d",
    139                 BTA_JV_NUM_SERVICE_ID);
    140     return used;
    141 }
    142 static int get_rfc_cb_used(void)
    143 {
    144     int i;
    145     int used = 0;
    146     for(i=0; i<BTA_JV_MAX_RFC_CONN; i++)
    147     {
    148         if(bta_jv_cb.rfc_cb[i].handle )
    149             used++;
    150     }
    151     if (used == BTA_JV_MAX_RFC_CONN)
    152         APPL_TRACE_ERROR1("get_sec_id_used, rfc ctrl block exceeds the limit:%d",
    153                 BTA_JV_MAX_RFC_CONN);
    154     return used;
    155 }
    156 
    157 /*******************************************************************************
    158 **
    159 ** Function     bta_jv_free_sec_id
    160 **
    161 ** Description  free the given security id
    162 **
    163 ** Returns
    164 **
    165 *******************************************************************************/
    166 static void bta_jv_free_sec_id(UINT8 *p_sec_id)
    167 {
    168     UINT8 sec_id = *p_sec_id;
    169     *p_sec_id = 0;
    170     if(sec_id >= BTA_JV_FIRST_SERVICE_ID && sec_id <= BTA_JV_LAST_SERVICE_ID)
    171     {
    172         BTM_SecClrService(sec_id);
    173         bta_jv_cb.sec_id[sec_id - BTA_JV_FIRST_SERVICE_ID] = 0;
    174     }
    175 }
    176 
    177 /*******************************************************************************
    178 **
    179 ** Function     bta_jv_alloc_rfc_cb
    180 **
    181 ** Description  allocate a control block for the given port handle
    182 **
    183 ** Returns
    184 **
    185 *******************************************************************************/
    186 tBTA_JV_RFC_CB * bta_jv_alloc_rfc_cb(UINT16 port_handle, tBTA_JV_PCB **pp_pcb)
    187 {
    188     tBTA_JV_RFC_CB *p_cb = NULL;
    189     tBTA_JV_PCB *p_pcb;
    190     int i, j;
    191     for(i=0; i<BTA_JV_MAX_RFC_CONN; i++)
    192     {
    193         if (0 == bta_jv_cb.rfc_cb[i].handle )
    194         {
    195             p_cb = &bta_jv_cb.rfc_cb[i];
    196             /* mask handle to distinguish it with L2CAP handle */
    197             p_cb->handle = (i + 1) | BTA_JV_RFCOMM_MASK;
    198 
    199             p_cb->max_sess          = 1;
    200             p_cb->curr_sess         = 1;
    201             for (j = 0; j < BTA_JV_MAX_RFC_SR_SESSION; j++)
    202                 p_cb->rfc_hdl[j] = 0;
    203             p_cb->rfc_hdl[0]        = port_handle;
    204             APPL_TRACE_DEBUG2( "bta_jv_alloc_rfc_cb port_handle:%d handle:0x%2x",
    205                     port_handle, p_cb->handle);
    206 
    207             p_pcb = &bta_jv_cb.port_cb[port_handle - 1];
    208             p_pcb->handle = p_cb->handle;
    209             p_pcb->port_handle = port_handle;
    210             p_pcb->p_pm_cb = NULL;
    211             *pp_pcb = p_pcb;
    212             break;
    213         }
    214     }
    215     if(p_cb == NULL)
    216     {
    217         APPL_TRACE_ERROR2( "bta_jv_alloc_rfc_cb: port_handle:%d, ctrl block exceeds "
    218                 "limit:%d", port_handle, BTA_JV_MAX_RFC_CONN);
    219     }
    220     return p_cb;
    221 }
    222 
    223 /*******************************************************************************
    224 **
    225 ** Function     bta_jv_rfc_port_to_pcb
    226 **
    227 ** Description  find the port control block associated with the given port handle
    228 **
    229 ** Returns
    230 **
    231 *******************************************************************************/
    232 tBTA_JV_PCB * bta_jv_rfc_port_to_pcb(UINT16 port_handle)
    233 {
    234     tBTA_JV_PCB *p_pcb = NULL;
    235 
    236     if ((port_handle > 0) && (port_handle <= MAX_RFC_PORTS)
    237             && bta_jv_cb.port_cb[port_handle - 1].handle)
    238     {
    239         p_pcb = &bta_jv_cb.port_cb[port_handle - 1];
    240     }
    241 
    242     return p_pcb;
    243 }
    244 
    245 /*******************************************************************************
    246 **
    247 ** Function     bta_jv_rfc_port_to_cb
    248 **
    249 ** Description  find the RFCOMM control block associated with the given port handle
    250 **
    251 ** Returns
    252 **
    253 *******************************************************************************/
    254 tBTA_JV_RFC_CB * bta_jv_rfc_port_to_cb(UINT16 port_handle)
    255 {
    256     tBTA_JV_RFC_CB *p_cb = NULL;
    257     UINT32 handle;
    258 
    259     if ((port_handle > 0) && (port_handle <= MAX_RFC_PORTS)
    260             && bta_jv_cb.port_cb[port_handle - 1].handle)
    261     {
    262         handle = bta_jv_cb.port_cb[port_handle - 1].handle;
    263         handle &= BTA_JV_RFC_HDL_MASK;
    264         handle &= ~BTA_JV_RFCOMM_MASK;
    265         if (handle)
    266             p_cb = &bta_jv_cb.rfc_cb[handle - 1];
    267     }
    268     else
    269     {
    270         APPL_TRACE_WARNING2("bta_jv_rfc_port_to_cb(port_handle:0x%x):jv handle:0x%x not"
    271                 " FOUND", port_handle, bta_jv_cb.port_cb[port_handle - 1].handle);
    272     }
    273     return p_cb;
    274 }
    275 
    276 static tBTA_JV_STATUS bta_jv_free_rfc_cb(tBTA_JV_RFC_CB *p_cb, tBTA_JV_PCB *p_pcb)
    277 {
    278     tBTA_JV_STATUS status = BTA_JV_SUCCESS;
    279     BOOLEAN remove_server = FALSE;
    280     int close_pending = 0;
    281 
    282     if (!p_cb || !p_pcb)
    283     {
    284         APPL_TRACE_ERROR0("bta_jv_free_sr_rfc_cb, p_cb or p_pcb cannot be null");
    285         return BTA_JV_FAILURE;
    286     }
    287     APPL_TRACE_DEBUG6("bta_jv_free_sr_rfc_cb: max_sess:%d, curr_sess:%d, p_pcb:%p, user:"
    288             "%d, state:%d, jv handle: 0x%x" ,p_cb->max_sess, p_cb->curr_sess, p_pcb,
    289             (int)p_pcb->user_data, p_pcb->state, p_pcb->handle);
    290 
    291     if (p_cb->curr_sess <= 0)
    292         return BTA_JV_SUCCESS;
    293 
    294     switch (p_pcb->state)
    295     {
    296     case BTA_JV_ST_CL_CLOSING:
    297     case BTA_JV_ST_SR_CLOSING:
    298         APPL_TRACE_WARNING4("bta_jv_free_sr_rfc_cb: return on closing, port state:%d, "
    299                 "scn:%d, p_pcb:%p, user_data:%d", p_pcb->state, p_cb->scn, p_pcb,
    300                 (int)p_pcb->user_data);
    301         status = BTA_JV_FAILURE;
    302         return status;
    303     case BTA_JV_ST_CL_OPEN:
    304         p_pcb->state = BTA_JV_ST_CL_CLOSING;
    305         APPL_TRACE_DEBUG2("bta_jv_free_sr_rfc_cb: state: BTA_JV_ST_CL_OPEN, scn:%d,"
    306                 " user_data:%d", p_cb->scn, (int)p_pcb->user_data);
    307         break;
    308     case BTA_JV_ST_SR_LISTEN:
    309         p_pcb->state = BTA_JV_ST_SR_CLOSING;
    310         remove_server = TRUE;
    311         APPL_TRACE_DEBUG2("bta_jv_free_sr_rfc_cb: state: BTA_JV_ST_SR_LISTEN, scn:%d,"
    312                 " user_data:%d", p_cb->scn, (int)p_pcb->user_data);
    313         break;
    314     case BTA_JV_ST_SR_OPEN:
    315         p_pcb->state = BTA_JV_ST_SR_CLOSING;
    316         APPL_TRACE_DEBUG2("bta_jv_free_sr_rfc_cb: state: BTA_JV_ST_SR_OPEN, scn:%d,"
    317                 " user_data:%d", p_cb->scn, (int)p_pcb->user_data);
    318         break;
    319     default:
    320         APPL_TRACE_WARNING6("bta_jv_free_sr_rfc_cb():failed, ignore port state:%d, scn:"
    321                 "%d, p_pcb:%p, jv handle: 0x%x, port_handle: %d, user_data:%d",
    322                 p_pcb->state, p_cb->scn, p_pcb, p_pcb->handle, p_pcb->port_handle,
    323                 (int)p_pcb->user_data);
    324         status = BTA_JV_FAILURE;
    325         break;
    326     }
    327     if (BTA_JV_SUCCESS == status)
    328     {
    329         int port_status;
    330 
    331         if (!remove_server)
    332             port_status = RFCOMM_RemoveConnection(p_pcb->port_handle);
    333         else
    334             port_status = RFCOMM_RemoveServer(p_pcb->port_handle);
    335         if (port_status != PORT_SUCCESS)
    336         {
    337             status = BTA_JV_FAILURE;
    338             APPL_TRACE_WARNING5("bta_jv_free_rfc_cb(jv handle: 0x%x, state %d)::"
    339                     "port_status: %d, port_handle: %d, close_pending: %d:Remove",
    340                     p_pcb->handle, p_pcb->state, port_status, p_pcb->port_handle,
    341                     close_pending);
    342         }
    343     }
    344     if (!close_pending)
    345     {
    346         p_pcb->port_handle = 0;
    347         p_pcb->state = BTA_JV_ST_NONE;
    348         bta_jv_free_set_pm_profile_cb(p_pcb->handle);
    349 
    350         //Initialize congestion flags
    351         p_pcb->cong = FALSE;
    352         p_pcb->user_data = 0;
    353         int si = BTA_JV_RFC_HDL_TO_SIDX(p_pcb->handle);
    354         if (0 <= si && si < BTA_JV_MAX_RFC_SR_SESSION)
    355             p_cb->rfc_hdl[si] = 0;
    356         p_pcb->handle = 0;
    357         p_cb->curr_sess--;
    358         if (p_cb->curr_sess == 0)
    359         {
    360             p_cb->scn = 0;
    361             bta_jv_free_sec_id(&p_cb->sec_id);
    362             p_cb->p_cback = NULL;
    363             p_cb->handle = 0;
    364             p_cb->curr_sess = -1;
    365         }
    366     }
    367     return status;
    368 }
    369 
    370 /*******************************************************************************
    371 **
    372 ** Function     bta_jv_free_l2c_cb
    373 **
    374 ** Description  free the given L2CAP control block
    375 **
    376 ** Returns
    377 **
    378 *******************************************************************************/
    379 tBTA_JV_STATUS bta_jv_free_l2c_cb(tBTA_JV_L2C_CB *p_cb)
    380 {
    381 #if 0
    382     tBTA_JV_STATUS status = BTA_JV_SUCCESS;
    383 
    384     if(BTA_JV_ST_NONE != p_cb->state)
    385     {
    386 #if SDP_FOR_JV_INCLUDED == TRUE
    387         if(BTA_JV_L2C_FOR_SDP_HDL == p_cb->handle)
    388         {
    389             bta_jv_cb.sdp_data_size = 0;
    390             if(SDP_ConnClose(bta_jv_cb.sdp_for_jv))
    391             {
    392                 bta_jv_cb.sdp_for_jv = 0;
    393             }
    394             else
    395                 status = BTA_JV_FAILURE;
    396         }
    397         else
    398 #endif
    399         {
    400             bta_jv_free_set_pm_profile_cb((UINT32)p_cb->handle);
    401             if (GAP_ConnClose(p_cb->handle) != BT_PASS)
    402                 status = BTA_JV_FAILURE;
    403         }
    404     }
    405     p_cb->psm = 0;
    406     p_cb->state = BTA_JV_ST_NONE;
    407     bta_jv_free_sec_id(&p_cb->sec_id);
    408     p_cb->p_cback = NULL;
    409     return status;
    410 #endif
    411     return 0;
    412 }
    413 
    414 /*******************************************************************************
    415  **
    416  ** Function    bta_jv_clear_pm_cb
    417  **
    418  ** Description clears jv pm control block and optionally calls bta_sys_conn_close()
    419  **             In general close_conn should be set to TRUE to remove registering with
    420  **             dm pm!
    421  **
    422  ** WARNING:    Make sure to clear pointer form port or l2c to this control block too!
