1 /****************************************************************************** 2 * 3 * Copyright (C) 2003-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains the action functions for device manager state 22 * machine. 23 * 24 ******************************************************************************/ 25 26 #include "bt_types.h" 27 #include "gki.h" 28 #include "bd.h" 29 #include "bta_sys.h" 30 #include "bta_api.h" 31 #include "bta_dm_int.h" 32 #include "bta_dm_co.h" 33 #include "btm_api.h" 34 #include "btm_int.h" 35 #include "btu.h" 36 #include "sdp_api.h" 37 #include "l2c_api.h" 38 #include "wbt_api.h" 39 #include "utl.h" 40 #include <string.h> 41 42 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir); 43 static void bta_dm_inq_cmpl_cb (void * p_result); 44 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name); 45 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name); 46 static void bta_dm_find_services ( BD_ADDR bd_addr); 47 static void bta_dm_discover_next_device(void); 48 static void bta_dm_sdp_callback (UINT16 sdp_status); 49 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator); 50 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name); 51 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key); 52 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, LINK_KEY key, UINT8 key_type); 53 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result); 54 static void bta_dm_local_name_cback(BD_ADDR bd_addr); 55 static BOOLEAN bta_dm_check_av(UINT16 event); 56 #if (BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE) 57 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data); 58 #else 59 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, UINT8 *features, BOOLEAN is_new); 60 #endif 61 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr); 62 63 /* Extended Inquiry Response */ 64 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data); 65 66 #if (BTM_EIR_SERVER_INCLUDED == TRUE) 67 static void bta_dm_set_eir (char *local_name); 68 #endif /* BTM_EIR_SERVER_INCLUDED */ 69 70 #if (BTM_EIR_CLIENT_INCLUDED == TRUE) 71 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result, 72 tBTA_SERVICE_MASK *p_services_to_search, 73 tBTA_SERVICE_MASK *p_services_found); 74 #endif /* BTM_EIR_CLIENT_INCLUDED */ 75 76 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result); 77 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle); 78 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result); 79 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle); 80 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle); 81 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle); 82 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr); 83 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch); 84 static char *bta_dm_get_remname(void); 85 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result); 86 87 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr); 88 static void bta_dm_discover_device(BD_ADDR remote_bd_addr); 89 90 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status ); 91 92 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr); 93 static void bta_dm_delay_role_switch_cback (TIMER_LIST_ENT *p_tle); 94 95 static void bta_dm_disable_search_and_disc(void); 96 #if ((defined BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 97 #if ((defined SMP_INCLUDED) && (SMP_INCLUDED == TRUE)) 98 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data); 99 #endif 100 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key); 101 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 102 static void bta_dm_gattc_register(void); 103 static void btm_dm_start_gatt_discovery ( BD_ADDR bd_addr); 104 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr); 105 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data); 106 #endif 107 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir); 108 static void bta_dm_observe_cmpl_cb (void * p_result); 109 110 #ifndef BTA_DM_BLE_ADV_CHNL_MAP 111 #define BTA_DM_BLE_ADV_CHNL_MAP (BTM_BLE_ADV_CHNL_37|BTM_BLE_ADV_CHNL_38|BTM_BLE_ADV_CHNL_39) 112 #endif 113 #endif 114 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr); 115 116 extern void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8* p_uuid128); 117 118 const UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID] = 119 { 120 UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */ 121 UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */ 122 UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */ 123 UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */ 124 UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */ 125 UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */ 126 UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */ 127 UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */ 128 UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */ 129 UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */ 130 UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */ 131 UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */ 132 UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */ 133 UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */ 134 UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */ 135 UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */ 136 UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */ 137 UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */ 138 UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */ 139 UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */ 140 UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */ 141 UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */ 142 UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */ 143 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */ 144 UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */ 145 UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */ 146 UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */ 147 UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */ 148 UUID_SERVCLASS_PBAP_PCE /* BTA_PCE_SERVICE_ID */ 149 #if BLE_INCLUDED && BTA_GATT_INCLUDED 150 ,UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */ 151 #endif 152 }; 153 154 /* 155 * NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should be matching with 156 * the value BTA_MAX_SERVICE_ID in bta_api.h 157 * 158 * i.e., If you add new Service ID for BTA, the correct security ID of the new service 159 * from Security service definitions (btm_api.h) should be added to this lookup table. 160 */ 161 const UINT32 bta_service_id_to_btm_srv_id_lkup_tbl [BTA_MAX_SERVICE_ID] = 162 { 163 0, /* Reserved */ 164 BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */ 165 BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */ 166 BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */ 167 BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */ 168 BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */ 169 BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */ 170 BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */ 171 BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */ 172 BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */ 173 BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */ 174 BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */ 175 BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */ 176 BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */ 177 BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */ 178 BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */ 179 BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */ 180 BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */ 181 BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */ 182 BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */ 183 BTM_SEC_SERVICE_HIDH_SEC_CTRL, /* BTA_HID_SERVICE_ID */ 184 BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */ 185 BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */ 186 BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */ 187 BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */ 188 BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */ 189 BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */ 190 BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */ 191 BTM_SEC_SERVICE_PBAP /* BTA_PCE_SERVICE_ID */ 192 #if BLE_INCLUDED && BTA_GATT_INCLUDED 193 ,BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */ 194 #endif 195 196 }; 197 198 /* bta security callback */ 199 const tBTM_APPL_INFO bta_security = 200 { 201 &bta_dm_authorize_cback, 202 &bta_dm_pin_cback, 203 &bta_dm_new_link_key_cback, 204 &bta_dm_link_key_request_cback, 205 &bta_dm_authentication_complete_cback, 206 NULL, 207 &bta_dm_bond_cancel_complete_cback, 208 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 209 &bta_dm_sp_cback 210 #else 211 NULL 212 #endif 213 #if BLE_INCLUDED == TRUE 214 #if SMP_INCLUDED == TRUE 215 ,&bta_dm_ble_smp_cback 216 #endif 217 ,&bta_dm_ble_id_key_cback 218 #endif 219 220 }; 221 222 /* TBD... To be moved to some conf file..? */ 223 #define BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT 5 224 const tBTA_DM_LMP_VER_INFO bta_role_switch_blacklist[BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT] = 225 { 226 {0x000F,0x2000,0x04}, 227 {0x00,0x00,0x00}, 228 {0x00,0x00,0x00}, 229 {0x00,0x00,0x00}, 230 {0x00,0x00,0x00} 231 }; 232 233 #define MAX_DISC_RAW_DATA_BUF (4096) 234 UINT8 g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF]; 