    423  **
    424  *******************************************************************************/
    425 static void bta_jv_clear_pm_cb(tBTA_JV_PM_CB *p_pm_cb, BOOLEAN close_conn)
    426 {
    427     /* needs to be called if registered with bta pm, otherwise we may run out of dm pm slots! */
    428     if (close_conn)
    429         bta_sys_conn_close(BTA_ID_JV, p_pm_cb->app_id, p_pm_cb->peer_bd_addr);
    430     p_pm_cb->state = BTA_JV_PM_FREE_ST;
    431     p_pm_cb->app_id = BTA_JV_PM_ALL;
    432     p_pm_cb->handle = BTA_JV_PM_HANDLE_CLEAR;
    433     bdcpy(p_pm_cb->peer_bd_addr, bd_addr_null);
    434 }
    435 
    436 /*******************************************************************************
    437  **
    438  ** Function     bta_jv_free_set_pm_profile_cb
    439  **
    440  ** Description  free pm profile control block
    441  **
    442  ** Returns     BTA_JV_SUCCESS if cb has been freed correctly,
    443  **             BTA_JV_FAILURE in case of no profile has been registered or already freed
    444  **
    445  *******************************************************************************/
    446 static tBTA_JV_STATUS bta_jv_free_set_pm_profile_cb(UINT32 jv_handle)
    447 {
    448     tBTA_JV_STATUS status = BTA_JV_FAILURE;
    449     tBTA_JV_PM_CB  **p_cb;
    450     int i;
    451 
    452     for (i = 0; i < BTA_JV_PM_MAX_NUM; i++)
    453     {
    454         p_cb = NULL;
    455         if ((bta_jv_cb.pm_cb[i].state != BTA_JV_PM_FREE_ST) &&
    456                 (jv_handle == bta_jv_cb.pm_cb[i].handle))
    457         {
    458             APPL_TRACE_API3("bta_jv_free_set_pm_profile_cb(jv_handle: 0x%2x), idx: %d, "
    459                     "app_id: 0x%x", jv_handle, i, bta_jv_cb.pm_cb[i].app_id);
    460 
    461             bta_jv_clear_pm_cb(&bta_jv_cb.pm_cb[i], TRUE);
    462 
    463             if (BTA_JV_RFCOMM_MASK & jv_handle)
    464             {
    465                 UINT32 hi = ((jv_handle & BTA_JV_RFC_HDL_MASK) & ~BTA_JV_RFCOMM_MASK) - 1;
    466                 UINT32 si = BTA_JV_RFC_HDL_TO_SIDX(jv_handle);
    467                 if (hi < BTA_JV_MAX_RFC_CONN && bta_jv_cb.rfc_cb[hi].p_cback && si
    468                         < BTA_JV_MAX_RFC_SR_SESSION && bta_jv_cb.rfc_cb[hi].rfc_hdl[si])
    469                 {
    470                     tBTA_JV_PCB *p_pcb = bta_jv_rfc_port_to_pcb(bta_jv_cb.rfc_cb[hi].rfc_hdl[si]);
    471                     if (p_pcb)
    472                     {
    473                         if (NULL == p_pcb->p_pm_cb)
    474                             APPL_TRACE_WARNING3("bta_jv_free_set_pm_profile_cb(jv_handle:"
    475                                     " 0x%x):port_handle: 0x%x, p_pm_cb: %d: no link to "
    476                                     "pm_cb?", jv_handle, p_pcb->port_handle, i);
    477                         p_cb = &p_pcb->p_pm_cb;
    478                     }
    479                 }
    480             }
    481             else
    482             {
    483                 if (jv_handle < BTA_JV_MAX_L2C_CONN)
    484                 {
    485                     tBTA_JV_L2C_CB *p_l2c_cb = &bta_jv_cb.l2c_cb[jv_handle];
    486                     if (NULL == p_l2c_cb->p_pm_cb)
    487                         APPL_TRACE_WARNING2("bta_jv_free_set_pm_profile_cb(jv_handle: "
    488                                 "0x%x): p_pm_cb: %d: no link to pm_cb?", jv_handle, i);
    489                     p_cb = &p_l2c_cb->p_pm_cb;
    490                 }
    491             }
    492             if (p_cb)
    493             {
    494                 *p_cb = NULL;
    495                 status = BTA_JV_SUCCESS;
    496             }
    497         }
    498     }
    499     return status;
    500 }
    501 
    502 /*******************************************************************************
    503  **
    504  ** Function    bta_jv_alloc_set_pm_profile_cb
    505  **
    506  ** Description set PM profile control block
    507  **
    508  ** Returns     pointer to allocated cb or NULL in case of failure
    509  **
    510  *******************************************************************************/
    511 static tBTA_JV_PM_CB *bta_jv_alloc_set_pm_profile_cb(UINT32 jv_handle, tBTA_JV_PM_ID app_id)
    512 {
    513     BOOLEAN bRfcHandle = (jv_handle & BTA_JV_RFCOMM_MASK) != 0;
    514     BD_ADDR peer_bd_addr;
    515     int i, j;
    516     tBTA_JV_PM_CB **pp_cb;
    517 
    518     for (i = 0; i < BTA_JV_PM_MAX_NUM; i++)
    519     {
    520         pp_cb = NULL;
    521         if (bta_jv_cb.pm_cb[i].state == BTA_JV_PM_FREE_ST)
    522         {
    523             /* rfc handle bd addr retrieval requires core stack handle */
    524             if (bRfcHandle)
    525             {
    526                 UINT32 hi = ((jv_handle & BTA_JV_RFC_HDL_MASK) & ~BTA_JV_RFCOMM_MASK) - 1;
    527                 UINT32 si = BTA_JV_RFC_HDL_TO_SIDX(jv_handle);
    528                 for (j = 0; j < BTA_JV_MAX_RFC_CONN; j++)
    529                 {
    530                     if (jv_handle == bta_jv_cb.port_cb[j].handle)
    531                     {
    532                         pp_cb = &bta_jv_cb.port_cb[j].p_pm_cb;
    533                         if (PORT_SUCCESS != PORT_CheckConnection(
    534                                 bta_jv_cb.port_cb[j].port_handle, peer_bd_addr, NULL))
    535                             i = BTA_JV_PM_MAX_NUM;
    536                         break;
    537                     }
    538                 }
    539             }
    540             else
    541             {
    542                 /* use jv handle for l2cap bd address retrieval */
    543                 for (j = 0; j < BTA_JV_MAX_L2C_CONN; j++)
    544                 {
    545                     if (jv_handle == bta_jv_cb.l2c_cb[j].handle)
    546                     {
    547                         pp_cb = &bta_jv_cb.l2c_cb[j].p_pm_cb;
    548                         UINT8 *p_bd_addr = GAP_ConnGetRemoteAddr((UINT16)jv_handle);
    549                         if (NULL != p_bd_addr)
    550                             bdcpy(peer_bd_addr, p_bd_addr);
    551                         else
    552                             i = BTA_JV_PM_MAX_NUM;
    553                         break;
    554                     }
    555                 }
    556             }
    557             APPL_TRACE_API5("bta_jv_alloc_set_pm_profile_cb(handle 0x%2x, app_id %d): "
    558                     "idx: %d, (BTA_JV_PM_MAX_NUM: %d), pp_cb: 0x%x", jv_handle, app_id,
    559                     i, BTA_JV_PM_MAX_NUM, pp_cb);
    560             break;
    561         }
    562     }
    563 
    564     if ((i != BTA_JV_PM_MAX_NUM) && (NULL != pp_cb))
    565     {
    566         *pp_cb = &bta_jv_cb.pm_cb[i];
    567         bta_jv_cb.pm_cb[i].handle = jv_handle;
    568         bta_jv_cb.pm_cb[i].app_id = app_id;
    569         bdcpy(bta_jv_cb.pm_cb[i].peer_bd_addr, peer_bd_addr);
    570         bta_jv_cb.pm_cb[i].state = BTA_JV_PM_IDLE_ST;
    571         return &bta_jv_cb.pm_cb[i];
    572     }
    573     APPL_TRACE_WARNING2("bta_jv_alloc_set_pm_profile_cb(jv_handle: 0x%x, app_id: %d) "
    574             "return NULL", jv_handle, app_id);
    575     return (tBTA_JV_PM_CB *)NULL;
    576 }
    577 
    578 /*******************************************************************************
    579  **
    580  ** Function     bta_jv_alloc_sdp_id
    581  **
    582  ** Description  allocate a SDP id for the given SDP record handle
    583  **
    584  ** Returns
    585  **
    586  *******************************************************************************/
    587 UINT32 bta_jv_alloc_sdp_id(UINT32 sdp_handle)
    588 {
    589     int j;
    590     UINT32 id = 0;
    591 
    592     /* find a free entry */
    593     for (j = 0; j < BTA_JV_MAX_SDP_REC; j++)
    594     {
    595         if (bta_jv_cb.sdp_handle[j] == 0)
    596         {
    597             bta_jv_cb.sdp_handle[j] = sdp_handle;
    598             id = (UINT32)(j + 1);
    599             break;
    600         }
    601     }
    602     /* the SDP record handle reported is the (index + 1) to control block */
    603     return id;
    604 }
    605 
    606 /*******************************************************************************
    607 **
    608 ** Function     bta_jv_free_sdp_id
    609 **
    610 ** Description  free the sdp id
    611 **
    612 ** Returns
    613 **
    614 *******************************************************************************/
    615 void bta_jv_free_sdp_id(UINT32 sdp_id)
    616 {
    617     if(sdp_id > 0 && sdp_id <= BTA_JV_MAX_SDP_REC)
    618     {
    619         bta_jv_cb.sdp_handle[sdp_id - 1] = 0;
    620     }
    621 }
    622 
    623 /*******************************************************************************
    624 **
    625 ** Function     bta_jv_get_sdp_handle
    626 **
    627 ** Description  find the SDP handle associated with the given sdp id
    628 **
    629 ** Returns
    630 **
    631 *******************************************************************************/
    632 UINT32 bta_jv_get_sdp_handle(UINT32 sdp_id)
    633 {
    634     UINT32 sdp_handle = 0;
    635 
    636     if(sdp_id > 0 && sdp_id <= BTA_JV_MAX_SDP_REC)
    637     {
    638         sdp_handle = bta_jv_cb.sdp_handle[sdp_id - 1];
    639     }
    640     return sdp_handle;
    641 }
    642 
    643 /*******************************************************************************
    644 **
    645 ** Function     bta_jv_check_psm
    646 **
    647 ** Description  for now use only the legal PSM per JSR82 spec
    648 **
    649 ** Returns      TRUE, if allowed
    650 **
    651 *******************************************************************************/
    652 BOOLEAN bta_jv_check_psm(UINT16 psm)
    653 {
    654     BOOLEAN ret = FALSE;
    655 
    656     if(L2C_IS_VALID_PSM(psm) )
    657     {
    658         if(psm < 0x1001)
    659         {
    660             /* see if this is defined by spec */
    661             switch(psm)
    662             {
    663             case SDP_PSM:           /* 1 */
    664             case BT_PSM_RFCOMM:     /* 3 */
    665                 /* do not allow java app to use these 2 PSMs */
    666                 break;
    667 
    668             case TCS_PSM_INTERCOM:  /* 5 */
    669             case TCS_PSM_CORDLESS:  /* 7 */
    670                 if( FALSE == bta_sys_is_register(BTA_ID_CT) &&
    671                     FALSE == bta_sys_is_register(BTA_ID_CG) )
    672                     ret = TRUE;
    673                 break;
    674 
    675             case BT_PSM_BNEP:       /* F */
    676                 if(FALSE == bta_sys_is_register(BTA_ID_PAN))
    677                     ret = TRUE;
    678                 break;
    679 
    680             case HID_PSM_CONTROL:   /* 0x11 */
    681             case HID_PSM_INTERRUPT: /* 0x13 */
    682                 //FIX: allow HID Device and HID Host to coexist
    683                 if( FALSE == bta_sys_is_register(BTA_ID_HD) ||
    684                     FALSE == bta_sys_is_register(BTA_ID_HH) )
    685                     ret = TRUE;
    686                 break;
    687 
    688             case AVCT_PSM:          /* 0x17 */
    689             case AVDT_PSM:          /* 0x19 */
    690                 if ((FALSE == bta_sys_is_register(BTA_ID_AV)) &&
    691                    (FALSE == bta_sys_is_register(BTA_ID_AVK)))
    692                     ret = TRUE;
    693                 break;
    694 
    695             default:
    696                 ret = TRUE;
    697                 break;
    698             }
    699         }
    700         else
    701             ret = TRUE;
    702     }
    703     return ret;
    704 
    705 }
    706 
    707 /*******************************************************************************
    708 **
    709 ** Function     bta_jv_enable
    710 **
    711 ** Description  Initialises the JAVA I/F
    712 **
    713 ** Returns      void
    714 **
    715 *******************************************************************************/
    716 void bta_jv_enable(tBTA_JV_MSG *p_data)
    717 {
    718     tBTA_JV_STATUS status = BTA_JV_SUCCESS;
    719     bta_jv_cb.p_dm_cback = p_data->enable.p_cback;
    720     bta_jv_cb.p_dm_cback(BTA_JV_ENABLE_EVT, (tBTA_JV *)&status, 0);
    721 }
    722 
    723 /*******************************************************************************
    724 **
    725 ** Function     bta_jv_disable
    726 **
    727 ** Description  Disables the BT device manager
    728 **              free the resources used by java
    729 **
    730 ** Returns      void
    731 **
    732 *******************************************************************************/
    733 void bta_jv_disable (tBTA_JV_MSG *p_data)
    734 {
    735     APPL_TRACE_ERROR0("bta_jv_disable not used");
    736 #if 0
    737     int i;
    738 
    739     bta_jv_cb.p_dm_cback = NULL;
    740     /* delete the SDP records created by java apps */
    741     for(i=0; i<BTA_JV_MAX_SDP_REC; i++)
    742     {
    743         if(bta_jv_cb.sdp_handle[i])
    744         {
    745             APPL_TRACE_DEBUG1( "delete SDP record: %d", bta_jv_cb.sdp_handle[i]);
    746             SDP_DeleteRecord(bta_jv_cb.sdp_handle[i]);
    747             bta_jv_cb.sdp_handle[i] = 0;
    748         }
    749     }
    750 
    751     /* free the SCNs allocated by java apps */
    752     for(i=0; i<BTA_JV_MAX_SCN; i++)
    753     {
    754         if(bta_jv_cb.scn[i])
    755         {
    756             APPL_TRACE_DEBUG1( "free scn: %d", (i+1));
    757             BTM_FreeSCN((UINT8)(i+1));
    758             bta_jv_cb.scn[i] = FALSE;
    759         }
    760     }
    761 
    762     /* disconnect L2CAP connections */
    763     for(i=0; i<BTA_JV_MAX_L2C_CONN; i++)
    764     {
    765         bta_jv_free_l2c_cb(&bta_jv_cb.l2c_cb[i]);
    766     }
    767 
    768     /* disconnect RFCOMM connections */
    769     for(i=0; i<BTA_JV_MAX_RFC_CONN; i++)
    770     {
    771         bta_jv_free_rfc_cb(&bta_jv_cb.rfc_cb[i]);
    772     }
    773 
    774     /* free the service records allocated by java apps */
    775     for(i=0; i<BTA_JV_NUM_SERVICE_ID; i++)
    776     {
    777         if(bta_jv_cb.sec_id[i])
    778         {
    779             BTM_SecClrService(bta_jv_cb.sec_id[i]);
    780             bta_jv_cb.sec_id[i] = 0;
    781         }
    782     }
    783 #endif
    784 }
    785 
    786 /*******************************************************************************
    787 **
    788 ** Function     bta_jv_set_discoverability
    789 **
    790 ** Description  Sets discoverability
    791 **
    792 ** Returns      void
    793 **
    794 *******************************************************************************/
    795 void bta_jv_set_discoverability (tBTA_JV_MSG *p_data)
    796 {
    797     tBTA_JV     evt_data;
    798 
    799     evt_data.set_discover.status = BTA_JV_FAILURE;
    800     /* initialize the default value for the event as the current mode */
    801     evt_data.set_discover.disc_mode = BTM_ReadDiscoverability(NULL, NULL);
    802 
    803     if(BTM_SUCCESS == BTM_SetDiscoverability((UINT8)p_data->set_discoverability.disc_mode, 0, 0))
    804     {
    805         evt_data.set_discover.status     = BTA_JV_SUCCESS;
    806         /* update the mode, after BTM_SetDiscoverability() is successful */
    807         evt_data.set_discover.disc_mode  = p_data->set_discoverability.disc_mode;
    808     }
    809 
    810     if(bta_jv_cb.p_dm_cback)
    811         bta_jv_cb.p_dm_cback(BTA_JV_SET_DISCOVER_EVT, &evt_data, 0);
    812 }
    813 
    814 /*******************************************************************************
    815 **
    816 ** Function     bta_jv_get_local_device_addr
    817 **
    818 ** Description  Reads the local Bluetooth device address
    819 **
    820 ** Returns      void
    821 **
    822 *******************************************************************************/
    823 void bta_jv_get_local_device_addr(tBTA_JV_MSG *p_data)
    824 {
    825     BTM_ReadLocalDeviceAddr((tBTM_CMPL_CB *)bta_jv_get_local_device_addr_cback);
    826 }
    827 
    828 /*******************************************************************************
    829 **
    830 ** Function     bta_jv_get_local_device_name
    831 **
    832 ** Description  Reads the local Bluetooth device name
    833 **
    834 ** Returns      void
    835 **
    836 *******************************************************************************/
    837 void bta_jv_get_local_device_name(tBTA_JV_MSG *p_data)
    838 {
    839     tBTA_JV evt_data;
    840     char *name;
    841 
    842     BTM_ReadLocalDeviceName(&name);
    843     evt_data.p_name = (UINT8*)name;
    844     if(bta_jv_cb.p_dm_cback)
    845         bta_jv_cb.p_dm_cback(BTA_JV_LOCAL_NAME_EVT, &evt_data, 0);
    846 }
    847 
    848 /*******************************************************************************
    849 **
    850 ** Function     bta_jv_get_remote_device_name
    851 **
    852 ** Description  Reads the local Bluetooth device name
    853 **
    854 ** Returns      void
    855 **
    856 *******************************************************************************/
    857 void bta_jv_get_remote_device_name(tBTA_JV_MSG *p_data)
    858 {
    859 
    860     BTM_ReadRemoteDeviceName(p_data->get_rmt_name.bd_addr,
    861         (tBTM_CMPL_CB *)bta_jv_get_remote_device_name_cback);
    862 }
    863 
    864 /*******************************************************************************
    865 **
    866 ** Function     bta_jv_set_service_class
    867 **
    868 ** Description  update the service class field of device class
    869 **
    870 ** Returns      void
    871 **
    872 *******************************************************************************/
    873 void bta_jv_set_service_class (tBTA_JV_MSG *p_data)
    874 {
    875     tBTA_UTL_COD cod;
    876 
    877     /* set class of device */
    878     /* BTA_JvSetServiceClass(UINT32 service) assumes that the service class passed to the API function as defined in the assigned number page.