235 236 /******************************************************************************* 237 ** 238 ** Function bta_dm_app_ready_timer_cback 239 ** 240 ** Description allow sending EIR to controller 241 ** 242 ** 243 ** Returns void 244 ** 245 *******************************************************************************/ 246 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE) 247 static void bta_dm_app_ready_timer_cback (TIMER_LIST_ENT *p_tle) 248 { 249 bta_dm_set_eir (NULL); 250 } 251 #else 252 #define bta_dm_app_ready_timer_cback (x) 253 #endif 254 255 /******************************************************************************* 256 ** 257 ** Function bta_dm_enable 258 ** 259 ** Description Initialises the BT device manager 260 ** 261 ** 262 ** Returns void 263 ** 264 *******************************************************************************/ 265 void bta_dm_enable(tBTA_DM_MSG *p_data) 266 { 267 tBTA_SYS_HW_MSG *sys_enable_event; 268 tBTA_DM_SEC sec_event; 269 270 /* if already in use, return an error */ 271 if( bta_dm_cb.is_bta_dm_active == TRUE ) 272 { 273 APPL_TRACE_WARNING0("bta_dm_enable - device already started by another application"); 274 memset(&sec_event.enable, 0, sizeof ( tBTA_DM_ENABLE )); 275 sec_event.enable.status = BTA_FAILURE; 276 if( p_data->enable.p_sec_cback != NULL ) 277 p_data->enable.p_sec_cback (BTA_DM_ENABLE_EVT, &sec_event); 278 return; 279 } 280 281 /* first, register our callback to SYS HW manager */ 282 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback ); 283 284 /* make sure security callback is saved - if no callback, do not erase the previous one, 285 it could be an error recovery mechanism */ 286 if( p_data->enable.p_sec_cback != NULL ) 287 bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback; 288 /* notify BTA DM is now active */ 289 bta_dm_cb.is_bta_dm_active = TRUE; 290 291 /* send a message to BTA SYS */ 292 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL) 293 { 294 sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT; 295 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH; 296 297 bta_sys_sendmsg(sys_enable_event); 298 299 } 300 301 302 303 } 304 305 306 307 /******************************************************************************* 308 ** 309 ** Function bta_dm_sys_hw_cback 310 ** 311 ** Description callback register to SYS to get HW status updates 312 ** 313 ** 314 ** Returns void 315 ** 316 *******************************************************************************/ 317 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status ) 318 { 319 DEV_CLASS dev_class; 320 tBTA_DM_SEC_CBACK *temp_cback; 321 #if BLE_INCLUDED == TRUE 322 UINT8 key_mask = 0; 323 BT_OCTET16 er; 324 tBTA_BLE_LOCAL_ID_KEYS id_key; 325 tBT_UUID app_uuid = {LEN_UUID_128,{0}}; 326 #endif 327 APPL_TRACE_DEBUG1(" bta_dm_sys_hw_cback with event: %i" , status ); 328 329 /* On H/W error evt, report to the registered DM application callback */ 330 if (status == BTA_SYS_HW_ERROR_EVT) { 331 if( bta_dm_cb.p_sec_cback != NULL ) 332 bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL); 333 return; 334 } 335 if( status == BTA_SYS_HW_OFF_EVT ) 336 { 337 if( bta_dm_cb.p_sec_cback != NULL ) 338 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL); 339 340 /* reinitialize the control block */ 341 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb)); 342 343 /* unregister from SYS */ 344 bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH ); 345 /* notify BTA DM is now unactive */ 346 bta_dm_cb.is_bta_dm_active = FALSE; 347 } 348 else 349 if( status == BTA_SYS_HW_ON_EVT ) 350 { 351 /* FIXME: We should not unregister as the SYS shall invoke this callback on a H/W error. 352 * We need to revisit when this platform has more than one BLuetooth H/W chip */ 353 //bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH); 354 355 /* save security callback */ 356 temp_cback = bta_dm_cb.p_sec_cback; 357 /* make sure the control block is properly initialized */ 358 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb)); 359 /* and retrieve the callback */ 360 bta_dm_cb.p_sec_cback=temp_cback; 361 bta_dm_cb.is_bta_dm_active = TRUE; 362 363 /* hw is ready, go on with BTA DM initialization */ 364 memset(&bta_dm_search_cb, 0x00, sizeof(bta_dm_search_cb)); 365 memset(&bta_dm_conn_srvcs, 0x00, sizeof(bta_dm_conn_srvcs)); 366 memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB)); 367 368 memcpy(dev_class, bta_dm_cfg.dev_class, sizeof(dev_class)); 369 BTM_SetDeviceClass (dev_class); 370 371 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE) 372 /* load BLE local information: ID keys, ER if available */ 373 bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key); 374 375 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER) 376 { 377 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER, (tBTM_BLE_LOCAL_KEYS *)&er); 378 } 379 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID) 380 { 381 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID, (tBTM_BLE_LOCAL_KEYS *)&id_key); 382 } 383 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID; 384 #endif 385 386 BTM_SecRegister((tBTM_APPL_INFO*)&bta_security); 387 BTM_SetDefaultLinkSuperTout(bta_dm_cfg.link_timeout); 388 BTM_WritePageTimeout(bta_dm_cfg.page_timeout); 389 bta_dm_cb.cur_policy = bta_dm_cfg.policy_settings; 390 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy); 391 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE) 392 BTM_RegBusyLevelNotif (bta_dm_bl_change_cback, NULL, BTM_BL_UPDATE_MASK|BTM_BL_ROLE_CHG_MASK); 393 #else 394 BTM_AclRegisterForChanges(bta_dm_acl_change_cback); 395 #endif 396 /* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the bd_addr 397 from the control block and invoking the callback which was sending the DM_ENABLE_EVT. 398 But then we have a few HCI commands being invoked above which were still in progress 399 when the ENABLE_EVT was sent. So modified this to fetch the local name which forces 400 the DM_ENABLE_EVT to be sent only after all the init steps are complete */ 401 BTM_ReadLocalDeviceNameFromController((tBTM_CMPL_CB *)bta_dm_local_name_cback); 402 403 bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback); 404 405 /* initialize bluetooth low power manager */ 406 bta_dm_init_pm(); 407 408 bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback); 409 410 411 // BLUEDROID REMOVE ?? 412 #if 0 413 #if 1 414 /* Create broadcom primary DI record */ 415 if(WBT_ExtCreateRecord()) 416 { 417 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&( BTA_EIR_CANNED_UUID_LIST != TRUE ) 418 /* while app_ready_timer is running, BTA DM doesn't send EIR to controller */ 419 bta_dm_cb.app_ready_timer.p_cback = (TIMER_CBACK*)&bta_dm_app_ready_timer_cback; 420 bta_sys_start_timer(&bta_dm_cb.app_ready_timer, 0, 100); 421 422 bta_sys_add_uuid(UUID_SERVCLASS_PNP_INFORMATION); 423 #endif 424 bta_dm_di_cb.di_handle[bta_dm_di_cb.di_num] = 0; /* primary DI record */ 425 bta_dm_di_cb.di_num ++; 426 } 427 #else /* Eventually implement pin code */ 428 if (WBT_ExtCreateRecord()) 429 WBT_ExtAddPinCode(); 430 #endif 431 #endif 432 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 433 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128); 434 bta_dm_gattc_register(); 435 #endif 436 437 } 438 else 439 APPL_TRACE_DEBUG0(" --- ignored event"); 440 441 } 442 443 444 /******************************************************************************* 445 ** 446 ** Function bta_dm_disable 447 ** 448 ** Description Disables the BT device manager 449 ** 450 ** 451 ** Returns void 452 ** 453 *******************************************************************************/ 454 void bta_dm_disable (tBTA_DM_MSG *p_data) 455 { 456 /* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after last channel is closed) */ 457 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0); 458 459 /* disable all active subsystems */ 460 bta_sys_disable(BTA_SYS_HW_BLUETOOTH); 461 462 BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0); 463 BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0); 464 465 bta_dm_disable_pm(); 466 bta_dm_disable_search_and_disc(); 467 bta_dm_cb.disabling = TRUE; 468 469 470 if(BTM_GetNumAclLinks()==0) 471 { 472 #if (defined(BTA_DISABLE_DELAY) && BTA_DISABLE_DELAY > 0) 473 /* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the shutdown by 474 * BTA_DISABLE_DELAY milliseconds 475 */ 476 APPL_TRACE_WARNING2("%s BTA_DISABLE_DELAY set to %d ms", 477 __FUNCTION__, BTA_DISABLE_DELAY); 478 bta_sys_stop_timer(&bta_dm_cb.disable_timer); 479 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback; 480 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, BTA_DISABLE_DELAY); 481 #else 482 bta_dm_disable_conn_down_timer_cback(NULL); 483 #endif 484 } 485 else 486 { 487 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback; 488 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 5000); 489 } 490 491 } 492 493 /******************************************************************************* 494 ** 495 ** Function bta_dm_disable_timer_cback 496 ** 497 ** Description Called if the disable timer expires 498 ** Used to close ACL connections which are still active 499 ** 500 ** 501 ** 502 ** Returns void 503 ** 504 *******************************************************************************/ 505 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle) 506 { 507 508 UINT8 i; 509 510 APPL_TRACE_EVENT0(" bta_dm_disable_timer_cback "); 511 512 if(BTM_GetNumAclLinks()) 513 { 514 for(i=0; i<bta_dm_cb.device_list.count; i++) 