    879     For example: the object transfer bit is bit 20 of the 24-bit Class of device; the value of this bit is 0x00100000 (value 1)
    880     Our btm_api.h defines this bit as #define BTM_COD_SERVICE_OBJ_TRANSFER        0x1000 // (value 2)
    881     This reflects that the service class defined at btm is UINT16, which starts at bit 8 of the 24 bit Class of Device
    882     The following statement converts from (value 1) into (value 2) */
    883     cod.service = (p_data->set_service.service >> 8);
    884     utl_set_device_class(&cod, BTA_UTL_SET_COD_SERVICE_CLASS);
    885 }
    886 
    887 /*******************************************************************************
    888 **
    889 ** Function     bta_jv_sec_cback
    890 **
    891 ** Description  callback function to handle set encryption complete event
    892 **
    893 ** Returns      void
    894 **
    895 *******************************************************************************/
    896 static void bta_jv_sec_cback (BD_ADDR bd_addr, void *p_ref_data, tBTM_STATUS result)
    897 {
    898     tBTA_JV_SET_ENCRYPTION  set_enc;
    899     if(bta_jv_cb.p_dm_cback)
    900     {
    901         bdcpy(set_enc.bd_addr, bd_addr);
    902         set_enc.status = result;
    903         if (result > BTA_JV_BUSY)
    904             set_enc.status = BTA_JV_FAILURE;
    905         bta_jv_cb.p_dm_cback(BTA_JV_SET_ENCRYPTION_EVT, (tBTA_JV *)&set_enc, 0);
    906     }
    907 }
    908 
    909 /*******************************************************************************
    910 **
    911 ** Function     bta_jv_set_encryption
    912 **
    913 ** Description  Reads the local Bluetooth device name
    914 **
    915 ** Returns      void
    916 **
    917 *******************************************************************************/
    918 void bta_jv_set_encryption(tBTA_JV_MSG *p_data)
    919 {
    920     BTM_SetEncryption(p_data->set_encrypt.bd_addr, bta_jv_sec_cback, NULL);
    921 }
    922 
    923 /*******************************************************************************
    924 **
    925 ** Function     bta_jv_get_scn
    926 **
    927 ** Description  obtain a free SCN
    928 **
    929 ** Returns      void
    930 **
    931 *******************************************************************************/
    932 void bta_jv_get_scn(tBTA_JV_MSG *p_data)
    933 {
    934 #if 0
    935     UINT8   scn;
    936     scn = BTM_AllocateSCN();
    937     if(scn)
    938         bta_jv_cb.scn[scn-1] = TRUE;
    939     if(bta_jv_cb.p_dm_cback)
    940         bta_jv_cb.p_dm_cback(BTA_JV_GET_SCN_EVT, (tBTA_JV *)&scn);
    941 #endif
    942 }
    943 
    944 /*******************************************************************************
    945 **
    946 ** Function     bta_jv_free_scn
    947 **
    948 ** Description  free a SCN
    949 **
    950 ** Returns      void
    951 **
    952 *******************************************************************************/
    953 void bta_jv_free_scn(tBTA_JV_MSG *p_data)
    954 {
    955     UINT8   scn = p_data->free_scn.scn;
    956 
    957     if (scn > 0 && scn <= BTA_JV_MAX_SCN && bta_jv_cb.scn[scn-1])
    958     {
    959         /* this scn is used by JV */
    960         bta_jv_cb.scn[scn-1] = FALSE;
    961         BTM_FreeSCN(scn);
    962     }
    963 }
    964 static inline tBT_UUID shorten_sdp_uuid(const tBT_UUID* u)
    965 {
    966     static uint8_t bt_base_uuid[] =
    967        {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x80, 0x00, 0x00, 0x80, 0x5F, 0x9B, 0x34, 0xFB };
    968 
    969     logu("in, uuid:", u);
    970     APPL_TRACE_DEBUG1("uuid len:%d", u->len);
    971     if(u->len == 16)
    972     {
    973         if(memcmp(&u->uu.uuid128[4], &bt_base_uuid[4], 12) == 0)
    974         {
    975             tBT_UUID su;
    976             memset(&su, 0, sizeof(su));
    977             if(u->uu.uuid128[0] == 0 && u->uu.uuid128[1] == 0)
    978             {
    979                 su.len = 2;
    980                 uint16_t u16;
    981                 memcpy(&u16, &u->uu.uuid128[2], sizeof(u16));
    982                 su.uu.uuid16 = ntohs(u16);
    983                 APPL_TRACE_DEBUG1("shorten to 16 bits uuid: %x", su.uu.uuid16);
    984             }
    985             else
    986             {
    987                 su.len = 4;
    988                 uint32_t u32;
    989                 memcpy(&u32, &u->uu.uuid128[0], sizeof(u32));
    990                 su.uu.uuid32 = ntohl(u32);
    991                 APPL_TRACE_DEBUG1("shorten to 32 bits uuid: %x", su.uu.uuid32);
    992             }
    993             return su;
    994         }
    995     }
    996     APPL_TRACE_DEBUG0("cannot shorten none-reserved 128 bits uuid");
    997     return *u;
    998 }
    999 
   1000 /*******************************************************************************
   1001 **
   1002 ** Function     bta_jv_start_discovery_cback
   1003 **
   1004 ** Description  Callback for Start Discovery
   1005 **
   1006 ** Returns      void
   1007 **
   1008 *******************************************************************************/
   1009 static void bta_jv_start_discovery_cback(UINT16 result, void * user_data)
   1010 {
   1011     tBTA_JV_STATUS status;
   1012     UINT8          old_sdp_act = bta_jv_cb.sdp_active;
   1013 
   1014     APPL_TRACE_DEBUG1("bta_jv_start_discovery_cback res: 0x%x", result);
   1015 
   1016     bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_NONE;
   1017     if(bta_jv_cb.p_dm_cback)
   1018     {
   1019         if (old_sdp_act == BTA_JV_SDP_ACT_CANCEL)
   1020         {
   1021             APPL_TRACE_DEBUG0("BTA_JV_SDP_ACT_CANCEL");
   1022             status = BTA_JV_SUCCESS;
   1023             bta_jv_cb.p_dm_cback(BTA_JV_CANCEL_DISCVRY_EVT, (tBTA_JV *)&status, user_data);
   1024         }
   1025         else
   1026         {
   1027             tBTA_JV_DISCOVERY_COMP dcomp;
   1028             dcomp.scn = 0;
   1029             status = BTA_JV_FAILURE;
   1030             if (result == SDP_SUCCESS || result == SDP_DB_FULL)
   1031             {
   1032                 tSDP_DISC_REC       *p_sdp_rec = NULL;
   1033                 tSDP_PROTOCOL_ELEM  pe;
   1034                 logu("bta_jv_cb.uuid", bta_jv_cb.uuid.uu.uuid128);
   1035                 tBT_UUID su = shorten_sdp_uuid(&bta_jv_cb.uuid);
   1036                 logu("shorten uuid:", su.uu.uuid128);
   1037                 p_sdp_rec = SDP_FindServiceUUIDInDb(p_bta_jv_cfg->p_sdp_db, &su, p_sdp_rec);
   1038                 APPL_TRACE_DEBUG1("p_sdp_rec:%p", p_sdp_rec);
   1039                 if(p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe))
   1040                 {
   1041                     dcomp.scn = (UINT8) pe.params[0];
   1042                     status = BTA_JV_SUCCESS;
   1043                 }
   1044             }
   1045 
   1046             dcomp.status = status;
   1047             bta_jv_cb.p_dm_cback(BTA_JV_DISCOVERY_COMP_EVT, (tBTA_JV *)&dcomp, user_data);
   1048         }
   1049         //free sdp db
   1050         //utl_freebuf(&(p_bta_jv_cfg->p_sdp_db));
   1051     }
   1052 }
   1053 
   1054 /*******************************************************************************
   1055 **
   1056 ** Function     bta_jv_start_discovery
   1057 **
   1058 ** Description  Discovers services on a remote device
   1059 **
   1060 ** Returns      void
   1061 **
   1062 *******************************************************************************/
   1063 void bta_jv_start_discovery(tBTA_JV_MSG *p_data)
   1064 {
   1065     tBTA_JV_STATUS status = BTA_JV_FAILURE;
   1066     APPL_TRACE_DEBUG1("bta_jv_start_discovery in, sdp_active:%d", bta_jv_cb.sdp_active);
   1067     if (bta_jv_cb.sdp_active != BTA_JV_SDP_ACT_NONE)
   1068     {
   1069         /* SDP is still in progress */
   1070         status = BTA_JV_BUSY;
   1071         if(bta_jv_cb.p_dm_cback)
   1072             bta_jv_cb.p_dm_cback(BTA_JV_DISCOVERY_COMP_EVT, (tBTA_JV *)&status, p_data->start_discovery.user_data);
   1073         return;
   1074     }
   1075 /*
   1076     if(p_data->start_discovery.num_uuid == 0)
   1077     {
   1078         p_data->start_discovery.num_uuid = 1;
   1079         p_data->start_discovery.uuid_list[0].len       = 2;
   1080         p_data->start_discovery.uuid_list[0].uu.uuid16 = UUID_SERVCLASS_PUBLIC_BROWSE_GROUP;
   1081     }
   1082 */
   1083     /* init the database/set up the filter */
   1084     APPL_TRACE_DEBUG1("call SDP_InitDiscoveryDb, p_data->start_discovery.num_uuid:%d",
   1085         p_data->start_discovery.num_uuid);
   1086     SDP_InitDiscoveryDb (p_bta_jv_cfg->p_sdp_db, p_bta_jv_cfg->sdp_db_size,
   1087                     p_data->start_discovery.num_uuid, p_data->start_discovery.uuid_list, 0, NULL);
   1088 
   1089     /* tell SDP to keep the raw data */
   1090     p_bta_jv_cfg->p_sdp_db->raw_data = p_bta_jv_cfg->p_sdp_raw_data;
   1091     p_bta_jv_cfg->p_sdp_db->raw_size = p_bta_jv_cfg->sdp_raw_size;
   1092 
   1093     bta_jv_cb.p_sel_raw_data     = 0;
   1094     bta_jv_cb.uuid = p_data->start_discovery.uuid_list[0];
   1095 
   1096     bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_YES;
   1097     if (!SDP_ServiceSearchAttributeRequest2(p_data->start_discovery.bd_addr,
   1098                                    p_bta_jv_cfg->p_sdp_db,
   1099                                    bta_jv_start_discovery_cback, p_data->start_discovery.user_data))
   1100     {
   1101         bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_NONE;
   1102         /* failed to start SDP. report the failure right away */
   1103         if(bta_jv_cb.p_dm_cback)
   1104             bta_jv_cb.p_dm_cback(BTA_JV_DISCOVERY_COMP_EVT, (tBTA_JV *)&status, p_data->start_discovery.user_data);
   1105     }
   1106     /*
   1107     else report the result when the cback is called
   1108     */
   1109 }
   1110 
   1111 /*******************************************************************************
   1112 **
   1113 ** Function     bta_jv_cancel_discovery
   1114 **
   1115 ** Description  Cancels an active discovery
   1116 **
   1117 ** Returns      void
   1118 **
   1119 *******************************************************************************/
   1120 void bta_jv_cancel_discovery(tBTA_JV_MSG *p_data)
   1121 {
   1122     tBTA_JV_STATUS status = BTA_JV_SUCCESS;
   1123     if (bta_jv_cb.sdp_active == BTA_JV_SDP_ACT_YES)
   1124     {
   1125         if (SDP_CancelServiceSearch (p_bta_jv_cfg->p_sdp_db))
   1126         {
   1127             bta_jv_cb.sdp_active = BTA_JV_SDP_ACT_CANCEL;
   1128             return;
   1129         }
   1130     }
   1131     if(bta_jv_cb.p_dm_cback)
   1132         bta_jv_cb.p_dm_cback(BTA_JV_CANCEL_DISCVRY_EVT, (tBTA_JV *)&status, p_data->cancel_discovery.user_data);
   1133 }
   1134 
   1135 /*******************************************************************************
   1136 **
   1137 ** Function     bta_jv_get_services_length
   1138 **
   1139 ** Description  Obtain the length of each record in the SDP DB.
   1140 **
   1141 ** Returns      void
   1142 **
   1143 *******************************************************************************/
   1144 void bta_jv_get_services_length(tBTA_JV_MSG *p_data)
   1145 {
   1146 #if 0
   1147     tBTA_JV_SERVICES_LEN    evt_data;
   1148     UINT8   *p, *np, *op, type;
   1149     UINT32  raw_used, raw_cur;
   1150     UINT32  len;
   1151 
   1152     evt_data.num_services = -1;
   1153     evt_data.p_services_len = p_data->get_services_length.p_services_len;
   1154     if(p_bta_jv_cfg->p_sdp_db->p_first_rec)
   1155     {
   1156         /* the database is valid */
   1157         evt_data.num_services = 0;
   1158         p = p_bta_jv_cfg->p_sdp_db->raw_data;
   1159         raw_used = p_bta_jv_cfg->p_sdp_db->raw_used;
   1160         while(raw_used && p)
   1161         {
   1162             op = p;
   1163             type = *p++;
   1164             np = sdpu_get_len_from_type(p, type, &len);
   1165             p = np + len;
   1166             raw_cur = p - op;
   1167             if(raw_used >= raw_cur)
   1168             {
   1169                 raw_used -= raw_cur;
   1170             }
   1171             else
   1172             {
   1173                 /* error. can not continue */
   1174                 break;
   1175             }
   1176             if(p_data->get_services_length.inc_hdr)
   1177             {
   1178                 evt_data.p_services_len[evt_data.num_services++] = len + np - op;
   1179             }
   1180             else
   1181             {
   1182                 evt_data.p_services_len[evt_data.num_services++] = len;
   1183             }
   1184         } /* end of while */
   1185     }
   1186 
   1187     if(bta_jv_cb.p_dm_cback)
   1188         bta_jv_cb.p_dm_cback(BTA_JV_SERVICES_LEN_EVT, (tBTA_JV *)&evt_data);
   1189 #endif
   1190 }
   1191 
   1192 /*******************************************************************************
   1193 **
   1194 ** Function     bta_jv_service_select
   1195 **
   1196 ** Description  Obtain the length of given UUID in the SDP DB.
   1197 **
   1198 ** Returns      void
   1199 **
   1200 *******************************************************************************/
   1201 void bta_jv_service_select(tBTA_JV_MSG *p_data)
   1202 {
   1203 #if 0
   1204     tBTA_JV_SERVICE_SEL     serv_sel;
   1205     tSDP_DISC_REC *p_rec, *p_tmp;
   1206     UINT8   *p, *np, *op, type;
   1207     UINT32  raw_used, raw_cur;
   1208     UINT32  len;
   1209 
   1210     serv_sel.service_len = 0;
   1211     bta_jv_cb.p_sel_raw_data     = 0;
   1212     p_rec = SDP_FindServiceInDb (p_bta_jv_cfg->p_sdp_db, p_data->service_select.uuid, NULL);
   1213     if(p_rec)
   1214     {
   1215         /* found the record in the database */
   1216         /* the database must be valid */
   1217         p = p_bta_jv_cfg->p_sdp_db->raw_data;
   1218         raw_used = p_bta_jv_cfg->p_sdp_db->raw_used;
   1219         p_tmp = p_bta_jv_cfg->p_sdp_db->p_first_rec;
   1220         while(raw_used && p && p_tmp)
   1221         {
   1222             op = p;
   1223             type = *p++;
   1224             np = sdpu_get_len_from_type(p, type, &len);
   1225             if(p_tmp == p_rec)
   1226             {
   1227                 bta_jv_cb.p_sel_raw_data = op;
   1228                 bta_jv_cb.sel_len = len;
   1229                 serv_sel.service_len = len;
   1230                 bdcpy(serv_sel.bd_addr, p_rec->remote_bd_addr);
   1231                 APPL_TRACE_DEBUG1( "bta_jv_service_select found uuid: 0x%x",
   1232                     p_data->service_select.uuid);
   1233                 break;
   1234             }
   1235             p = np + len;
   1236             raw_cur = p - op;
   1237             if(raw_used >= raw_cur)
   1238             {
   1239                 raw_used -= raw_cur;
   1240             }
   1241             else
   1242             {
   1243                 /* error. can not continue */
   1244                 break;
   1245             }
   1246             p_tmp = p_tmp->p_next_rec;
   1247         } /* end of while */
   1248     }
   1249     APPL_TRACE_DEBUG1( "service_len: %d", serv_sel.service_len);
   1250     if(bta_jv_cb.p_dm_cback)
   1251         bta_jv_cb.p_dm_cback(BTA_JV_SERVICE_SEL_EVT, (tBTA_JV *)&serv_sel);
   1252 #endif
   1253 }
   1254 
   1255 /*******************************************************************************
   1256 **
   1257 ** Function     bta_jv_create_record
   1258 **
   1259 ** Description  Create an SDP record with the given attributes
   1260 **
   1261 ** Returns      void
   1262 **
   1263 *******************************************************************************/
   1264 void bta_jv_create_record(tBTA_JV_MSG *p_data)
   1265 {
   1266     tBTA_JV_API_CREATE_RECORD *cr = &(p_data->create_record);
   1267     tBTA_JV_CREATE_RECORD   evt_data;
   1268     evt_data.status = BTA_JV_SUCCESS;
   1269     if(bta_jv_cb.p_dm_cback)
   1270         //callback user immediately to create his own sdp record in stack thread context
   1271         bta_jv_cb.p_dm_cback(BTA_JV_CREATE_RECORD_EVT, (tBTA_JV *)&evt_data, cr->user_data);
   1272 }
   1273 
   1274 /*******************************************************************************
   1275 **
   1276 ** Function     bta_jv_update_record
   1277 **
   1278 ** Description  Update an SDP record with the given attributes
   1279 **
   1280 ** Returns      void
   1281 **
   1282 *******************************************************************************/
   1283 void bta_jv_update_record(tBTA_JV_MSG *p_data)
   1284 {
   1285 #if 0
   1286     tBTA_JV_API_UPDATE_RECORD *ur = &(p_data->update_record);
   1287     tBTA_JV_UPDATE_RECORD   evt_data;
   1288     UINT32 handle;
   1289     INT32 i;
   1290     UINT8 *ptr;
   1291     UINT8 *next_ptr;
   1292     UINT8 *end;
   1293     UINT32 len;
   1294     UINT8 type;
   1295 
   1296     evt_data.status = BTA_JV_FAILURE;
   1297     evt_data.handle = ur->handle;
   1298 
   1299     handle = bta_jv_get_sdp_handle(ur->handle);
   1300 
   1301     if(handle)
   1302     {
   1303         /* this is a record created by JV */
   1304         for (i = 0; i < ur->array_len; i++)
   1305         {
   1306             ptr = ur->p_values[i];
   1307             end = ptr + ur->p_value_sizes[i];
   1308 
   1309             while (ptr < end)
   1310             {
   1311                 type = *ptr;
   1312                 next_ptr = sdpu_get_len_from_type(ptr + 1, *ptr, &len);
   1313 
   1314                 if(ATTR_ID_SERVICE_RECORD_HDL != ur->p_ids[i])
   1315                 {
   1316                 if (!SDP_AddAttribute(handle, ur->p_ids[i], (UINT8)((type >> 3) & 0x1f),
   1317                     len, next_ptr))
   1318                 {
   1319                     /* failed on updating attributes.  */
   1320                     if(bta_jv_cb.p_dm_cback)
   1321                         bta_jv_cb.p_dm_cback(BTA_JV_UPDATE_RECORD_EVT, (tBTA_JV *)&evt_data);
   1322                     return;
   1323                 }
   1324                 }
   1325 
   1326                 ptr = next_ptr + len;
   1327             } /* end of while */
   1328         } /* end of for */
   1329         evt_data.status = BTA_JV_SUCCESS;
   1330     }
   1331 
   1332     if(bta_jv_cb.p_dm_cback)
   1333         bta_jv_cb.p_dm_cback(BTA_JV_UPDATE_RECORD_EVT, (tBTA_JV *)&evt_data);
   1334 #endif
   1335 }
   1336 
   1337 /*******************************************************************************
   1338 **
   1339 ** Function     bta_jv_add_attribute
   1340 **
   1341 ** Description  Add an attribute to an SDP record
   1342 **
   1343 ** Returns      void
   1344 **
   1345 *******************************************************************************/
   1346 void bta_jv_add_attribute(tBTA_JV_MSG *p_data)
   1347 {
   1348 #if 0
   1349     tBTA_JV_API_ADD_ATTRIBUTE *aa = &(p_data->add_attr);
   1350     tBTA_JV_ADD_ATTR   evt_data;
   1351     UINT32 handle;
   1352     UINT8 type;
   1353     UINT32 len;
   1354     UINT8 *ptr;
   1355     UINT8 *next_ptr;
   1356 
   1357     evt_data.status = BTA_JV_FAILURE;
   1358     evt_data.handle = aa->handle;
   1359     handle = bta_jv_get_sdp_handle(aa->handle);
   1360 
   1361     if(handle)
   1362     {
   1363         /* this is a record created by JV */
   1364         ptr = aa->p_value;
   1365         type = *ptr;
   1366         next_ptr = sdpu_get_len_from_type(ptr + 1, *ptr, &len);
   1367         APPL_TRACE_DEBUG3( "bta_jv_add_attribute: ptr chg:%d len:%d, size:%d",
   1368             (next_ptr - ptr), len, aa->value_size);
   1369         if(ATTR_ID_SERVICE_RECORD_HDL != aa->attr_id && /* do not allow the SDP record handle to be updated */
   1370             ((INT32)(next_ptr - ptr + len) == aa->value_size) && /* double check data size */
   1371             SDP_AddAttribute(handle, aa->attr_id, (UINT8)((type >> 3) & 0x1f),
   1372                     len, next_ptr))
   1373         {
   1374             evt_data.status = BTA_JV_SUCCESS;
   1375         }
   1376     }
   1377 
   1378     if(bta_jv_cb.p_dm_cback)
   1379         bta_jv_cb.p_dm_cback(BTA_JV_ADD_ATTR_EVT, (tBTA_JV *)&evt_data);
   1380 #endif
   1381 }
   1382 
   1383 /*******************************************************************************
   1384 **
   1385 ** Function     bta_jv_delete_attribute
   1386 **
   1387 ** Description  Delete an attribute from the given SDP record
   1388 **
   1389 ** Returns      void
   1390 **
   1391 *******************************************************************************/
   1392 void bta_jv_delete_attribute(tBTA_JV_MSG *p_data)
   1393 {
   1394 #if 0
   1395     tBTA_JV_API_ADD_ATTRIBUTE *da = &(p_data->add_attr);
   1396     tBTA_JV_DELETE_ATTR   evt_data;
   1397     UINT32 handle;
   1398 
   1399     evt_data.status = BTA_JV_FAILURE;
   1400     evt_data.handle = da->handle;
   1401     handle = bta_jv_get_sdp_handle(da->handle);
   1402 
   1403     if(handle)
   1404     {
   1405         /* this is a record created by JV */
   1406         if(SDP_DeleteAttribute(handle, da->attr_id))
   1407             evt_data.status = BTA_JV_SUCCESS;
   1408     }
   1409 
   1410     if(bta_jv_cb.p_dm_cback)
   1411         bta_jv_cb.p_dm_cback(BTA_JV_DELETE_ATTR_EVT, (tBTA_JV *)&evt_data);
   1412 #endif
   1413 }
   1414 
   1415 /*******************************************************************************
   1416 **
   1417 ** Function     bta_jv_delete_record
   1418 **
   1419 ** Description  Delete an SDP record
   1420 **
   1421 **
   1422 ** Returns      void
   1423 **
   1424 *******************************************************************************/
   1425 void bta_jv_delete_record(tBTA_JV_MSG *p_data)
   1426 {
   1427     tBTA_JV_API_ADD_ATTRIBUTE *dr = &(p_data->add_attr);
   1428     if(dr->handle)
   1429     {
   1430         /* this is a record created by btif layer*/
   1431         SDP_DeleteRecord(dr->handle);
   1432     }
   1433 }
   1434 
   1435 /*******************************************************************************
   1436 **
   1437 ** Function     bta_jv_l2cap_client_cback
   1438 **
   1439 ** Description  handles the l2cap client events
   1440 **
   1441 ** Returns      void
   1442 **
   1443 *******************************************************************************/
   1444 static void bta_jv_l2cap_client_cback(UINT16 gap_handle, UINT16 event)
   1445 {
   1446 #if 0
   1447     tBTA_JV_L2C_CB  *p_cb = &bta_jv_cb.l2c_cb[gap_handle];
   1448     tBTA_JV     evt_data;
   1449 
   1450     if(gap_handle >= BTA_JV_MAX_L2C_CONN && !p_cb->p_cback)
   1451         return;
   1452 
   1453     APPL_TRACE_DEBUG2( "bta_jv_l2cap_client_cback: %d evt:x%x",
   1454         gap_handle, event);
   1455     evt_data.l2c_open.status = BTA_JV_SUCCESS;
   1456     evt_data.l2c_open.handle = gap_handle;
   1457     switch (event)
   1458     {
   1459     case GAP_EVT_CONN_OPENED:
   1460         bdcpy(evt_data.l2c_open.rem_bda, GAP_ConnGetRemoteAddr(gap_handle));
   1461         evt_data.l2c_open.tx_mtu = GAP_ConnGetRemMtuSize(gap_handle);
   1462         p_cb->state = BTA_JV_ST_CL_OPEN;
   1463         p_cb->p_cback(BTA_JV_L2CAP_OPEN_EVT, &evt_data);
   1464         break;
   1465 
   1466     case GAP_EVT_CONN_CLOSED:
   1467         p_cb->state = BTA_JV_ST_NONE;
   1468         bta_jv_free_sec_id(&p_cb->sec_id);
   1469         evt_data.l2c_close.async = TRUE;
   1470         p_cb->p_cback(BTA_JV_L2CAP_CLOSE_EVT, &evt_data);
   1471         p_cb->p_cback = NULL;
   1472         break;
   1473 
   1474     case GAP_EVT_CONN_DATA_AVAIL:
   1475         evt_data.handle = gap_handle;
   1476         p_cb->p_cback(BTA_JV_L2CAP_DATA_IND_EVT, &evt_data);
   1477         break;
   1478 
   1479     case GAP_EVT_CONN_CONGESTED:
   1480     case GAP_EVT_CONN_UNCONGESTED:
   1481         p_cb->cong = (event == GAP_EVT_CONN_CONGESTED) ? TRUE : FALSE;
   1482         evt_data.l2c_cong.cong = p_cb->cong;
   1483         p_cb->p_cback(BTA_JV_L2CAP_CONG_EVT, &evt_data);
   1484         break;
   1485 
   1486     default:
   1487         break;
   1488     }
   1489 #endif
   1490 }
   1491 
   1492 #if SDP_FOR_JV_INCLUDED == TRUE
   1493 /*******************************************************************************
   1494 **
   1495 ** Function     bta_jv_sdp_res_cback
   1496 **
   1497 ** Description  Callback for Start Discovery
   1498 **
   1499 ** Returns      void
   1500 **
   1501 *******************************************************************************/
   1502 void bta_jv_sdp_res_cback (UINT16 event, tSDP_DATA *p_data)
   1503 {
   1504     tBTA_JV evt_data;
   1505     tBTA_JV_L2C_CB  *p_cb = &bta_jv_cb.l2c_cb[BTA_JV_L2C_FOR_SDP_HDL];
   1506 
   1507     APPL_TRACE_DEBUG2( "bta_jv_sdp_res_cback: %d evt:x%x",
   1508         bta_jv_cb.sdp_for_jv, event);
   1509 
   1510     if(!bta_jv_cb.sdp_for_jv)
   1511         return;
   1512 
   1513     evt_data.l2c_open.status = BTA_JV_SUCCESS;
   1514     evt_data.l2c_open.handle = BTA_JV_L2C_FOR_SDP_HDL;
   1515 
   1516     switch(event)
   1517     {
   1518     case SDP_EVT_OPEN:
   1519         bdcpy(evt_data.l2c_open.rem_bda, p_data->open.peer_addr);
   1520         evt_data.l2c_open.tx_mtu = p_data->open.peer_mtu;
   1521         p_cb->state = BTA_JV_ST_SR_OPEN;
   1522         p_cb->p_cback(BTA_JV_L2CAP_OPEN_EVT, &evt_data);
   1523         break;
   1524     case SDP_EVT_DATA_IND:
   1525         evt_data.handle = BTA_JV_L2C_FOR_SDP_HDL;
   1526         memcpy(p_bta_jv_cfg->p_sdp_raw_data, p_data->data.p_data, p_data->data.data_len);
   1527         APPL_TRACE_DEBUG2( "data size: %d/%d ", bta_jv_cb.sdp_data_size, p_data->data.data_len);
   1528         bta_jv_cb.sdp_data_size = p_data->data.data_len;
   1529         p_cb->p_cback(BTA_JV_L2CAP_DATA_IND_EVT, &evt_data);
   1530         break;
   1531     }
   1532 }
   1533 
   1534 /*******************************************************************************