515 { 516 btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr); 517 518 } 519 520 } 521 else 522 { 523 bta_dm_cb.disabling = FALSE; 524 525 bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION); 526 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL); 527 } 528 } 529 530 531 532 533 /******************************************************************************* 534 ** 535 ** Function bta_dm_set_dev_name 536 ** 537 ** Description Sets local device name 538 ** 539 ** 540 ** Returns void 541 ** 542 *******************************************************************************/ 543 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data) 544 { 545 546 BTM_SetLocalDeviceName((char*)p_data->set_name.name); 547 #if (BTM_EIR_SERVER_INCLUDED == TRUE) 548 bta_dm_set_eir ((char*)p_data->set_name.name); 549 #endif 550 } 551 552 /******************************************************************************* 553 ** 554 ** Function bta_dm_set_visibility 555 ** 556 ** Description Sets discoverability, connectability and pairability 557 ** 558 ** 559 ** Returns void 560 ** 561 *******************************************************************************/ 562 void bta_dm_set_visibility (tBTA_DM_MSG *p_data) 563 { 564 565 566 /* set modes for Discoverability and connectability if not ignore */ 567 if (p_data->set_visibility.disc_mode != BTA_DM_IGNORE) 568 BTM_SetDiscoverability((UINT8)p_data->set_visibility.disc_mode, 569 bta_dm_cb.inquiry_scan_window, 570 bta_dm_cb.inquiry_scan_interval); 571 572 if (p_data->set_visibility.conn_mode != BTA_DM_IGNORE) 573 BTM_SetConnectability((UINT8)p_data->set_visibility.conn_mode, 574 bta_dm_cb.page_scan_window, 575 bta_dm_cb.page_scan_interval); 576 577 /* Send False or True if not ignore */ 578 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE ) 579 { 580 581 if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE) 582 bta_dm_cb.disable_pair_mode = TRUE; 583 else 584 bta_dm_cb.disable_pair_mode = FALSE; 585 586 } 587 588 /* Send False or True if not ignore */ 589 if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE) 590 { 591 592 if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL) 593 bta_dm_cb.conn_paired_only = FALSE; 594 else 595 bta_dm_cb.conn_paired_only = TRUE; 596 597 } 598 599 /* Change mode if either mode is not ignore */ 600 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE || p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE) 601 BTM_SetPairableMode((BOOLEAN)(!(bta_dm_cb.disable_pair_mode)),bta_dm_cb.conn_paired_only); 602 603 } 604 605 606 /******************************************************************************* 607 ** 608 ** Function bta_dm_set_afhchannels 609 ** 610 ** Description This function sets the AFH first and 611 ** last disable channel, so channels within 612 ** that range are disabled. 613 ** 614 ** 615 ** Returns void 616 ** 617 *******************************************************************************/ 618 void bta_dm_set_afhchannels (tBTA_DM_MSG *p_data) 619 { 620 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last); 621 622 } 623 624 625 /******************************************************************************* 626 ** 627 ** Function bta_dm_vendor_spec_command 628 ** 629 ** Description Send a vendor specific command to the controller 630 ** 631 ** 632 ** Returns void 633 ** 634 *******************************************************************************/ 635 void bta_dm_vendor_spec_command (tBTA_DM_MSG *p_data) 636 { 637 tBTM_STATUS status; 638 639 status = BTM_VendorSpecificCommand(p_data->vendor_command.opcode,p_data->vendor_command.param_len,p_data->vendor_command.p_param_buf, p_data->vendor_command.p_cback); 640 641 } 642 643 644 /******************************************************************************* 645 ** 646 ** Function bta_dm_tx_inqpower 647 ** 648 ** Description write inquiry tx power. 649 ** 650 ** 651 ** Returns void 652 ** 653 *******************************************************************************/ 654 void bta_dm_tx_inqpower(tBTA_DM_MSG *p_data) 655 { 656 if (BTM_WriteInquiryTxPower (p_data->tx_inq_pwr.tx_power) == BTM_ILLEGAL_VALUE) 657 { 658 APPL_TRACE_ERROR1("Invalid Inquiry Tx Power: %d", p_data->tx_inq_pwr.tx_power); 659 } 660 return; 661 } 662 663 /******************************************************************************* 664 ** 665 ** Function bta_dm_remove_device 666 ** 667 ** Description Removes device, Disconnects ACL link if required. 668 **** 669 *******************************************************************************/ 670 void bta_dm_remove_device (tBTA_DM_MSG *p_data) 671 { 672 tBTA_DM_API_REMOVE_DEVICE *p_dev = &p_data->remove_dev; 673 int i; 674 tBTA_DM_SEC sec_event; 675 676 if (BTM_IsAclConnectionUp(p_dev->bd_addr)) 677 { 678 /* Take the link down first, and mark the device for removal when disconnected */ 679 btm_remove_acl( p_dev->bd_addr) ; 680 681 for(i=0; i<bta_dm_cb.device_list.count; i++) 682 { 683 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_dev->bd_addr)) 684 break; 685 } 686 687 if(i < bta_dm_cb.device_list.count) 688 { 689 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING; 690 } 691 } 692 else /* Ok to remove the device in application layer */ 693 { 694 BTM_SecDeleteDevice(p_dev->bd_addr); 695 if( bta_dm_cb.p_sec_cback ) 696 { 697 bdcpy(sec_event.link_down.bd_addr, p_dev->bd_addr); 698 /* No connection, set status to success (acl disc code not valid) */ 699 sec_event.link_down.status = HCI_SUCCESS; 700 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event); 701 } 702 } 703 } 704 705 /******************************************************************************* 706 ** 707 ** Function bta_dm_add_device 708 ** 709 ** Description This function adds a Link Key to an security database entry. 710 ** It is normally called during host startup to restore all required information 711 ** stored in the NVRAM. 712 **** 713 *******************************************************************************/ 714 void bta_dm_add_device (tBTA_DM_MSG *p_data) 715 { 716 tBTA_DM_API_ADD_DEVICE *p_dev = &p_data->add_dev; 717 UINT8 *p_dc = NULL; 718 UINT8 *p_lc = NULL; 719 UINT32 trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE]; 720 UINT8 index = 0; 721 UINT8 btm_mask_index = 0; 722 723 memset (trusted_services_mask, 0, sizeof(trusted_services_mask)); 724 725 /* If not all zeros, the device class has been specified */ 726 if (p_dev->dc_known) 727 p_dc = (UINT8 *)p_dev->dc; 728 729 if (p_dev->link_key_known) 730 p_lc = (UINT8 *)p_dev->link_key; 731 732 if (p_dev->is_trusted) 733 { 734 /* covert BTA service mask to BTM mask */ 735 while (p_dev->tm && (index < BTA_MAX_SERVICE_ID)) 736 { 737 if (p_dev->tm & (UINT32)(1<<index)) 738 { 739 740 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS; 741 trusted_services_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] - (UINT32)(btm_mask_index * 32))); 742 743 p_dev->tm &= (UINT32)(~(1<<index)); 744 745 } 746 index++; 747 } 748 } 749 750 if (!BTM_SecAddDevice (p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features, 751 trusted_services_mask, p_lc, p_dev->key_type, p_dev->io_cap)) 752 { 753 APPL_TRACE_ERROR2 ("BTA_DM: Error adding device %08x%04x", 754 (p_dev->bd_addr[0]<<24)+(p_dev->bd_addr[1]<<16)+(p_dev->bd_addr[2]<<8)+p_dev->bd_addr[3], 755 (p_dev->bd_addr[4]<<8)+p_dev->bd_addr[5]); 756 } 757 } 758 759 /******************************************************************************* 760 ** 761 ** Function bta_dm_close_acl 762 ** 763 ** Description This function forces to close the connection to a remote device 764 ** and optionaly remove the device from security database if 765 ** required. 766 **** 767 *******************************************************************************/ 768 void bta_dm_close_acl(tBTA_DM_MSG *p_data) 769 { 770 tBTA_DM_API_REMOVE_ACL *p_remove_acl = &p_data->remove_acl; 771 UINT8 index; 772 773 APPL_TRACE_DEBUG0("bta_dm_close_acl"); 774 775 if (BTM_IsAclConnectionUp(p_remove_acl->bd_addr)) 776 { 777 for (index = 0; index < bta_dm_cb.device_list.count; index ++) 778 { 779 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, p_remove_acl->bd_addr)) 780 break; 781 } 782 if (index != bta_dm_cb.device_list.count) 783 { 784 if (p_remove_acl->remove_dev) 785 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE; 786 } 787 else 788 { 789 APPL_TRACE_ERROR0("unknown device, remove ACL failed"); 790 } 791 /* Disconnect the ACL link */ 792 btm_remove_acl(p_remove_acl->bd_addr); 793 } 794 /* if to remove the device from security database ? do it now */ 795 else if (p_remove_acl->remove_dev) 796 { 797 if (!BTM_SecDeleteDevice(p_remove_acl->bd_addr)) 798 { 799 APPL_TRACE_ERROR0("delete device from security database failed."); 800 } 801 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 802 /* need to remove all pending background connection if any */ 803 BTA_GATTC_CancelOpen(0, p_remove_acl->bd_addr, FALSE); 804 /* remove all cached GATT information */ 805 BTA_GATTC_Refresh(p_remove_acl->bd_addr); 806 #endif 807 } 808 /* otherwise, no action needed */ 809 810 } 811 /******************************************************************************* 812 ** 813 ** Function bta_dm_bond 814 ** 815 ** Description Bonds with peer device 816 ** 817 ** 818 ** Returns void 819 ** 820 *******************************************************************************/ 821 void bta_dm_bond (tBTA_DM_MSG *p_data) 822 { 823 tBTM_STATUS status; 824 tBTA_DM_SEC sec_event; 825 