   1535 **
   1536 ** Function     bta_jv_sdp_cback
   1537 **
   1538 ** Description  Callback for Start Discovery
   1539 **
   1540 ** Returns      void
   1541 **
   1542 *******************************************************************************/
   1543 static void bta_jv_sdp_cback(UINT16 result)
   1544 {
   1545     tBTA_JV_L2CAP_CLOSE close;
   1546     tBTA_JV_L2C_CB  *p_cb = &bta_jv_cb.l2c_cb[BTA_JV_L2C_FOR_SDP_HDL];
   1547     APPL_TRACE_DEBUG1( "bta_jv_sdp_cback: result:x%x", result);
   1548 
   1549     if(p_cb->p_cback)
   1550     {
   1551         close.handle    = BTA_JV_L2C_FOR_SDP_HDL;
   1552         close.async     = FALSE;
   1553         close.status    = BTA_JV_SUCCESS;
   1554         bta_jv_free_sec_id(&p_cb->sec_id);
   1555         p_cb->p_cback(BTA_JV_L2CAP_CLOSE_EVT, (tBTA_JV *)&close);
   1556     }
   1557 
   1558     bta_jv_cb.sdp_for_jv = 0;
   1559     p_cb->p_cback = NULL;
   1560 
   1561 }
   1562 #endif
   1563 
   1564 /*******************************************************************************
   1565 **
   1566 ** Function     bta_jv_l2cap_connect
   1567 **
   1568 ** Description  makes an l2cap client connection
   1569 **
   1570 ** Returns      void
   1571 **
   1572 *******************************************************************************/
   1573 void bta_jv_l2cap_connect(tBTA_JV_MSG *p_data)
   1574 {
   1575 #if 0
   1576     tBTA_JV_L2C_CB      *p_cb;
   1577     tBTA_JV_L2CAP_CL_INIT  evt_data;
   1578     UINT16  handle=GAP_INVALID_HANDLE;
   1579     UINT8   sec_id;
   1580     tL2CAP_CFG_INFO cfg;
   1581     tBTA_JV_API_L2CAP_CONNECT *cc = &(p_data->l2cap_connect);
   1582 
   1583     memset(&cfg, 0, sizeof(tL2CAP_CFG_INFO));
   1584     cfg.mtu_present = TRUE;
   1585     cfg.mtu = cc->rx_mtu;
   1586     /* TODO: DM role manager
   1587     L2CA_SetDesireRole(cc->role);
   1588     */
   1589 
   1590     sec_id = bta_jv_alloc_sec_id();
   1591     evt_data.sec_id = sec_id;
   1592     evt_data.status = BTA_JV_FAILURE;
   1593     if (sec_id)
   1594     {
   1595 #if SDP_FOR_JV_INCLUDED == TRUE
   1596         if(SDP_PSM == cc->remote_psm && 0 == bta_jv_cb.sdp_for_jv)
   1597         {
   1598             bta_jv_cb.sdp_for_jv = SDP_ConnOpen(cc->peer_bd_addr,
   1599                                        bta_jv_sdp_res_cback,
   1600                                        bta_jv_sdp_cback);
   1601             if(bta_jv_cb.sdp_for_jv)
   1602             {
   1603                 bta_jv_cb.sdp_data_size = 0;
   1604                 handle = BTA_JV_L2C_FOR_SDP_HDL;
   1605                 evt_data.status = BTA_JV_SUCCESS;
   1606             }
   1607         }
   1608         else
   1609 #endif
   1610         if(bta_jv_check_psm(cc->remote_psm)) /* allowed */
   1611         {
   1612             if( (handle = GAP_ConnOpen("", sec_id, 0, cc->peer_bd_addr, cc->remote_psm,
   1613                 &cfg, cc->sec_mask, GAP_FCR_CHAN_OPT_BASIC,
   1614                 bta_jv_l2cap_client_cback)) != GAP_INVALID_HANDLE )
   1615             {
   1616                 evt_data.status = BTA_JV_SUCCESS;
   1617             }
   1618         }
   1619     }
   1620 
   1621     if (evt_data.status == BTA_JV_SUCCESS)
   1622     {
   1623         p_cb = &bta_jv_cb.l2c_cb[handle];
   1624         p_cb->handle = handle;
   1625         p_cb->p_cback = cc->p_cback;
   1626         p_cb->psm = 0;  /* not a server */
   1627         p_cb->sec_id = sec_id;
   1628         p_cb->state = BTA_JV_ST_CL_OPENING;
   1629     }
   1630     else
   1631     {
   1632         bta_jv_free_sec_id(&sec_id);
   1633     }
   1634     evt_data.handle = handle;
   1635     cc->p_cback(BTA_JV_L2CAP_CL_INIT_EVT, (tBTA_JV *)&evt_data);
   1636 #endif
   1637 }
   1638 
   1639 /*******************************************************************************
   1640 **
   1641 ** Function     bta_jv_l2cap_close
   1642 **
   1643 ** Description  Close an L2CAP client connection
   1644 **
   1645 ** Returns      void
   1646 **
   1647 *******************************************************************************/
   1648 void bta_jv_l2cap_close(tBTA_JV_MSG *p_data)
   1649 {
   1650 #if 0
   1651     tBTA_JV_L2CAP_CLOSE  evt_data;
   1652     tBTA_JV_API_L2CAP_CLOSE *cc = &(p_data->l2cap_close);
   1653     tBTA_JV_L2CAP_CBACK *p_cback = cc->p_cb->p_cback;
   1654 
   1655     evt_data.handle = cc->handle;
   1656     evt_data.status = bta_jv_free_l2c_cb(cc->p_cb);
   1657     evt_data.async = FALSE;
   1658 
   1659     if (p_cback)
   1660         p_cback(BTA_JV_L2CAP_CLOSE_EVT, (tBTA_JV *)&evt_data);
   1661     else
   1662         APPL_TRACE_ERROR0("### NO CALLBACK SET !!! ###");
   1663 #endif
   1664 }
   1665 
   1666 /*******************************************************************************
   1667 **
   1668 ** Function         bta_jv_l2cap_server_cback
   1669 **
   1670 ** Description      handles the l2cap server callback
   1671 **
   1672 ** Returns          void
   1673 **
   1674 *******************************************************************************/
   1675 static void bta_jv_l2cap_server_cback(UINT16 gap_handle, UINT16 event)
   1676 {
   1677 #if 0
   1678     tBTA_JV_L2C_CB  *p_cb = &bta_jv_cb.l2c_cb[gap_handle];
   1679     tBTA_JV evt_data;
   1680     tBTA_JV_L2CAP_CBACK *p_cback;
   1681 
   1682     if(gap_handle >= BTA_JV_MAX_L2C_CONN && !p_cb->p_cback)
   1683         return;
   1684 
   1685     APPL_TRACE_DEBUG2( "bta_jv_l2cap_server_cback: %d evt:x%x",
   1686         gap_handle, event);
   1687     evt_data.l2c_open.status = BTA_JV_SUCCESS;
   1688     evt_data.l2c_open.handle = gap_handle;
   1689 
   1690     switch (event)
   1691     {
   1692     case GAP_EVT_CONN_OPENED:
   1693         bdcpy(evt_data.l2c_open.rem_bda, GAP_ConnGetRemoteAddr(gap_handle));
   1694         evt_data.l2c_open.tx_mtu = GAP_ConnGetRemMtuSize(gap_handle);
   1695         p_cb->state = BTA_JV_ST_SR_OPEN;
   1696         p_cb->p_cback(BTA_JV_L2CAP_OPEN_EVT, &evt_data);
   1697         break;
   1698 
   1699     case GAP_EVT_CONN_CLOSED:
   1700         evt_data.l2c_close.async = TRUE;
   1701         evt_data.l2c_close.handle = p_cb->handle;
   1702         p_cback = p_cb->p_cback;
   1703         evt_data.l2c_close.status = bta_jv_free_l2c_cb(p_cb);
   1704         p_cback(BTA_JV_L2CAP_CLOSE_EVT, &evt_data);
   1705         break;
   1706 
   1707     case GAP_EVT_CONN_DATA_AVAIL:
   1708         evt_data.handle = gap_handle;
   1709         p_cb->p_cback(BTA_JV_L2CAP_DATA_IND_EVT, &evt_data);
   1710         break;
   1711 
   1712     case GAP_EVT_CONN_CONGESTED:
   1713     case GAP_EVT_CONN_UNCONGESTED:
   1714         p_cb->cong = (event == GAP_EVT_CONN_CONGESTED) ? TRUE : FALSE;
   1715         evt_data.l2c_cong.cong = p_cb->cong;
   1716         p_cb->p_cback(BTA_JV_L2CAP_CONG_EVT, &evt_data);
   1717         break;
   1718 
   1719     default:
   1720         break;
   1721     }
   1722 #endif
   1723 }
   1724 
   1725 /*******************************************************************************
   1726 **
   1727 ** Function     bta_jv_l2cap_start_server
   1728 **
   1729 ** Description  starts an L2CAP server
   1730 **
   1731 ** Returns      void
   1732 **
   1733 *******************************************************************************/
   1734 void bta_jv_l2cap_start_server(tBTA_JV_MSG *p_data)
   1735 {
   1736 #if 0
   1737     tBTA_JV_L2C_CB      *p_cb;
   1738     UINT8   sec_id;
   1739     UINT16  handle;
   1740     tL2CAP_CFG_INFO cfg;
   1741     tBTA_JV_L2CAP_START evt_data;
   1742     tBTA_JV_API_L2CAP_SERVER *ls = &(p_data->l2cap_server);
   1743 
   1744     memset(&cfg, 0, sizeof(tL2CAP_CFG_INFO));
   1745 
   1746     //FIX: MTU=0 means not present
   1747     if (ls->rx_mtu >0)
   1748     {
   1749         cfg.mtu_present = TRUE;
   1750         cfg.mtu = ls->rx_mtu;
   1751     }
   1752     else
   1753     {
   1754         cfg.mtu_present = FALSE;
   1755         cfg.mtu = 0;
   1756     }
   1757 
   1758     /* TODO DM role manager
   1759     L2CA_SetDesireRole(ls->role);
   1760     */
   1761 
   1762     sec_id = bta_jv_alloc_sec_id();
   1763     if (0 == sec_id || (FALSE == bta_jv_check_psm(ls->local_psm)) ||
   1764         (handle = GAP_ConnOpen("JV L2CAP", sec_id, 1, 0, ls->local_psm, &cfg,
   1765             ls->sec_mask, GAP_FCR_CHAN_OPT_BASIC, bta_jv_l2cap_server_cback)) == GAP_INVALID_HANDLE)
   1766     {
   1767         bta_jv_free_sec_id(&sec_id);
   1768         evt_data.status = BTA_JV_FAILURE;
   1769     }
   1770     else
   1771     {
   1772         /* default JV implementation requires explicit call
   1773            to allow incoming connections when ready*/
   1774 
   1775         GAP_SetAcceptReady(handle, FALSE);
   1776 
   1777         p_cb = &bta_jv_cb.l2c_cb[handle];
   1778         evt_data.status = BTA_JV_SUCCESS;
   1779         evt_data.handle = handle;
   1780         evt_data.sec_id = sec_id;
   1781         p_cb->p_cback = ls->p_cback;
   1782         p_cb->handle = handle;
   1783         p_cb->sec_id = sec_id;
   1784         p_cb->state = BTA_JV_ST_SR_LISTEN;
   1785         p_cb->psm = ls->local_psm;
   1786     }
   1787     ls->p_cback(BTA_JV_L2CAP_START_EVT, (tBTA_JV *)&evt_data);
   1788 #endif
   1789 }
   1790 
   1791 /*******************************************************************************
   1792 **
   1793 ** Function     bta_jv_l2cap_stop_server
   1794 **
   1795 ** Description  stops an L2CAP server
   1796 **
   1797 ** Returns      void
   1798 **
   1799 *******************************************************************************/
   1800 void bta_jv_l2cap_stop_server(tBTA_JV_MSG *p_data)
   1801 {
   1802 #if 0
   1803     tBTA_JV_L2C_CB      *p_cb;
   1804     tBTA_JV_L2CAP_CLOSE  evt_data;
   1805     tBTA_JV_API_L2CAP_SERVER *ls = &(p_data->l2cap_server);
   1806     tBTA_JV_L2CAP_CBACK *p_cback;
   1807     int i;
   1808 
   1809     for(i=0; i<BTA_JV_MAX_L2C_CONN; i++)
   1810     {
   1811         if(bta_jv_cb.l2c_cb[i].psm == ls->local_psm)
   1812         {
   1813             p_cb = &bta_jv_cb.l2c_cb[i];
   1814             p_cback = p_cb->p_cback;
   1815             evt_data.handle = p_cb->handle;
   1816             evt_data.status = bta_jv_free_l2c_cb(p_cb);
   1817             evt_data.async = FALSE;
   1818             p_cback(BTA_JV_L2CAP_CLOSE_EVT, (tBTA_JV *)&evt_data);
   1819             break;
   1820         }
   1821     }
   1822 #endif
   1823 }
   1824 
   1825 /*******************************************************************************
   1826 **
   1827 ** Function     bta_jv_l2cap_read
   1828 **
   1829 ** Description  Read data from an L2CAP connection
   1830 **
   1831 ** Returns      void
   1832 **
   1833 *******************************************************************************/
   1834 void bta_jv_l2cap_read(tBTA_JV_MSG *p_data)
   1835 {
   1836 #if 0
   1837     tBTA_JV_L2CAP_READ evt_data;
   1838     tBTA_JV_API_L2CAP_READ *rc = &(p_data->l2cap_read);
   1839 
   1840     evt_data.status = BTA_JV_FAILURE;
   1841     evt_data.handle = rc->handle;
   1842     evt_data.req_id = rc->req_id;
   1843     evt_data.p_data = rc->p_data;
   1844     evt_data.len    = 0;
   1845 #if SDP_FOR_JV_INCLUDED == TRUE
   1846     if(BTA_JV_L2C_FOR_SDP_HDL == rc->handle)
   1847     {
   1848         evt_data.len = rc->len;
   1849         if(evt_data.len > bta_jv_cb.sdp_data_size)
   1850             evt_data.len = bta_jv_cb.sdp_data_size;
   1851 
   1852         memcpy(rc->p_data, p_bta_jv_cfg->p_sdp_raw_data, evt_data.len);
   1853         bta_jv_cb.sdp_data_size = 0;
   1854         evt_data.status = BTA_JV_SUCCESS;
   1855     }
   1856     else
   1857 #endif
   1858     if (BT_PASS == GAP_ConnReadData(rc->handle, rc->p_data, rc->len, &evt_data.len))
   1859     {
   1860         evt_data.status = BTA_JV_SUCCESS;
   1861     }
   1862 
   1863     rc->p_cback(BTA_JV_L2CAP_READ_EVT, (tBTA_JV *)&evt_data);
   1864 #endif
   1865 }
   1866 
   1867 
   1868 /*******************************************************************************
   1869 **
   1870 ** Function     bta_jv_l2cap_write
   1871 **
   1872 ** Description  Write data to an L2CAP connection
   1873 **
   1874 ** Returns      void
   1875 **
   1876 *******************************************************************************/
   1877 void bta_jv_l2cap_write(tBTA_JV_MSG *p_data)
   1878 {
   1879 #if 0
   1880     tBTA_JV_L2CAP_WRITE evt_data;
   1881     tBTA_JV_API_L2CAP_WRITE *ls = &(p_data->l2cap_write);
   1882 
   1883     evt_data.status = BTA_JV_FAILURE;
   1884     evt_data.handle = ls->handle;
   1885     evt_data.req_id = ls->req_id;
   1886     evt_data.cong   = ls->p_cb->cong;
   1887     evt_data.len    = 0;
   1888 #if SDP_FOR_JV_INCLUDED == TRUE
   1889     if(BTA_JV_L2C_FOR_SDP_HDL == ls->handle)
   1890     {
   1891         UINT8   *p;
   1892         BT_HDR  *p_msg = (BT_HDR *) GKI_getbuf ((UINT16)(ls->len + BT_HDR_SIZE + L2CAP_MIN_OFFSET));
   1893         if(p_msg)
   1894         {
   1895             p_msg->offset = L2CAP_MIN_OFFSET;
   1896             p = (UINT8 *)(p_msg + 1) + L2CAP_MIN_OFFSET;
   1897             p_msg->len = ls->len;
   1898             memcpy(p, ls->p_data, p_msg->len);
   1899             bta_jv_pm_conn_busy(ls->p_cb->p_pm_cb);
   1900             if(SDP_WriteData (bta_jv_cb.sdp_for_jv, p_msg))
   1901             {
   1902                 evt_data.len    = ls->len;
   1903                 evt_data.status = BTA_JV_SUCCESS;
   1904             }
   1905         }
   1906     }
   1907     else
   1908 #endif
   1909     {
   1910         bta_jv_pm_conn_busy(ls->p_cb->p_pm_cb);
   1911         if (!evt_data.cong &&
   1912            BT_PASS == GAP_ConnWriteData(ls->handle, ls->p_data, ls->len, &evt_data.len))
   1913         {
   1914            evt_data.status = BTA_JV_SUCCESS;
   1915         }
   1916     }
   1917     ls->p_cb->p_cback(BTA_JV_L2CAP_WRITE_EVT, (tBTA_JV *)&evt_data);
   1918 	bta_jv_set_pm_conn_state(ls->p_cb->p_pm_cb, BTA_JV_CONN_IDLE);
   1919 #endif
   1920 }
   1921 
   1922 /*******************************************************************************
   1923 **
   1924 ** Function     bta_jv_port_data_co_cback
   1925 **
   1926 ** Description  port data callback function of rfcomm
   1927 **              connections
   1928 **
   1929 ** Returns      void
   1930 **
   1931 *******************************************************************************/
   1932 /*
   1933 #define DATA_CO_CALLBACK_TYPE_INCOMING          1
   1934 #define DATA_CO_CALLBACK_TYPE_OUTGOING_SIZE     2
   1935 #define DATA_CO_CALLBACK_TYPE_OUTGOING          3
   1936 */
   1937 static int bta_jv_port_data_co_cback(UINT16 port_handle, UINT8 *buf, UINT16 len, int type)
   1938 {
   1939     tBTA_JV_RFC_CB  *p_cb = bta_jv_rfc_port_to_cb(port_handle);
   1940     tBTA_JV_PCB     *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
   1941     APPL_TRACE_DEBUG3("bta_jv_port_data_co_cback, p_cb:%p, p_pcb:%p, len:%d",
   1942                         p_cb, p_pcb, len);
   1943     if (p_pcb != NULL)
   1944     {
   1945         switch(type)
   1946         {
   1947             case DATA_CO_CALLBACK_TYPE_INCOMING:
   1948                 return bta_co_rfc_data_incoming(p_pcb->user_data, (BT_HDR*)buf);
   1949             case DATA_CO_CALLBACK_TYPE_OUTGOING_SIZE:
   1950                 return bta_co_rfc_data_outgoing_size(p_pcb->user_data, (int*)buf);
   1951             case DATA_CO_CALLBACK_TYPE_OUTGOING:
   1952                 return bta_co_rfc_data_outgoing(p_pcb->user_data, buf, len);
   1953             default:
   1954                 APPL_TRACE_ERROR1("unknown callout type:%d", type);
   1955                 break;
   1956         }
   1957     }
   1958     return 0;
   1959 }
   1960 
   1961 /*******************************************************************************
   1962 **
   1963 ** Function     bta_jv_port_mgmt_cl_cback
   1964 **
   1965 ** Description  callback for port mamangement function of rfcomm
   1966 **              client connections
   1967 **
   1968 ** Returns      void
   1969 **
   1970 *******************************************************************************/
   1971 static void bta_jv_port_mgmt_cl_cback(UINT32 code, UINT16 port_handle)
   1972 {
   1973     tBTA_JV_RFC_CB  *p_cb = bta_jv_rfc_port_to_cb(port_handle);
   1974     tBTA_JV_PCB     *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
   1975     tBTA_JV evt_data;
   1976     BD_ADDR rem_bda;
   1977     UINT16 lcid;
   1978     tBTA_JV_RFCOMM_CBACK *p_cback;  /* the callback function */
   1979 
   1980     APPL_TRACE_DEBUG2( "bta_jv_port_mgmt_cl_cback:code:%d, port_handle%d", code, port_handle);
   1981     if(NULL == p_cb || NULL == p_cb->p_cback)
   1982         return;
   1983 
   1984     APPL_TRACE_DEBUG3( "bta_jv_port_mgmt_cl_cback code=%d port_handle:%d handle:%d",
   1985         code, port_handle, p_cb->handle);
   1986 
   1987     PORT_CheckConnection(port_handle, rem_bda, &lcid);
   1988 
   1989     if(code == PORT_SUCCESS)
   1990     {
   1991         evt_data.rfc_open.handle = p_cb->handle;
   1992         evt_data.rfc_open.status = BTA_JV_SUCCESS;
   1993         bdcpy(evt_data.rfc_open.rem_bda, rem_bda);
   1994         p_pcb->state = BTA_JV_ST_CL_OPEN;
   1995         p_cb->p_cback(BTA_JV_RFCOMM_OPEN_EVT, &evt_data, p_pcb->user_data);
   1996     }
   1997     else
   1998     {
   1999         evt_data.rfc_close.handle = p_cb->handle;
   2000         evt_data.rfc_close.status = BTA_JV_FAILURE;
   2001         evt_data.rfc_close.port_status = code;
   2002         evt_data.rfc_close.async = TRUE;
   2003         if (p_pcb->state == BTA_JV_ST_CL_CLOSING)
   2004         {
   2005             evt_data.rfc_close.async = FALSE;
   2006         }
   2007         //p_pcb->state = BTA_JV_ST_NONE;
   2008         //p_pcb->cong = FALSE;
   2009         p_cback = p_cb->p_cback;
   2010         p_cback(BTA_JV_RFCOMM_CLOSE_EVT, &evt_data, p_pcb->user_data);
   2011         //bta_jv_free_rfc_cb(p_cb, p_pcb);
   2012     }
   2013 
   2014 }
   2015 
   2016 /*******************************************************************************
   2017 **
   2018 ** Function     bta_jv_port_event_cl_cback
   2019 **
   2020 ** Description  Callback for RFCOMM client port events
   2021 **
   2022 ** Returns      void
   2023 **
   2024 *******************************************************************************/
   2025 static void bta_jv_port_event_cl_cback(UINT32 code, UINT16 port_handle)
   2026 {
   2027     tBTA_JV_RFC_CB  *p_cb = bta_jv_rfc_port_to_cb(port_handle);
   2028     tBTA_JV_PCB     *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
   2029     tBTA_JV evt_data;
   2030 
   2031     APPL_TRACE_DEBUG1( "bta_jv_port_event_cl_cback:%d", port_handle);
   2032     if(NULL == p_cb || NULL == p_cb->p_cback)
   2033         return;
   2034 
   2035     APPL_TRACE_DEBUG3( "bta_jv_port_event_cl_cback code=x%x port_handle:%d handle:%d",
   2036         code, port_handle, p_cb->handle);
   2037     if (code & PORT_EV_RXCHAR)
   2038     {
   2039         evt_data.data_ind.handle = p_cb->handle;
   2040         p_cb->p_cback(BTA_JV_RFCOMM_DATA_IND_EVT, &evt_data, p_pcb->user_data);
   2041     }
   2042 
   2043     if (code & PORT_EV_FC)
   2044     {
   2045         p_pcb->cong = (code & PORT_EV_FCS) ? FALSE : TRUE;
   2046         evt_data.rfc_cong.cong = p_pcb->cong;
   2047         evt_data.rfc_cong.handle = p_cb->handle;
   2048         evt_data.rfc_cong.status = BTA_JV_SUCCESS;
   2049         p_cb->p_cback(BTA_JV_RFCOMM_CONG_EVT, &evt_data, p_pcb->user_data);
   2050     }
   2051 
   2052     if (code & PORT_EV_TXEMPTY)
   2053     {
   2054         bta_jv_pm_conn_idle(p_pcb->p_pm_cb);
   2055     }
   2056 }
   2057 
   2058 /*******************************************************************************
   2059 **
   2060 ** Function     bta_jv_rfcomm_connect
   2061 **
   2062 ** Description  Client initiates an RFCOMM connection
   2063 **
   2064 ** Returns      void
   2065 **
   2066 *******************************************************************************/
   2067 void bta_jv_rfcomm_connect(tBTA_JV_MSG *p_data)
   2068 {
   2069     UINT16 handle = 0;
   2070     UINT32 event_mask = BTA_JV_RFC_EV_MASK;
   2071     tPORT_STATE port_state;
   2072     UINT8   sec_id = 0;
   2073     tBTA_JV_RFC_CB  *p_cb = NULL;
   2074     tBTA_JV_PCB     *p_pcb;
   2075     tBTA_JV_API_RFCOMM_CONNECT *cc = &(p_data->rfcomm_connect);
   2076     tBTA_JV_RFCOMM_CL_INIT      evt_data = {0};
   2077 
   2078     /* TODO DM role manager
   2079     L2CA_SetDesireRole(cc->role);
   2080     */
   2081 
   2082     sec_id = bta_jv_alloc_sec_id();
   2083     evt_data.sec_id = sec_id;
   2084     evt_data.status = BTA_JV_SUCCESS;
   2085     if (0 == sec_id ||
   2086         BTM_SetSecurityLevel(TRUE, "", sec_id,  cc->sec_mask, BT_PSM_RFCOMM,
   2087                 BTM_SEC_PROTO_RFCOMM, cc->remote_scn) == FALSE)
   2088     {
   2089         evt_data.status = BTA_JV_FAILURE;
   2090         APPL_TRACE_ERROR2("sec_id:%d is zero or BTM_SetSecurityLevel failed, remote_scn:%d", sec_id, cc->remote_scn);
   2091     }
   2092 
   2093     if (evt_data.status == BTA_JV_SUCCESS &&
   2094         RFCOMM_CreateConnection(UUID_SERVCLASS_SERIAL_PORT, cc->remote_scn, FALSE,
   2095         BTA_JV_DEF_RFC_MTU, cc->peer_bd_addr, &handle, bta_jv_port_mgmt_cl_cback) != PORT_SUCCESS)
   2096     {
   2097         APPL_TRACE_ERROR0("bta_jv_rfcomm_connect, RFCOMM_CreateConnection failed");
   2098         evt_data.status = BTA_JV_FAILURE;
   2099     }
   2100     if (evt_data.status == BTA_JV_SUCCESS)
   2101     {
   2102         p_cb = bta_jv_alloc_rfc_cb(handle, &p_pcb);
   2103         if(p_cb)
   2104         {
   2105             p_cb->p_cback = cc->p_cback;
   2106             p_cb->sec_id = sec_id;
   2107             p_cb->scn = 0;
   2108             p_pcb->state = BTA_JV_ST_CL_OPENING;
   2109             p_pcb->user_data = cc->user_data;
   2110             evt_data.use_co = TRUE;
   2111 
   2112             PORT_SetEventCallback(handle, bta_jv_port_event_cl_cback);
   2113             PORT_SetEventMask(handle, event_mask);
   2114             PORT_SetDataCOCallback (handle, bta_jv_port_data_co_cback);
   2115 
   2116             PORT_GetState(handle, &port_state);
   2117 
   2118             port_state.fc_type = (PORT_FC_CTS_ON_INPUT | PORT_FC_CTS_ON_OUTPUT);
   2119 
   2120             /* coverity[uninit_use_in_call]
   2121                FALSE-POSITIVE: port_state is initialized at PORT_GetState() */
   2122             PORT_SetState(handle, &port_state);
   2123 
   2124             evt_data.handle = p_cb->handle;
   2125         }
   2126         else
   2127         {
   2128             evt_data.status = BTA_JV_FAILURE;
   2129             APPL_TRACE_ERROR0("run out of rfc control block");
   2130         }
   2131     }
   2132     cc->p_cback(BTA_JV_RFCOMM_CL_INIT_EVT, (tBTA_JV *)&evt_data, cc->user_data);
   2133     if(evt_data.status == BTA_JV_FAILURE)
   2134     {
   2135         if(sec_id)
   2136             bta_jv_free_sec_id(&sec_id);
   2137         if(handle)
   2138             RFCOMM_RemoveConnection(handle);
   2139     }
   2140  }
   2141 
   2142 static int find_rfc_pcb(void* user_data, tBTA_JV_RFC_CB **cb, tBTA_JV_PCB **pcb)
   2143 {
   2144     *cb = NULL;
   2145     *pcb = NULL;
   2146     int i;
   2147     for (i = 0; i < MAX_RFC_PORTS; i++)
   2148     {
   2149         UINT32 rfc_handle = bta_jv_cb.port_cb[i].handle & BTA_JV_RFC_HDL_MASK;
   2150         rfc_handle &= ~BTA_JV_RFCOMM_MASK;
   2151         if (rfc_handle && bta_jv_cb.port_cb[i].user_data == user_data)
   2152         {
   2153             *pcb = &bta_jv_cb.port_cb[i];
   2154             *cb = &bta_jv_cb.rfc_cb[rfc_handle - 1];
   2155             APPL_TRACE_DEBUG4("find_rfc_pcb(): FOUND rfc_cb_handle 0x%x, port.jv_handle:"
   2156                     " 0x%x, state: %d, rfc_cb->handle: 0x%x", rfc_handle, (*pcb)->handle,
   2157                     (*pcb)->state, (*cb)->handle);
   2158             return 1;
   2159         }
   2160     }
   2161     APPL_TRACE_DEBUG1("find_rfc_pcb: cannot find rfc_cb from user data:%d", (UINT32)user_data);
   2162     return 0;
   2163 }
   2164 
   2165 /*******************************************************************************
   2166 **
   2167 ** Function     bta_jv_rfcomm_close
   2168 **
   2169 ** Description  Close an RFCOMM connection
   2170 **
   2171 ** Returns      void
   2172 **
   2173 *******************************************************************************/
   2174 void bta_jv_rfcomm_close(tBTA_JV_MSG *p_data)
   2175 {
   2176     tBTA_JV_API_RFCOMM_CLOSE *cc = &(p_data->rfcomm_close);
   2177     tBTA_JV_RFC_CB           *p_cb = NULL;
   2178     tBTA_JV_PCB              *p_pcb = NULL;
   2179     APPL_TRACE_DEBUG1("bta_jv_rfcomm_close, rfc handle:%d", cc->handle);
   2180     if (!cc->handle)
   2181     {
   2182         APPL_TRACE_ERROR0("bta_jv_rfcomm_close, rfc handle is null");
   2183         return;
   2184     }
   2185 
   2186     void* user_data = cc->user_data;
   2187     if (!find_rfc_pcb(user_data, &p_cb, &p_pcb))
   2188         return;
   2189     bta_jv_free_rfc_cb(p_cb, p_pcb);
   2190     APPL_TRACE_DEBUG2("bta_jv_rfcomm_close: sec id in use:%d, rfc_cb in use:%d",
   2191                 get_sec_id_used(), get_rfc_cb_used());
   2192 }
   2193 
   2194 /*******************************************************************************
   2195 **
   2196 ** Function     bta_jv_get_num_rfc_listen
   2197 **
   2198 ** Description  when a RFCOMM connection goes down, make sure that there's only
   2199 **              one port stays listening on this scn.