char *p_name; 826 827 status = BTM_SecBond ( p_data->bond.bd_addr, 0, NULL, 0 ); 828 829 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED)) 830 { 831 832 p_name = BTM_SecReadDevName(p_data->bond.bd_addr); 833 if (!p_name) 834 p_name = ""; 835 836 memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); 837 bdcpy(sec_event.auth_cmpl.bd_addr, p_data->bond.bd_addr); 838 memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1)); 839 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0; 840 841 /* taken care of by memset [above] 842 sec_event.auth_cmpl.key_present = FALSE; 843 sec_event.auth_cmpl.success = FALSE; 844 */ 845 sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND; 846 if (status == BTM_SUCCESS) 847 { 848 sec_event.auth_cmpl.success = TRUE; 849 } 850 else 851 { 852 /* delete this device entry from Sec Dev DB */ 853 bta_dm_remove_sec_dev_entry(p_data->bond.bd_addr); 854 } 855 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); 856 } 857 858 } 859 860 /******************************************************************************* 861 ** 862 ** Function bta_dm_bond_cancel 863 ** 864 ** Description Cancels bonding with a peer device 865 ** 866 ** 867 ** Returns void 868 ** 869 *******************************************************************************/ 870 void bta_dm_bond_cancel (tBTA_DM_MSG *p_data) 871 { 872 tBTM_STATUS status; 873 tBTA_DM_SEC sec_event; 874 875 APPL_TRACE_EVENT0(" bta_dm_bond_cancel "); 876 status = BTM_SecBondCancel ( p_data->bond_cancel.bd_addr ); 877 878 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED && status != BTM_SUCCESS)) 879 { 880 sec_event.bond_cancel_cmpl.result = BTA_FAILURE; 881 882 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event); 883 } 884 885 } 886 887 /******************************************************************************* 888 ** 889 ** Function bta_dm_pin_reply 890 ** 891 ** Description Send the pin_reply to a request from BTM 892 ** 893 ** 894 ** Returns void 895 ** 896 *******************************************************************************/ 897 void bta_dm_pin_reply (tBTA_DM_MSG *p_data) 898 { 899 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE]; 900 UINT32 * current_trusted_mask; 901 902 current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr); 903 904 if(current_trusted_mask) 905 { 906 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask)); 907 } 908 else 909 { 910 memset(trusted_mask, 0, sizeof(trusted_mask)); 911 } 912 913 if(p_data->pin_reply.accept) 914 { 915 916 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS, p_data->pin_reply.pin_len, p_data->pin_reply.p_pin, trusted_mask ); 917 } 918 else 919 { 920 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL, trusted_mask ); 921 } 922 923 } 924 925 /******************************************************************************* 926 ** 927 ** Function bta_dm_link_policy 928 ** 929 ** Description remove/set link policy mask. 930 ** wake the link, is sniff/park is removed 931 ** 932 ** Returns void 933 ** 934 *******************************************************************************/ 935 void bta_dm_link_policy (tBTA_DM_MSG *p_data) 936 { 937 tBTA_DM_PEER_DEVICE *p_dev; 938 939 p_dev = bta_dm_find_peer_device(p_data->link_policy.bd_addr); 940 if(!p_dev) 941 return; 942 943 APPL_TRACE_DEBUG2(" bta_dm_link_policy set:%d, policy:0x%x", 944 p_data->link_policy.set, p_data->link_policy.policy_mask); 945 if(p_data->link_policy.set) 946 { 947 /* restore the default link policy */ 948 p_dev->link_policy |= p_data->link_policy.policy_mask; 949 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy)); 950 } 951 else 952 { 953 /* clear the policy from the default link policy */ 954 p_dev->link_policy &= (~p_data->link_policy.policy_mask); 955 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy)); 956 957 if(p_data->link_policy.policy_mask & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE)) 958 { 959 /* if clearing sniff/park, wake the link */ 960 bta_dm_pm_active(p_dev->peer_bdaddr); 961 } 962 } 963 } 964 965 /******************************************************************************* 966 ** 967 ** Function bta_dm_policy_cback 968 ** 969 ** Description process the link policy changes 970 ** 971 ** Returns void 972 ** 973 *******************************************************************************/ 974 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr) 975 { 976 tBTA_DM_PEER_DEVICE *p_dev = NULL; 977 UINT16 policy = app_id; 978 UINT32 mask = (UINT32)(1 << id); 979 980 if(peer_addr) 981 p_dev = bta_dm_find_peer_device(peer_addr); 982 983 APPL_TRACE_DEBUG2(" bta_dm_policy_cback cmd:%d, policy:0x%x", 984 status, policy); 985 switch(status) 986 { 987 case BTA_SYS_PLCY_SET: 988 if(!p_dev) 989 return; 990 /* restore the default link policy */ 991 p_dev->link_policy |= policy; 992 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy)); 993 break; 994 995 case BTA_SYS_PLCY_CLR: 996 if(!p_dev) 997 return; 998 /* clear the policy from the default link policy */ 999 p_dev->link_policy &= (~policy); 1000 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy)); 1001 1002 if(policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE)) 1003 { 1004 /* if clearing sniff/park, wake the link */ 1005 bta_dm_pm_active(p_dev->peer_bdaddr); 1006 } 1007 break; 1008 1009 case BTA_SYS_PLCY_DEF_SET: 1010 /* want to restore/set the role switch policy */ 1011 bta_dm_cb.role_policy_mask &= ~mask; 1012 if(0 == bta_dm_cb.role_policy_mask) 1013 { 1014 /* if nobody wants to insist on the role */ 1015 bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH; 1016 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy); 1017 } 1018 break; 1019 1020 case BTA_SYS_PLCY_DEF_CLR: 1021 /* want to remove the role switch policy */ 1022 bta_dm_cb.role_policy_mask |= mask; 1023 bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH; 1024 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy); 1025 break; 1026 } 1027 } 1028 1029 1030 /******************************************************************************* 1031 ** 1032 ** Function bta_dm_auth_reply 1033 ** 1034 ** Description Send the authorization reply to a request from BTM 1035 ** 1036 ** 1037 ** Returns void 1038 ** 1039 *******************************************************************************/ 1040 void bta_dm_auth_reply (tBTA_DM_MSG *p_data) 1041 { 1042 1043 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE]; 1044 UINT8 btm_mask_index = 0; 1045 UINT32 * current_trusted_mask; 1046 1047 current_trusted_mask = BTM_ReadTrustedMask(p_data->auth_reply.bd_addr); 1048 1049 if(current_trusted_mask) 1050 { 1051 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask)); 1052 } 1053 else 1054 { 1055 memset(trusted_mask, 0, sizeof(trusted_mask)); 1056 } 1057 1058 if(p_data->auth_reply.response != BTA_DM_NOT_AUTH) 1059 { 1060 if(p_data->auth_reply.response == BTA_DM_AUTH_PERM) 1061 { 1062 if(p_data->auth_reply.service < BTA_MAX_SERVICE_ID) 1063 { 1064 /* convert BTA service id to BTM mask */ 1065 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] / 32; 1066 trusted_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[p_data->auth_reply.service] - (UINT32)(btm_mask_index * 32))); 1067 1068 } 1069 } 1070 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_SUCCESS,trusted_mask); 1071 } 1072 else 1073 { 1074 BTM_DeviceAuthorized (p_data->auth_reply.bd_addr, BTM_NOT_AUTHORIZED,trusted_mask); 1075 } 1076 1077 } 1078 1079 /******************************************************************************* 1080 ** 1081 ** Function bta_dm_confirm 1082 ** 1083 ** Description Send the user confirm request reply in response to a 1084 ** request from BTM 1085 ** 1086 ** Returns void 1087 ** 1088 *******************************************************************************/ 1089 void bta_dm_confirm(tBTA_DM_MSG *p_data) 1090 { 1091 tBTM_STATUS res = BTM_NOT_AUTHORIZED; 1092 1093 if(p_data->confirm.accept == TRUE) 1094 res = BTM_SUCCESS; 1095 BTM_ConfirmReqReply(res, p_data->confirm.bd_addr); 1096 } 1097 1098 /******************************************************************************* 1099 ** 1100 ** Function bta_dm_passkey_cancel 1101 ** 1102 ** Description Send the passkey cancel from SP initiator by sending a negative 1103 ** passkey request replyreply. 1104 ** Returns void 1105 ** 1106 *******************************************************************************/ 1107 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 1108 void bta_dm_passkey_cancel(tBTA_DM_MSG *p_data) 1109 { 1110 BTM_PasskeyReqReply(BTM_NOT_AUTHORIZED, p_data->passkey_cancel.bd_addr, 0); 1111 } 1112 #endif 1113 1114 /******************************************************************************* 1115 ** 1116 ** Function bta_dm_loc_oob 1117 ** 1118 ** Description Retrieve the OOB data from the local LM 1119 ** 1120 ** Returns void 1121 ** 1122 *******************************************************************************/ 1123 #if (BTM_OOB_INCLUDED == TRUE) 1124 void bta_dm_loc_oob(tBTA_DM_MSG *p_data) 1125 { 1126 BTM_ReadLocalOobData(); 1127 } 1128 1129 /******************************************************************************* 1130 ** 1131 ** Function bta_dm_ci_io_req_act 1132 ** 1133 ** Description respond to the IO capabilities request from BTM 1134 ** 1135 ** Returns void 1136 ** 1137 *******************************************************************************/ 1138 void bta_dm_ci_io_req_act(tBTA_DM_MSG *p_data) 1139 { 1140 tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO; 1141 if(p_data->ci_io_req.auth_req) 1142 auth_req = BTM_AUTH_AP_YES; 1143 BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap, 1144 p_data->ci_io_req.oob_data, auth_req); 1145 } 1146 1147 /******************************************************************************* 1148 ** 1149 ** Function bta_dm_ci_rmt_oob_act 1150 ** 1151 ** Description respond to the OOB data request for the remote device from BTM 1152 ** 1153 ** 1154 ** Returns void 1155 ** 1156 *******************************************************************************/ 1157 void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG *p_data) 1158 { 1159 tBTM_STATUS res = BTM_NOT_AUTHORIZED; 1160 1161 if(p_data->ci_rmt_oob.accept == TRUE) 1162 res = BTM_SUCCESS; 1163 BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr, 1164 p_data->ci_rmt_oob.c, p_data->ci_rmt_oob.r ); 1165 } 1166 #endif /* BTM_OOB_INCLUDED */ 1167 1168 /******************************************************************************* 1169 ** 1170 ** Function bta_dm_search_start 1171 ** 1172 ** Description Starts an inquiry 1173 ** 1174 ** 1175 ** Returns void 1176 ** 1177 *******************************************************************************/ 1178 void bta_dm_search_start (tBTA_DM_MSG *p_data) 1179 { 1180 tBTM_INQUIRY_CMPL result; 1181 1182 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 1183 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->search.num_uuid); 1184 #endif 1185 1186 APPL_TRACE_DEBUG1("bta_dm_search_start avoid_scatter=%d", bta_dm_cfg.avoid_scatter); 1187 if (bta_dm_cfg.avoid_scatter && 1188 (p_data->search.rs_res == BTA_DM_RS_NONE) && bta_dm_check_av(BTA_DM_API_SEARCH_EVT)) 1189 { 1190 memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH)); 1191 return; 1192 } 1193 1194 BTM_ClearInqDb(NULL); 1195 /* save search params */ 1196 bta_dm_search_cb.p_search_cback = p_data->search.p_cback; 1197 bta_dm_search_cb.services = p_data->search.services; 1198 1199 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 1200 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid); 1201 1202 if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 && 1203 p_data->search.p_uuid != NULL) 1204 { 1205 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL) 1206 { 1207 APPL_TRACE_ERROR0("bta_dm_search_start no resources"); 1208 1209 result.status = BTA_FAILURE; 1210 result.num_resp = 0; 1211 bta_dm_inq_cmpl_cb ((void *)&result); 1212 return; 1213 } 1214 // bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len); 1215 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len); 1216 } 1217 #endif 1218 result.status = BTM_StartInquiry( (tBTM_INQ_PARMS*)&p_data->search.inq_params, 1219 bta_dm_inq_results_cb, 1220 (tBTM_CMPL_CB*) bta_dm_inq_cmpl_cb); 1221 1222 APPL_TRACE_EVENT1("bta_dm_search_start status=%d", result.status); 1223 if (result.status != BTM_CMD_STARTED) 1224 { 1225 result.num_resp = 0; 1226 bta_dm_inq_cmpl_cb ((void *)&result); 1227 } 1228 1229 } 1230 1231 /******************************************************************************* 1232 ** 1233 ** Function bta_dm_search_cancel 1234 ** 1235 ** Description Cancels an ongoing search for devices 1236 ** 1237 ** 1238 ** Returns void 1239 ** 1240 *******************************************************************************/ 1241 void bta_dm_search_cancel (tBTA_DM_MSG *p_data) 1242 { 1243 1244 tBTA_DM_MSG * p_msg; 1245 1246 if(BTM_IsInquiryActive()) 1247 { 1248 BTM_CancelInquiry(); 1249 bta_dm_search_cancel_notify(NULL); 1250 1251 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1252 { 1253 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1254 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1255 bta_sys_sendmsg(p_msg); 1256 1257 } 1258 } 1259 /* If no Service Search going on then issue cancel remote name in case it is active */ 1260 else if (!bta_dm_search_cb.name_discover_done) 1261 { 1262 BTM_CancelRemoteDeviceName(); 1263 } 1264 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1265 if (bta_dm_search_cb.gatt_disc_active) 1266 { 1267 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 1268 } 1269 #endif 1270 } 1271 1272 /******************************************************************************* 1273 ** 1274 ** Function bta_dm_discover 1275 ** 1276 ** Description Discovers services on a remote device 1277 ** 1278 ** 1279 ** Returns void 1280 ** 1281 *******************************************************************************/ 1282 void bta_dm_discover (tBTA_DM_MSG *p_data) 1283 { 1284 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1285 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->discover.num_uuid); 1286 #endif 1287 APPL_TRACE_EVENT2("bta_dm_discover services_to_search=0x%04X, sdp_search=%d", 1288 p_data->discover.services, p_data->discover.sdp_search); 1289 1290 /* save the search condition */ 1291 bta_dm_search_cb.services = p_data->discover.services; 1292 1293 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1294 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid); 1295 if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 && 1296 p_data->discover.p_uuid != NULL) 1297 { 1298 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL) 1299 { 1300 p_data->discover.p_cback(BTA_DM_DISC_CMPL_EVT, NULL); 1301 return; 1302 } 1303 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len); 1304 } 1305 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid; 1306 #endif 1307 1308 bta_dm_search_cb.p_search_cback = p_data->discover.p_cback; 1309 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search; 1310 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services; 1311 bta_dm_search_cb.service_index = 0; 1312 bta_dm_search_cb.services_found = 0; 1313 bta_dm_search_cb.peer_name[0] = 0; 1314 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search; 1315 bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr); 1316 1317 bta_dm_search_cb.name_discover_done = FALSE; 1318 memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID)); 1319 bta_dm_discover_device(p_data->discover.bd_addr); 1320 } 1321 1322 /******************************************************************************* 1323 ** 1324 ** Function bta_dm_di_disc_cmpl 1325 ** 1326 ** Description Sends event to application when DI discovery complete 1327 ** 1328 ** Returns void 1329 ** 1330 *******************************************************************************/ 1331 void bta_dm_di_disc_cmpl(tBTA_DM_MSG *p_data) 1332 { 1333 tBTA_DM_DI_DISC_CMPL di_disc; 1334 1335 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL)); 1336 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr); 1337 1338 if((p_data->hdr.offset == SDP_SUCCESS) 1339 || (p_data->hdr.offset == SDP_DB_FULL)) 1340 { 1341 di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db); 1342 } 1343 else 1344 di_disc.result = BTA_FAILURE; 1345 1346 bta_dm_di_cb.p_di_db = NULL; 1347 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, (tBTA_DM_SEARCH *) &di_disc); 1348 } 1349 1350 /******************************************************************************* 1351 ** 1352 ** Function bta_dm_di_disc_callback 1353 ** 1354 ** Description This function queries a remote device for DI information. 1355 ** 1356 ** 1357 ** Returns void 1358 ** 1359 *******************************************************************************/ 1360 static void bta_dm_di_disc_callback(UINT16 result) 1361 { 1362 tBTA_DM_MSG * p_msg; 1363 1364 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1365 { 1366 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1367 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT; 1368 p_msg->hdr.offset = result; 1369 bta_sys_sendmsg(p_msg); 1370 } 1371 } 1372 1373 /******************************************************************************* 1374 ** 1375 ** Function bta_dm_disable_search_and_disc 1376 ** 1377 ** Description Cancels an ongoing search or discovery for devices in case of 1378 ** a Bluetooth disable 1379 ** 1380 ** 1381 ** Returns void 1382 ** 1383 *******************************************************************************/ 1384 static void bta_dm_disable_search_and_disc (void) 1385 { 1386 tBTA_DM_DI_DISC_CMPL di_disc; 1387 tBTA_DM_MSG * p_msg; 1388 1389 if(BTM_IsInquiryActive()||(bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE)) 1390 { 1391 BTM_CancelInquiry(); 1392 bta_dm_search_cancel_notify(NULL); 1393 1394 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1395 { 1396 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1397 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1398 bta_sys_sendmsg(p_msg); 1399 1400 } 1401 } 1402 /* If no Service Search going on then issue cancel remote name in case it is active */ 1403 else if (!bta_dm_search_cb.name_discover_done) 1404 { 1405 BTM_CancelRemoteDeviceName(); 1406 1407 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1408 { 1409 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1410 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1411 bta_sys_sendmsg(p_msg); 1412 } 1413 } 1414 else if(bta_dm_di_cb.p_di_db != NULL) 1415 { 1416 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL)); 1417 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr); 1418 di_disc.result = BTA_FAILURE; 1419 1420 bta_dm_di_cb.p_di_db = NULL; 1421 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, NULL); 1422 } 1423 1424 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE) 1425 if (bta_dm_search_cb.gatt_disc_active) 1426 { 1427 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 1428 } 1429 #endif 1430 } 1431 1432 /******************************************************************************* 1433 ** 1434 ** Function bta_dm_di_disc 1435 ** 1436 ** Description This function queries a remote device for DI information. 