   2200 **
   2201 ** Returns
   2202 **
   2203 *******************************************************************************/
   2204 static UINT8 bta_jv_get_num_rfc_listen(tBTA_JV_RFC_CB *p_cb)
   2205 {
   2206     UINT8   i, listen=1;
   2207     tBTA_JV_PCB *p_pcb;
   2208 
   2209     if (p_cb->max_sess > 1)
   2210     {
   2211         listen = 0;
   2212         for (i=0; i<p_cb->max_sess; i++)
   2213         {
   2214             if (p_cb->rfc_hdl[i] != 0)
   2215             {
   2216                 p_pcb = &bta_jv_cb.port_cb[p_cb->rfc_hdl[i] - 1];
   2217                 if (BTA_JV_ST_SR_LISTEN == p_pcb->state)
   2218                 {
   2219                     listen++;
   2220                 }
   2221             }
   2222         }
   2223     }
   2224     return listen;
   2225 }
   2226 
   2227 /*******************************************************************************
   2228 **
   2229 ** Function     bta_jv_port_mgmt_sr_cback
   2230 **
   2231 ** Description  callback for port mamangement function of rfcomm
   2232 **              server connections
   2233 **
   2234 ** Returns      void
   2235 **
   2236 *******************************************************************************/
   2237 static void bta_jv_port_mgmt_sr_cback(UINT32 code, UINT16 port_handle)
   2238 {
   2239     tBTA_JV_PCB     *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
   2240     tBTA_JV_RFC_CB  *p_cb = bta_jv_rfc_port_to_cb(port_handle);
   2241     tBTA_JV evt_data;
   2242     BD_ADDR rem_bda;
   2243     UINT16 lcid;
   2244     UINT8  num;
   2245     UINT32  si;
   2246     APPL_TRACE_DEBUG2("bta_jv_port_mgmt_sr_cback, code:%d, port_handle:%d", code, port_handle);
   2247     if(NULL == p_cb || NULL == p_cb->p_cback)
   2248     {
   2249         APPL_TRACE_ERROR2("bta_jv_port_mgmt_sr_cback, p_cb:%p, p_cb->p_cback%p",
   2250                 p_cb, p_cb ? p_cb->p_cback : NULL);
   2251         return;
   2252     }
   2253     void *user_data = p_pcb->user_data;
   2254     APPL_TRACE_DEBUG5( "bta_jv_port_mgmt_sr_cback code=%d port_handle:0x%x handle:0x%x, p_pcb:%p, user:%d",
   2255         code, port_handle, p_cb->handle, p_pcb, p_pcb->user_data);
   2256 
   2257     PORT_CheckConnection(port_handle, rem_bda, &lcid);
   2258     int failed = TRUE;
   2259     if (code == PORT_SUCCESS)
   2260     {
   2261         evt_data.rfc_srv_open.handle = p_pcb->handle;
   2262         evt_data.rfc_srv_open.status = BTA_JV_SUCCESS;
   2263         bdcpy(evt_data.rfc_srv_open.rem_bda, rem_bda);
   2264         tBTA_JV_PCB *p_pcb_new_listen  = bta_jv_add_rfc_port(p_cb, p_pcb);
   2265         if (p_pcb_new_listen)
   2266         {
   2267             evt_data.rfc_srv_open.new_listen_handle = p_pcb_new_listen->handle;
   2268             p_pcb_new_listen->user_data = p_cb->p_cback(BTA_JV_RFCOMM_SRV_OPEN_EVT, &evt_data, user_data);
   2269             APPL_TRACE_DEBUG2("PORT_SUCCESS: curr_sess:%d, max_sess:%d", p_cb->curr_sess, p_cb->max_sess);
   2270             failed = FALSE;
   2271         }
   2272         else
   2273             APPL_TRACE_ERROR0("bta_jv_add_rfc_port failed to create new listen port");
   2274     }
   2275     if (failed)
   2276     {
   2277         evt_data.rfc_close.handle = p_cb->handle;
   2278         evt_data.rfc_close.status = BTA_JV_FAILURE;
   2279         evt_data.rfc_close.async = TRUE;
   2280         evt_data.rfc_close.port_status = code;
   2281         p_pcb->cong = FALSE;
   2282 
   2283         tBTA_JV_RFCOMM_CBACK    *p_cback = p_cb->p_cback;
   2284         APPL_TRACE_DEBUG2("PORT_CLOSED before BTA_JV_RFCOMM_CLOSE_EVT: curr_sess:%d, max_sess:%d",
   2285                             p_cb->curr_sess, p_cb->max_sess);
   2286         if(BTA_JV_ST_SR_CLOSING == p_pcb->state)
   2287         {
   2288             evt_data.rfc_close.async = FALSE;
   2289             evt_data.rfc_close.status = BTA_JV_SUCCESS;
   2290         }
   2291         //p_pcb->state = BTA_JV_ST_NONE;
   2292         p_cback(BTA_JV_RFCOMM_CLOSE_EVT, &evt_data, user_data);
   2293         //bta_jv_free_rfc_cb(p_cb, p_pcb);
   2294 
   2295         APPL_TRACE_DEBUG2("PORT_CLOSED after BTA_JV_RFCOMM_CLOSE_EVT: curr_sess:%d, max_sess:%d",
   2296                 p_cb->curr_sess, p_cb->max_sess);
   2297      }
   2298 }
   2299 
   2300 /*******************************************************************************
   2301 **
   2302 ** Function     bta_jv_port_event_sr_cback
   2303 **
   2304 ** Description  Callback for RFCOMM server port events
   2305 **
   2306 ** Returns      void
   2307 **
   2308 *******************************************************************************/
   2309 static void bta_jv_port_event_sr_cback(UINT32 code, UINT16 port_handle)
   2310 {
   2311     tBTA_JV_PCB     *p_pcb = bta_jv_rfc_port_to_pcb(port_handle);
   2312     tBTA_JV_RFC_CB  *p_cb = bta_jv_rfc_port_to_cb(port_handle);
   2313     tBTA_JV evt_data;
   2314 
   2315     if(NULL == p_cb || NULL == p_cb->p_cback)
   2316         return;
   2317 
   2318     APPL_TRACE_DEBUG3( "bta_jv_port_event_sr_cback code=x%x port_handle:%d handle:%d",
   2319         code, port_handle, p_cb->handle);
   2320 
   2321     void *user_data = p_pcb->user_data;
   2322     if (code & PORT_EV_RXCHAR)
   2323     {
   2324         evt_data.data_ind.handle = p_cb->handle;
   2325         p_cb->p_cback(BTA_JV_RFCOMM_DATA_IND_EVT, &evt_data, user_data);
   2326     }
   2327 
   2328     if (code & PORT_EV_FC)
   2329     {
   2330         p_pcb->cong = (code & PORT_EV_FCS) ? FALSE : TRUE;
   2331         evt_data.rfc_cong.cong = p_pcb->cong;
   2332         evt_data.rfc_cong.handle = p_cb->handle;
   2333         evt_data.rfc_cong.status = BTA_JV_SUCCESS;
   2334         p_cb->p_cback(BTA_JV_RFCOMM_CONG_EVT, &evt_data, user_data);
   2335     }
   2336 
   2337     if (code & PORT_EV_TXEMPTY)
   2338     {
   2339         bta_jv_pm_conn_idle(p_pcb->p_pm_cb);
   2340     }
   2341 }
   2342 
   2343 /*******************************************************************************
   2344 **
   2345 ** Function     bta_jv_add_rfc_port
   2346 **
   2347 ** Description  add a port for server when the existing posts is open
   2348 **
   2349 ** Returns   return a pointer to tBTA_JV_PCB just added
   2350 **
   2351 *******************************************************************************/
   2352 static tBTA_JV_PCB * bta_jv_add_rfc_port(tBTA_JV_RFC_CB *p_cb, tBTA_JV_PCB *p_pcb_open)
   2353 {
   2354     UINT8   used = 0, i, listen=0;
   2355     UINT32  si = 0;
   2356     tPORT_STATE port_state;
   2357     UINT32 event_mask = BTA_JV_RFC_EV_MASK;
   2358     tBTA_JV_PCB *p_pcb = NULL;
   2359     if (p_cb->max_sess > 1)
   2360     {
   2361         for (i=0; i < p_cb->max_sess; i++)
   2362         {
   2363             if (p_cb->rfc_hdl[i] != 0)
   2364             {
   2365                 p_pcb = &bta_jv_cb.port_cb[p_cb->rfc_hdl[i] - 1];
   2366                 if (p_pcb->state == BTA_JV_ST_SR_LISTEN)
   2367                 {
   2368                     listen++;
   2369                     if(p_pcb_open == p_pcb)
   2370                     {
   2371                         APPL_TRACE_DEBUG1("bta_jv_add_rfc_port, port_handle:%d, change the listen port to open state",
   2372                                               p_pcb->port_handle);
   2373                         p_pcb->state = BTA_JV_ST_SR_OPEN;
   2374 
   2375                     }
   2376                     else
   2377                     {
   2378                         APPL_TRACE_ERROR3("bta_jv_add_rfc_port, open pcb not matching listen one,"
   2379                             "listen count:%d, listen pcb handle:%d, open pcb:%d",
   2380                                listen, p_pcb->port_handle, p_pcb_open->handle);
   2381                         return NULL;
   2382                     }
   2383                 }
   2384                 used++;
   2385             }
   2386             else if (si == 0)
   2387             {
   2388                 si = i + 1;
   2389             }
   2390         }
   2391 
   2392         APPL_TRACE_DEBUG5("bta_jv_add_rfc_port max_sess=%d used:%d curr_sess:%d, listen:%d si:%d",
   2393                     p_cb->max_sess, used, p_cb->curr_sess, listen, si);
   2394         if (used < p_cb->max_sess && listen == 1 && si)
   2395         {
   2396             si--;
   2397             if (RFCOMM_CreateConnection(p_cb->sec_id, p_cb->scn, TRUE,
   2398                 BTA_JV_DEF_RFC_MTU, (UINT8 *) bd_addr_any, &(p_cb->rfc_hdl[si]), bta_jv_port_mgmt_sr_cback) == PORT_SUCCESS)
   2399             {
   2400                 p_cb->curr_sess++;
   2401                 p_pcb = &bta_jv_cb.port_cb[p_cb->rfc_hdl[si] - 1];
   2402                 p_pcb->state = BTA_JV_ST_SR_LISTEN;
   2403                 p_pcb->port_handle = p_cb->rfc_hdl[si];
   2404                 p_pcb->user_data = p_pcb_open->user_data;
   2405 
   2406                 PORT_ClearKeepHandleFlag(p_pcb->port_handle);
   2407                 PORT_SetEventCallback(p_pcb->port_handle, bta_jv_port_event_sr_cback);
   2408                 PORT_SetDataCOCallback (p_pcb->port_handle, bta_jv_port_data_co_cback);
   2409                 PORT_SetEventMask(p_pcb->port_handle, event_mask);
   2410                 PORT_GetState(p_pcb->port_handle, &port_state);
   2411 
   2412                 port_state.fc_type = (PORT_FC_CTS_ON_INPUT | PORT_FC_CTS_ON_OUTPUT);
   2413 
   2414 /* coverity[uninit_use_in_call]
   2415 FALSE-POSITIVE: port_state is initialized at PORT_GetState() */
   2416                 PORT_SetState(p_pcb->port_handle, &port_state);
   2417                 p_pcb->handle = BTA_JV_RFC_H_S_TO_HDL(p_cb->handle, si);
   2418                 APPL_TRACE_DEBUG2("bta_jv_add_rfc_port: p_pcb->handle:0x%x, curr_sess:%d",
   2419                                     p_pcb->handle, p_cb->curr_sess);
   2420             }
   2421         }
   2422         else
   2423             APPL_TRACE_ERROR0("bta_jv_add_rfc_port, cannot create new rfc listen port");
   2424     }
   2425     APPL_TRACE_DEBUG2("bta_jv_add_rfc_port: sec id in use:%d, rfc_cb in use:%d",
   2426                 get_sec_id_used(), get_rfc_cb_used());
   2427     return p_pcb;
   2428 }
   2429 
   2430 /*******************************************************************************
   2431 **
   2432 ** Function     bta_jv_rfcomm_start_server
   2433 **
   2434 ** Description  waits for an RFCOMM client to connect
   2435 **
   2436 **
   2437 ** Returns      void
   2438 **
   2439 *******************************************************************************/
   2440 void bta_jv_rfcomm_start_server(tBTA_JV_MSG *p_data)
   2441 {
   2442     UINT16 handle = 0;
   2443     UINT32 event_mask = BTA_JV_RFC_EV_MASK;
   2444     tPORT_STATE port_state;
   2445     UINT8   sec_id = 0;
   2446     tBTA_JV_RFC_CB  *p_cb = NULL;
   2447     tBTA_JV_PCB     *p_pcb;
   2448     tBTA_JV_API_RFCOMM_SERVER *rs = &(p_data->rfcomm_server);
   2449     tBTA_JV_RFCOMM_START        evt_data = {0};
   2450     /* TODO DM role manager
   2451     L2CA_SetDesireRole(rs->role);
   2452     */
   2453     evt_data.status = BTA_JV_FAILURE;
   2454     APPL_TRACE_DEBUG2("bta_jv_rfcomm_start_server: sec id in use:%d, rfc_cb in use:%d",
   2455                 get_sec_id_used(), get_rfc_cb_used());
   2456 
   2457     do
   2458     {
   2459         sec_id = bta_jv_alloc_sec_id();
   2460 
   2461         if (0 == sec_id ||
   2462             BTM_SetSecurityLevel(FALSE, "JV PORT", sec_id,  rs->sec_mask,
   2463                 BT_PSM_RFCOMM, BTM_SEC_PROTO_RFCOMM, rs->local_scn) == FALSE)
   2464         {
   2465             APPL_TRACE_ERROR0("bta_jv_rfcomm_start_server, run out of sec_id");
   2466             break;
   2467         }
   2468 
   2469         if (RFCOMM_CreateConnection(sec_id, rs->local_scn, TRUE,
   2470             BTA_JV_DEF_RFC_MTU, (UINT8 *) bd_addr_any, &handle, bta_jv_port_mgmt_sr_cback) != PORT_SUCCESS)
   2471         {
   2472             APPL_TRACE_ERROR0("bta_jv_rfcomm_start_server, RFCOMM_CreateConnection failed");
   2473             break;
   2474         }
   2475 
   2476 
   2477         p_cb = bta_jv_alloc_rfc_cb(handle, &p_pcb);
   2478         if(!p_cb)
   2479         {
   2480             APPL_TRACE_ERROR0("bta_jv_rfcomm_start_server, run out of rfc control block");
   2481             break;
   2482         }
   2483 
   2484         p_cb->max_sess = rs->max_session;
   2485         p_cb->p_cback = rs->p_cback;
   2486         p_cb->sec_id = sec_id;
   2487         p_cb->scn = rs->local_scn;
   2488         p_pcb->state = BTA_JV_ST_SR_LISTEN;
   2489         p_pcb->user_data = rs->user_data;
   2490         evt_data.status = BTA_JV_SUCCESS;
   2491         evt_data.handle = p_cb->handle;
   2492         evt_data.sec_id = sec_id;
   2493         evt_data.use_co = TRUE; //FALSE;
   2494 
   2495         PORT_ClearKeepHandleFlag(handle);
   2496         PORT_SetEventCallback(handle, bta_jv_port_event_sr_cback);
   2497         PORT_SetEventMask(handle, event_mask);
   2498         PORT_GetState(handle, &port_state);
   2499 
   2500         port_state.fc_type = (PORT_FC_CTS_ON_INPUT | PORT_FC_CTS_ON_OUTPUT);
   2501 
   2502 /* coverity[uninit_use_in_call]
   2503 FALSE-POSITIVE: port_state is initialized at PORT_GetState() */
   2504         PORT_SetState(handle, &port_state);
   2505     } while (0);
   2506     rs->p_cback(BTA_JV_RFCOMM_START_EVT, (tBTA_JV *)&evt_data, rs->user_data);
   2507     if(evt_data.status == BTA_JV_SUCCESS)
   2508     {
   2509         PORT_SetDataCOCallback (handle, bta_jv_port_data_co_cback);
   2510     }
   2511     else
   2512     {
   2513         if(sec_id)
   2514             bta_jv_free_sec_id(&sec_id);
   2515         if(handle)
   2516             RFCOMM_RemoveConnection(handle);
   2517     }
   2518 }
   2519 
   2520 /*******************************************************************************
   2521 **
   2522 ** Function     bta_jv_rfcomm_stop_server
   2523 **
   2524 ** Description  stops an RFCOMM server
   2525 **
   2526 ** Returns      void
   2527 **
   2528 *******************************************************************************/
   2529 
   2530 void bta_jv_rfcomm_stop_server(tBTA_JV_MSG *p_data)
   2531 {
   2532     tBTA_JV_API_RFCOMM_SERVER *ls = &(p_data->rfcomm_server);
   2533     tBTA_JV_RFC_CB           *p_cb = NULL;
   2534     tBTA_JV_PCB              *p_pcb = NULL;
   2535     APPL_TRACE_ERROR0("bta_jv_rfcomm_stop_server");
   2536     if(!ls->handle)
   2537     {
   2538         APPL_TRACE_ERROR0("bta_jv_rfcomm_stop_server, jv handle is null");
   2539         return;
   2540     }
   2541     void* user_data = ls->user_data;
   2542     if(!find_rfc_pcb(user_data, &p_cb, &p_pcb))
   2543         return;
   2544     APPL_TRACE_DEBUG2("bta_jv_rfcomm_stop_server: p_pcb:%p, p_pcb->port_handle:%d",
   2545                         p_pcb, p_pcb->port_handle);
   2546     bta_jv_free_rfc_cb(p_cb, p_pcb);
   2547     APPL_TRACE_DEBUG2("bta_jv_rfcomm_stop_server: sec id in use:%d, rfc_cb in use:%d",
   2548                 get_sec_id_used(), get_rfc_cb_used());
   2549 }
   2550 
   2551 /*******************************************************************************
   2552 **
   2553 ** Function     bta_jv_rfcomm_read
   2554 **
   2555 ** Description  Read data from an RFCOMM connection
   2556 **
   2557 ** Returns      void
   2558 **
   2559 *******************************************************************************/
   2560 void bta_jv_rfcomm_read(tBTA_JV_MSG *p_data)
   2561 {
   2562     tBTA_JV_API_RFCOMM_READ *rc = &(p_data->rfcomm_read);
   2563     tBTA_JV_RFC_CB  *p_cb = rc->p_cb;
   2564     tBTA_JV_PCB     *p_pcb = rc->p_pcb;
   2565     tBTA_JV_RFCOMM_READ    evt_data;
   2566 
   2567     evt_data.status = BTA_JV_FAILURE;
   2568     evt_data.handle = p_cb->handle;
   2569     evt_data.req_id = rc->req_id;
   2570     evt_data.p_data = rc->p_data;
   2571     if (PORT_ReadData(rc->p_pcb->port_handle, (char *)rc->p_data, rc->len, &evt_data.len) ==
   2572         PORT_SUCCESS)
   2573     {
   2574         evt_data.status = BTA_JV_SUCCESS;
   2575     }
   2576 
   2577     p_cb->p_cback(BTA_JV_RFCOMM_READ_EVT, (tBTA_JV *)&evt_data, p_pcb->user_data);
   2578 }
   2579 
   2580 /*******************************************************************************
   2581 **
   2582 ** Function     bta_jv_rfcomm_write
   2583 **
   2584 ** Description  write data to an RFCOMM connection
   2585 **
   2586 ** Returns      void
   2587 **
   2588 *******************************************************************************/
   2589 void bta_jv_rfcomm_write(tBTA_JV_MSG *p_data)
   2590 {
   2591     tBTA_JV_API_RFCOMM_WRITE *wc = &(p_data->rfcomm_write);
   2592     tBTA_JV_RFC_CB  *p_cb = wc->p_cb;
   2593     tBTA_JV_PCB     *p_pcb = wc->p_pcb;
   2594     tBTA_JV_RFCOMM_WRITE    evt_data;
   2595 
   2596     evt_data.status = BTA_JV_FAILURE;
   2597     evt_data.handle = p_cb->handle;
   2598     evt_data.req_id = wc->req_id;
   2599     evt_data.cong   = p_pcb->cong;
   2600     evt_data.len    = 0;
   2601     bta_jv_pm_conn_busy(p_pcb->p_pm_cb);
   2602     if (!evt_data.cong &&
   2603         PORT_WriteDataCO(p_pcb->port_handle, &evt_data.len) ==
   2604         PORT_SUCCESS)
   2605     {
   2606         evt_data.status = BTA_JV_SUCCESS;
   2607     }
   2608     //update congestion flag
   2609     evt_data.cong   = p_pcb->cong;
   2610     if (p_cb->p_cback)
   2611     {
   2612         p_cb->p_cback(BTA_JV_RFCOMM_WRITE_EVT, (tBTA_JV *)&evt_data, p_pcb->user_data);
   2613     }
   2614     else
   2615     {
   2616         APPL_TRACE_ERROR0("bta_jv_rfcomm_write :: WARNING ! No JV callback set");
   2617     }
   2618 }
   2619 
   2620 /*******************************************************************************
   2621  **
   2622  ** Function     bta_jv_set_pm_profile
   2623  **
   2624  ** Description  Set or free power mode profile for a JV application
   2625  **
   2626  ** Returns      void
   2627  **
   2628  *******************************************************************************/
   2629 void bta_jv_set_pm_profile(tBTA_JV_MSG *p_data)
   2630 {
   2631     tBTA_JV_STATUS status;
   2632     tBTA_JV_PM_CB *p_cb;
   2633 
   2634     APPL_TRACE_API3("bta_jv_set_pm_profile(handle: 0x%x, app_id: %d, init_st: %d)",
   2635             p_data->set_pm.handle, p_data->set_pm.app_id, p_data->set_pm.init_st);
   2636 
   2637     /* clear PM control block */
   2638     if (p_data->set_pm.app_id == BTA_JV_PM_ID_CLEAR)
   2639     {
   2640         status = bta_jv_free_set_pm_profile_cb(p_data->set_pm.handle);
   2641 
   2642         if (status != BTA_JV_SUCCESS)
   2643         {
   2644             APPL_TRACE_WARNING1("bta_jv_set_pm_profile() free pm cb failed: reason %d",
   2645                     status);
   2646         }
   2647     }
   2648     else /* set PM control block */
   2649     {
   2650         p_cb = bta_jv_alloc_set_pm_profile_cb(p_data->set_pm.handle,
   2651                 p_data->set_pm.app_id);
   2652 
   2653         if (NULL != p_cb)
   2654             bta_jv_pm_state_change(p_cb, p_data->set_pm.init_st);
   2655         else
   2656             APPL_TRACE_WARNING0("bta_jv_alloc_set_pm_profile_cb() failed");
   2657     }
   2658 }
   2659 
   2660 /*******************************************************************************
   2661  **
   2662  ** Function     bta_jv_change_pm_state
   2663  **
   2664  ** Description  change jv pm connect state, used internally
   2665  **
   2666  ** Returns      void
   2667  **
   2668  *******************************************************************************/
   2669 void bta_jv_change_pm_state(tBTA_JV_MSG *p_data)
   2670 {
   2671     tBTA_JV_API_PM_STATE_CHANGE *p_msg = (tBTA_JV_API_PM_STATE_CHANGE *)p_data;
   2672 
   2673     if (p_msg->p_cb)
   2674         bta_jv_pm_state_change(p_msg->p_cb, p_msg->state);
   2675 }
   2676 
   2677 
   2678 /*******************************************************************************
   2679  **
   2680  ** Function    bta_jv_set_pm_conn_state
   2681  **
   2682  ** Description Send pm event state change to jv state machine to serialize jv pm changes
   2683  **             in relation to other jv messages. internal API use mainly.
   2684  **
   2685  ** Params:     p_cb: jv pm control block, NULL pointer returns failure
   2686  **             new_state: new PM connections state, setting is forced by action function
   2687  **
   2688  ** Returns     BTA_JV_SUCCESS, BTA_JV_FAILURE (buffer allocation, or NULL ptr!)
   2689  **
   2690  *******************************************************************************/
   2691 tBTA_JV_STATUS bta_jv_set_pm_conn_state(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE
   2692         new_st)
   2693 {
   2694     tBTA_JV_STATUS status = BTA_JV_FAILURE;
   2695     tBTA_JV_API_PM_STATE_CHANGE *p_msg;
   2696 
   2697     if (NULL == p_cb)
   2698         return status;
   2699 
   2700     APPL_TRACE_API2("bta_jv_set_pm_conn_state(handle:0x%x, state: %d)", p_cb->handle,
   2701             new_st);
   2702     if ((p_msg = (tBTA_JV_API_PM_STATE_CHANGE *)GKI_getbuf(
   2703             sizeof(tBTA_JV_API_PM_STATE_CHANGE))) != NULL)
   2704     {
   2705         p_msg->hdr.event = BTA_JV_API_PM_STATE_CHANGE_EVT;
   2706         p_msg->p_cb = p_cb;
   2707         p_msg->state = new_st;
   2708         bta_sys_sendmsg(p_msg);
   2709         status = BTA_JV_SUCCESS;
   2710     }
   2711     return (status);
   2712 }
   2713 
   2714 /*******************************************************************************
   2715  **
   2716  ** Function    bta_jv_pm_conn_busy
   2717  **
   2718  ** Description set pm connection busy state (input param safe)
   2719  **
   2720  ** Params      p_cb: pm control block of jv connection
   2721  **
   2722  ** Returns     void
   2723  **
   2724  *******************************************************************************/
   2725 static void bta_jv_pm_conn_busy(tBTA_JV_PM_CB *p_cb)
   2726 {
   2727     if ((NULL != p_cb) && (BTA_JV_PM_IDLE_ST == p_cb->state))
   2728         bta_jv_pm_state_change(p_cb, BTA_JV_CONN_BUSY);
   2729 }
   2730 
   2731 /*******************************************************************************
   2732  **
   2733  ** Function    bta_jv_pm_conn_busy
   2734  **
   2735  ** Description set pm connection busy state (input param safe)
   2736  **
   2737  ** Params      p_cb: pm control block of jv connection
   2738  **
   2739  ** Returns     void
   2740  **
   2741  *******************************************************************************/
   2742 static void bta_jv_pm_conn_idle(tBTA_JV_PM_CB *p_cb)
   2743 {
   2744     if ((NULL != p_cb) && (BTA_JV_PM_IDLE_ST != p_cb->state))
   2745         bta_jv_pm_state_change(p_cb, BTA_JV_CONN_IDLE);
   2746 }
   2747 
   2748 /*******************************************************************************
   2749  **
   2750  ** Function     bta_jv_pm_state_change
   2751  **
   2752  ** Description  Notify power manager there is state change
   2753  **
   2754  ** Params      p_cb: must be NONE NULL
   2755  **
   2756  ** Returns      void
   2757  **
   2758  *******************************************************************************/
   2759 static void bta_jv_pm_state_change(tBTA_JV_PM_CB *p_cb, const tBTA_JV_CONN_STATE state)
   2760 {
   2761     APPL_TRACE_API5("bta_jv_pm_state_change(p_cb: 0x%x, handle: 0x%x, busy/idle_state: %d"
   2762             ", app_id: %d, conn_state: %d)", p_cb, p_cb->handle, p_cb->state,
   2763             p_cb->app_id, state);
   2764 
   2765     switch (state)
   2766     {
   2767     case BTA_JV_CONN_OPEN:
   2768         bta_sys_conn_open(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2769         break;
   2770 
   2771     case BTA_JV_CONN_CLOSE:
   2772         bta_sys_conn_close(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2773         break;
   2774 
   2775     case BTA_JV_APP_OPEN:
   2776         bta_sys_app_open(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2777         break;
   2778 
   2779     case BTA_JV_APP_CLOSE:
   2780         bta_sys_app_close(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2781         break;
   2782 
   2783     case BTA_JV_SCO_OPEN:
   2784         bta_sys_sco_open(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2785         break;
   2786 
   2787     case BTA_JV_SCO_CLOSE:
   2788         bta_sys_sco_close(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2789         break;
   2790 
   2791     case BTA_JV_CONN_IDLE:
   2792         p_cb->state = BTA_JV_PM_IDLE_ST;
   2793         bta_sys_idle(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2794         break;
   2795 
   2796     case BTA_JV_CONN_BUSY:
   2797         p_cb->state = BTA_JV_PM_BUSY_ST;
   2798         bta_sys_busy(BTA_ID_JV, p_cb->app_id, p_cb->peer_bd_addr);
   2799         break;
   2800 
   2801     default:
   2802         APPL_TRACE_WARNING1("bta_jv_pm_state_change(state: %d): Invalid state", state);
   2803         break;
   2804     }
   2805 }
   2806