1437 ** 1438 ** 1439 ** Returns void 1440 ** 1441 *******************************************************************************/ 1442 void bta_dm_di_disc (tBTA_DM_MSG *p_data) 1443 { 1444 UINT16 result = BTA_FAILURE; 1445 tBTA_DM_MSG *p_msg; 1446 1447 bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback; 1448 bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.bd_addr); 1449 bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db; 1450 1451 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL) 1452 { 1453 if ( SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db, 1454 p_data->di_disc.len, bta_dm_di_disc_callback) == SDP_SUCCESS) 1455 { 1456 result = BTA_SUCCESS; 1457 } 1458 } 1459 else 1460 { 1461 APPL_TRACE_ERROR0("No buffer to start DI discovery"); 1462 } 1463 1464 if ( result == BTA_FAILURE && 1465 (p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1466 { 1467 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1468 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT; 1469 p_data->hdr.offset = result; 1470 bta_sys_sendmsg(p_msg); 1471 } 1472 } 1473 1474 /******************************************************************************* 1475 ** 1476 ** Function bta_dm_read_remote_device_name 1477 ** 1478 ** Description Initiate to get remote device name 1479 ** 1480 ** Returns TRUE if started to get remote name 1481 ** 1482 *******************************************************************************/ 1483 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr) 1484 { 1485 tBTM_STATUS btm_status; 1486 1487 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name"); 1488 1489 bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr); 1490 bta_dm_search_cb.peer_name[0] = 0; 1491 1492 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr, 1493 (tBTM_CMPL_CB *) bta_dm_remname_cback); 1494 1495 if ( btm_status == BTM_CMD_STARTED ) 1496 { 1497 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is started"); 1498 1499 return (TRUE); 1500 } 1501 else if ( btm_status == BTM_BUSY ) 1502 { 1503 APPL_TRACE_DEBUG0("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is busy"); 1504 1505 /* Remote name discovery is on going now so BTM cannot notify through "bta_dm_remname_cback" */ 1506 /* adding callback to get notified that current reading remore name done */ 1507 BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 1508 1509 return (TRUE); 1510 } 1511 else 1512 { 1513 APPL_TRACE_WARNING1("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status); 1514 1515 return (FALSE); 1516 } 1517 } 1518 1519 /******************************************************************************* 1520 ** 1521 ** Function bta_dm_inq_cmpl 1522 ** 1523 ** Description Process the inquiry complete event from BTM 1524 ** 1525 ** Returns void 1526 ** 1527 *******************************************************************************/ 1528 void bta_dm_inq_cmpl (tBTA_DM_MSG *p_data) 1529 { 1530 tBTA_DM_MSG * p_msg; 1531 tBTA_DM_SEARCH data; 1532 1533 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl"); 1534 1535 data.inq_cmpl.num_resps = p_data->inq_cmpl.num; 1536 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data); 1537 1538 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst()) != NULL) 1539 { 1540 /* start name and service discovery from the first device on inquiry result */ 1541 bta_dm_search_cb.name_discover_done = FALSE; 1542 bta_dm_search_cb.peer_name[0] = 0; 1543 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr); 1544 } 1545 else 1546 { 1547 /* no devices, search complete */ 1548 bta_dm_search_cb.services = 0; 1549 1550 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1551 { 1552 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1553 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1554 bta_sys_sendmsg(p_msg); 1555 } 1556 } 1557 } 1558 1559 /******************************************************************************* 1560 ** 1561 ** Function bta_dm_rmt_name 1562 ** 1563 ** Description Process the remote name result from BTM 1564 ** 1565 ** Returns void 1566 ** 1567 *******************************************************************************/ 1568 void bta_dm_rmt_name (tBTA_DM_MSG *p_data) 1569 { 1570 APPL_TRACE_DEBUG0("bta_dm_rmt_name"); 1571 1572 if( p_data->rem_name.result.disc_res.bd_name[0] && bta_dm_search_cb.p_btm_inq_info) 1573 { 1574 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = TRUE; 1575 } 1576 1577 bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr); 1578 } 1579 1580 /******************************************************************************* 1581 ** 1582 ** Function bta_dm_disc_rmt_name 1583 ** 1584 ** Description Process the remote name result from BTM when application 1585 ** wants to find the name for a bdaddr 1586 ** 1587 ** Returns void 1588 ** 1589 *******************************************************************************/ 1590 void bta_dm_disc_rmt_name (tBTA_DM_MSG *p_data) 1591 { 1592 tBTM_INQ_INFO *p_btm_inq_info; 1593 1594 APPL_TRACE_DEBUG0("bta_dm_disc_rmt_name"); 1595 1596 p_btm_inq_info = BTM_InqDbRead (p_data->rem_name.result.disc_res.bd_addr); 1597 if( p_btm_inq_info ) 1598 { 1599 if( p_data->rem_name.result.disc_res.bd_name[0] ) 1600 { 1601 p_btm_inq_info->appl_knows_rem_name = TRUE; 1602 } 1603 } 1604 1605 bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr); 1606 } 1607 1608 /******************************************************************************* 1609 ** 1610 ** Function bta_dm_sdp_result 1611 ** 1612 ** Description Process the discovery result from sdp 1613 ** 1614 ** Returns void 1615 ** 1616 *******************************************************************************/ 1617 void bta_dm_sdp_result (tBTA_DM_MSG *p_data) 1618 { 1619 1620 tSDP_DISC_REC *p_sdp_rec = NULL; 1621 tBTA_DM_MSG *p_msg; 1622 BOOLEAN service_found = FALSE; 1623 BOOLEAN scn_found = FALSE; 1624 UINT16 service = 0xFFFF; 1625 tSDP_PROTOCOL_ELEM pe; 1626 1627 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1628 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid; 1629 tBTA_DM_SEARCH result; 1630 tBT_UUID service_uuid; 1631 #endif 1632 1633 UINT32 num_uuids = 0; 1634 UINT8 uuid_list[32][MAX_UUID_SIZE]; // assuming a max of 32 services 1635 1636 if((p_data->sdp_event.sdp_result == SDP_SUCCESS) 1637 || (p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH) 1638 || (p_data->sdp_event.sdp_result == SDP_DB_FULL)) 1639 { 1640 APPL_TRACE_DEBUG1("sdp_result::0x%x", p_data->sdp_event.sdp_result); 1641 do 1642 { 1643 1644 service_found = FALSE; 1645 p_sdp_rec = NULL; 1646 if( bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID+1) ) 1647 { 1648 p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db, &bta_dm_search_cb.uuid, p_sdp_rec); 1649 1650 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe)) 1651 { 1652 bta_dm_search_cb.peer_scn = (UINT8) pe.params[0]; 1653 scn_found = TRUE; 1654 } 1655 } 1656 else 1657 { 1658 service = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1]; 1659 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec); 1660 } 1661 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1662 /* finished with BR/EDR services, now we check the result for GATT based service UUID */ 1663 if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID) 1664 { 1665 if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL) 1666 { 1667 p_uuid += (bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search); 1668 /* only support 16 bits UUID for now */ 1669 service = p_uuid->uu.uuid16; 1670 1671 } 1672 /* all GATT based services */ 1673 do 1674 { 1675 /* find a service record, report it */ 1676 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, 1677 0, p_sdp_rec); 1678 if (p_sdp_rec) 1679 { 1680 if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid)) 1681 { 1682 /* send result back to app now, one by one */ 1683 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 1684 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN)); 1685 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0; 1686 result.disc_ble_res.service.len = service_uuid.len; 1687 result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16; 1688 1689 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result); 1690 } 1691 } 1692 1693 if (bta_dm_search_cb.uuid_to_search > 0) 1694 break; 1695 1696 } while (p_sdp_rec); 1697 } 1698 else 1699 #endif 1700 { 1701 /* SDP_DB_FULL means some records with the 1702 required attributes were received */ 1703 if(((p_data->sdp_event.sdp_result == SDP_DB_FULL) && 1704 bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) || 1705 (p_sdp_rec != NULL)) 1706 { 1707 /* If Plug and Play service record, check to see if Broadcom stack */ 1708 if (service == UUID_SERVCLASS_PNP_INFORMATION) 1709 { 1710 if (p_sdp_rec) 1711 { 1712 if (SDP_FindAttributeInRec (p_sdp_rec, ATTR_ID_EXT_BRCM_VERSION)) 1713 { 1714 service_found = TRUE; 1715 } 1716 } 1717 } 1718 else 1719 { 1720 service_found = TRUE; 1721 } 1722 1723 if (service_found) 1724 { 1725 UINT16 tmp_svc = 0xFFFF; 1726 bta_dm_search_cb.services_found |= 1727 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index-1)); 1728 tmp_svc = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1]; 1729 /* Add to the list of UUIDs */ 1730 sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]); 1731 num_uuids++; 1732 } 1733 } 1734 } 1735 1736 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK && 1737 bta_dm_search_cb.services_to_search == 0) 1738 { 1739 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1740 if ( bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID && 1741 bta_dm_search_cb.uuid_to_search > 0) 1742 bta_dm_search_cb.uuid_to_search --; 1743 1744 if (bta_dm_search_cb.uuid_to_search == 0 || 1745 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID) 1746 #endif 1747 bta_dm_search_cb.service_index++; 1748 } 1749 else /* regular one service per search or PNP search */ 1750 break; 1751 1752 } 1753 while(bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID); 1754 1755 // GKI_freebuf(bta_dm_search_cb.p_sdp_db); 1756 // bta_dm_search_cb.p_sdp_db = NULL; 1757 APPL_TRACE_DEBUG1("bta_dm_sdp_result services_found = %04x", bta_dm_search_cb.services_found); 1758 1759 /* Collect the 128-bit services here and put them into the list */ 1760 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK) 1761 { 1762 p_sdp_rec = NULL; 1763 do 1764 { 1765 tBT_UUID temp_uuid; 1766 /* find a service record, report it */ 1767 p_sdp_rec = SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec); 1768 if (p_sdp_rec) 1769 { 1770 if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid)) 1771 { 1772 memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE); 1773 num_uuids++; 1774 } 1775 } 1776 } while (p_sdp_rec); 1777 } 1778 /* if there are more services to search for */ 1779 if(bta_dm_search_cb.services_to_search) 1780 { 1781 /* Free up the p_sdp_db before checking the next one */ 1782 bta_dm_free_sdp_db(NULL); 1783 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr); 1784 } 1785 else 1786 { 1787 /* callbacks */ 1788 /* start next bd_addr if necessary */ 1789 1790 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 1791 1792 1793 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1794 { 1795 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 1796 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS; 1797 p_msg->disc_result.result.disc_res.p_raw_data = NULL; 1798 p_msg->disc_result.result.disc_res.raw_data_size = 0; 1799 p_msg->disc_result.result.disc_res.num_uuids = num_uuids; 1800 p_msg->disc_result.result.disc_res.p_uuid_list = NULL; 1801 if (num_uuids > 0) { 1802 p_msg->disc_result.result.disc_res.p_uuid_list = (UINT8*)GKI_getbuf(num_uuids*MAX_UUID_SIZE); 1803 if (p_msg->disc_result.result.disc_res.p_uuid_list) { 1804 memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list, 1805 num_uuids*MAX_UUID_SIZE); 1806 } else { 1807 p_msg->disc_result.result.disc_res.num_uuids = 0; 1808 APPL_TRACE_ERROR1("%s: Unable to allocate memory for uuid_list", __FUNCTION__); 1809 } 1810 } 1811 //copy the raw_data to the discovery result structure 1812 // 1813 APPL_TRACE_DEBUG2("bta_dm_sdp_result (raw_data used = 0x%x raw_data_ptr = 0x%x)\r\n",bta_dm_search_cb.p_sdp_db->raw_used, bta_dm_search_cb.p_sdp_db->raw_data); 1814 1815 if ( bta_dm_search_cb.p_sdp_db != NULL && bta_dm_search_cb.p_sdp_db->raw_used != 0 && 1816 bta_dm_search_cb.p_sdp_db->raw_data != NULL) { 1817 1818 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.p_sdp_db->raw_used); 1819 if ( NULL != p_msg->disc_result.result.disc_res.p_raw_data ) { 1820 memcpy( p_msg->disc_result.result.disc_res.p_raw_data, 1821 bta_dm_search_cb.p_sdp_db->raw_data, 1822 bta_dm_search_cb.p_sdp_db->raw_used ); 1823 1824 p_msg->disc_result.result.disc_res.raw_data_size = 1825 bta_dm_search_cb.p_sdp_db->raw_used; 1826 1827 } else { 1828 APPL_TRACE_DEBUG1("bta_dm_sdp_result GKI Alloc failed to allocate %d bytes !!\r\n",bta_dm_search_cb.p_sdp_db->raw_used); 1829 } 1830 1831 bta_dm_search_cb.p_sdp_db->raw_data = NULL; //no need to free this - it is a global assigned. 1832 bta_dm_search_cb.p_sdp_db->raw_used = 0; 1833 bta_dm_search_cb.p_sdp_db->raw_size = 0; 1834 } 1835 else { 1836 APPL_TRACE_DEBUG0("bta_dm_sdp_result raw data size is 0 or raw_data is null!!\r\n"); 1837 } 1838 /* Done with p_sdp_db. Free it */ 1839 bta_dm_free_sdp_db(NULL); 1840 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 1841 1842 //Piggy back the SCN over result field 1843 if( scn_found ) 1844 { 1845 p_msg->disc_result.result.disc_res.result = (3 + bta_dm_search_cb.peer_scn); 1846 p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK; 1847 1848 APPL_TRACE_EVENT1(" Piggy back the SCN over result field SCN=%d", bta_dm_search_cb.peer_scn); 1849 1850 } 1851 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 1852 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 1853 bta_dm_get_remname(), (BD_NAME_LEN-1)); 1854 1855 /* make sure the string is null terminated */ 1856 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 1857 1858 bta_sys_sendmsg(p_msg); 1859 } 1860 1861 } 1862 1863 } 1864 else 1865 { 1866 /* conn failed. No need for timer */ 1867 if(p_data->sdp_event.sdp_result == SDP_CONN_FAILED || p_data->sdp_event.sdp_result == SDP_CONN_REJECTED 1868 || p_data->sdp_event.sdp_result == SDP_SECURITY_ERR) 1869 bta_dm_search_cb.wait_disc = FALSE; 1870 1871 /* not able to connect go to next device */ 1872 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 1873 bta_dm_search_cb.p_sdp_db = NULL; 1874 1875 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 1876 1877 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1878 { 1879 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 1880 p_msg->disc_result.result.disc_res.result = BTA_FAILURE; 1881 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 1882 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 1883 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 1884 bta_dm_get_remname(), (BD_NAME_LEN-1)); 1885 1886 /* make sure the string is null terminated */ 1887 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 1888 1889 bta_sys_sendmsg(p_msg); 1890 } 1891 } 1892 } 1893 1894 /******************************************************************************* 1895 ** 1896 ** Function bta_dm_search_cmpl 1897 ** 1898 ** Description Sends event to application 1899 ** 1900 ** Returns void 1901 ** 1902 *******************************************************************************/ 1903 void bta_dm_search_cmpl (tBTA_DM_MSG *p_data) 1904 { 1905 APPL_TRACE_DEBUG0("bta_dm_search_cmpl"); 1906 1907 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 1908 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid); 1909 #endif 1910 1911 if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT) 1912 bta_dm_di_disc_cmpl(p_data); 1913 else 1914 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL); 1915 } 1916 1917 /******************************************************************************* 1918 ** 1919 ** Function bta_dm_disc_result 1920 ** 1921 ** Description Service discovery result when discovering services on a device 1922 ** 1923 ** Returns void 1924 ** 1925 *******************************************************************************/ 1926 void bta_dm_disc_result (tBTA_DM_MSG *p_data) 1927 { 1928 tBTA_DM_MSG * p_msg; 1929 1930 APPL_TRACE_DEBUG0("bta_dm_disc_result"); 1931 1932 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1933 /* if any BR/EDR service discovery has been done, report the event */ 1934 if ((bta_dm_search_cb.services & ((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK ) & ~BTA_BLE_SERVICE_MASK))) 1935 #endif 1936 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result); 1937 1938 /* send a message to change state */ 1939 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1940 { 1941 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1942 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1943 bta_sys_sendmsg(p_msg); 1944 } 1945 } 1946 1947 /******************************************************************************* 1948 ** 1949 ** Function bta_dm_search_result 1950 ** 1951 ** Description Service discovery result while searching for devices 1952 ** 1953 ** Returns void 1954 ** 1955 *******************************************************************************/ 1956 void bta_dm_search_result (tBTA_DM_MSG *p_data) 1957 { 1958 APPL_TRACE_DEBUG2("bta_dm_search_result searching:0x%04x, result:0x%04x", 1959 bta_dm_search_cb.services, 1960 p_data->disc_result.result.disc_res.services); 1961 1962 /* call back if application wants name discovery or found services that application is searching */ 1963 if (( !bta_dm_search_cb.services ) 1964 ||(( bta_dm_search_cb.services ) && ( p_data->disc_result.result.disc_res.services ))) 1965 { 1966 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result); 1967 } 1968 1969 /* if searching did not initiate to create link */ 1970 if(!bta_dm_search_cb.wait_disc ) 1971 { 1972 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE ) 1973 /* if service searching is done with EIR, don't search next device */ 1974 if( bta_dm_search_cb.p_btm_inq_info ) 1975 #endif 1976 bta_dm_discover_next_device(); 1977 } 1978 else 1979 { 1980 /* wait until link is disconnected or timeout */ 1981 bta_dm_search_cb.sdp_results = TRUE; 1982 bta_dm_search_cb.search_timer.p_cback = (TIMER_CBACK*)&bta_dm_search_timer_cback; 1983 bta_sys_start_timer(&bta_dm_search_cb.search_timer, 0, 1000*(L2CAP_LINK_INACTIVITY_TOUT+1) ); 1984 } 1985 1986 } 1987 1988 /******************************************************************************* 1989 ** 1990 ** Function bta_dm_search_timer_cback 1991 ** 1992 ** Description Called when ACL disconnect time is over 1993 ** 1994 ** 1995 ** Returns void 1996 ** 1997 *******************************************************************************/ 1998 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle) 1999 { 2000 2001 APPL_TRACE_EVENT0(" bta_dm_search_timer_cback "); 2002 bta_dm_search_cb.wait_disc = FALSE; 2003 2004 /* proceed with next device */ 2005 bta_dm_discover_next_device(); 2006 2007 } 2008 2009 2010 /******************************************************************************* 2011 ** 2012 ** Function bta_dm_free_sdp_db 2013 ** 2014 ** Description Frees SDP data base 2015 ** 2016 ** Returns void 2017 ** 2018 *******************************************************************************/ 2019 void bta_dm_free_sdp_db (tBTA_DM_MSG *p_data) 2020 { 2021 if(bta_dm_search_cb.p_sdp_db) 2022 { 2023 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 2024 bta_dm_search_cb.p_sdp_db = NULL; 2025 } 2026 2027 } 2028 2029 /******************************************************************************* 2030 ** 2031 ** Function bta_dm_queue_search 2032 ** 2033 ** Description Queues search command while search is being cancelled 2034 ** 2035 ** Returns void 2036 ** 2037 *******************************************************************************/ 2038 void bta_dm_queue_search (tBTA_DM_MSG *p_data) 2039 { 2040 if(bta_dm_search_cb.p_search_queue) 2041 { 2042 GKI_freebuf(bta_dm_search_cb.p_search_queue); 2043 } 2044 2045 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_SEARCH)); 2046 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH)); 2047 2048 } 2049 2050 /******************************************************************************* 2051 ** 2052 ** Function bta_dm_queue_disc 2053 ** 2054 ** Description Queues discovery command while search is being cancelled 2055 ** 2056 ** Returns void 2057 ** 2058 *******************************************************************************/ 2059 void bta_dm_queue_disc (tBTA_DM_MSG *p_data) 2060 { 2061 if(bta_dm_search_cb.p_search_queue) 2062 { 2063 GKI_freebuf(bta_dm_search_cb.p_search_queue); 2064 } 2065 2066 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_DISCOVER)); 2067 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER)); 2068 2069 } 2070 2071 /******************************************************************************* 2072 ** 2073 ** Function bta_dm_search_clear_queue 2074 ** 2075 ** Description Clears the queue if API search cancel is called 2076 ** 2077 ** Returns void 2078 ** 2079 *******************************************************************************/ 2080 void bta_dm_search_clear_queue (tBTA_DM_MSG *p_data) 2081 { 2082 2083 if(bta_dm_search_cb.p_search_queue) 2084 { 2085 GKI_freebuf(bta_dm_search_cb.p_search_queue); 2086 bta_dm_search_cb.p_search_queue = NULL; 2087 } 2088 2089 2090 } 2091 2092 /******************************************************************************* 2093 ** 2094 ** Function bta_dm_search_cancel_cmpl 2095 ** 2096 ** Description Search cancel is complete 2097 ** 2098 ** Returns void 2099 ** 2100 *******************************************************************************/ 2101 void bta_dm_search_cancel_cmpl (tBTA_DM_MSG *p_data) 2102 { 2103 2104 if(bta_dm_search_cb.p_search_queue) 2105 { 2106 bta_sys_sendmsg(bta_dm_search_cb.p_search_queue); 2107 bta_dm_search_cb.p_search_queue = NULL; 2108 } 2109 2110 } 2111 2112 /******************************************************************************* 2113 ** 2114 ** Function bta_dm_search_cancel_transac_cmpl 2115 ** 2116 ** Description Current Service Discovery or remote name procedure is 2117 ** completed after search cancellation 2118 ** 2119 ** Returns void 2120 ** 2121 *******************************************************************************/ 2122 void bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG *p_data) 2123 { 2124 2125 if(bta_dm_search_cb.p_sdp_db) 2126 { 2127 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 2128 bta_dm_search_cb.p_sdp_db = NULL; 2129 } 2130 2131 bta_dm_search_cancel_notify(NULL); 2132 } 2133 2134 2135 /******************************************************************************* 2136 ** 2137 ** Function bta_dm_search_cancel_notify 2138 ** 2139 ** Description Notify application that search has been cancelled 2140 ** 2141 ** Returns void 2142 ** 2143 *******************************************************************************/ 2144 void bta_dm_search_cancel_notify (tBTA_DM_MSG *p_data) 2145 { 2146 if (bta_dm_search_cb.p_search_cback) 2147 { 2148 bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL); 2149 } 2150 if (!bta_dm_search_cb.name_discover_done) 2151 { 2152 BTM_CancelRemoteDeviceName(); 2153 } 2154 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE) 2155 if (bta_dm_search_cb.gatt_disc_active) 2156 { 2157 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 2158 } 2159 #endif 2160 2161 } 2162 2163 /******************************************************************************* 2164 ** 2165 ** Function bta_dm_find_services 2166 ** 2167 ** Description Starts discovery on a device 2168 ** 2169 ** Returns void 2170 ** 2171 *******************************************************************************/ 2172 static void bta_dm_find_services ( BD_ADDR bd_addr) 2173 { 2174 2175 tSDP_UUID uuid; 2176 UINT16 attr_list[] = {ATTR_ID_SERVICE_CLASS_ID_LIST, ATTR_ID_EXT_BRCM_VERSION}; 2177 UINT16 num_attrs = 1; 2178 tBTA_DM_MSG *p_msg; 2179 2180 memset (&uuid, 0, sizeof(tSDP_UUID)); 2181 2182 while(bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID) 2183 { 2184 if( bta_dm_search_cb.services_to_search 2185 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))) 2186 { 2187 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL) 2188 { 2189 APPL_TRACE_DEBUG1("bta_dm_search_cb.services = %04x***********", bta_dm_search_cb.services); 2190 /* try to search all services by search based on L2CAP UUID */ 2191 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK ) 2192 { 2193 APPL_TRACE_ERROR1("services_to_search = %08x",bta_dm_search_cb.services_to_search); 2194 if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK) 2195 { 2196 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0]; 2197 bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK; 2198 } 2199 else 2200 { 2201 uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP; 2202 bta_dm_search_cb.services_to_search = 0; 2203 } 2204 } 2205 else 2206 { 2207 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 2208 /* for LE only profile */ 2209 if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID) 2210 { 2211 if (bta_dm_search_cb.uuid_to_search > 0 && bta_dm_search_cb.p_srvc_uuid) 2212 { 2213 memcpy(&uuid, 2214 (const void *)(bta_dm_search_cb.p_srvc_uuid + \ 2215 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search), 2216 sizeof(tBT_UUID)); 2217 2218 bta_dm_search_cb.uuid_to_search -- ; 2219 } 2220 else 2221 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index]; 2222 2223 /* last one? clear the BLE service bit if all discovery has been done */ 2224 if (bta_dm_search_cb.uuid_to_search == 0) 2225 bta_dm_search_cb.services_to_search &= 2226 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))); 2227 2228 } 2229 else 2230 #endif 2231 { 2232 /* remove the service from services to be searched */ 2233 bta_dm_search_cb.services_to_search &= 2234 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))); 2235 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index]; 2236 } 2237 } 2238 2239 if (uuid.len == 0) 2240 uuid.len = LEN_UUID_16; 2241 2242 #if 0 2243 if (uuid.uu.uuid16 == UUID_SERVCLASS_PNP_INFORMATION) 2244 { 2245 num_attrs = 2; 2246 } 2247 #endif 2248 2249 if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID) 2250 { 2251 memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID)); 2252 } 2253 2254 2255 APPL_TRACE_ERROR1("****************search UUID = %04x***********", uuid.uu.uuid16); 2256 //SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, num_attrs, attr_list); 2257 SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, 0, NULL); 2258 2259 2260 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf)); 2261 bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf; 2262 2263 bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF; 2264 2265 if (!SDP_ServiceSearchAttributeRequest (bd_addr, bta_dm_search_cb.p_sdp_db, &bta_dm_sdp_callback)) 2266 { 2267 /* if discovery not successful with this device 2268 proceed to next one */ 2269 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 2270 bta_dm_search_cb.p_sdp_db = NULL; 2271 bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID; 2272 2273 } 2274 else 2275 { 2276 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 2277 if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID && 2278 bta_dm_search_cb.uuid_to_search == 0) || 2279 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID) 2280 #endif 2281 bta_dm_search_cb.service_index++; 2282 return; 2283 } 2284 } 2285 else 2286 { 2287 APPL_TRACE_ERROR0("#### Failed to allocate SDP DB buffer! ####"); 2288 } 2289 } 2290 2291 bta_dm_search_cb.service_index++; 2292 } 2293 2294 /* no more services to be discovered */ 2295 if(bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID) 2296 { 2297 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2298 { 2299 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 2300 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 2301 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 2302 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 2303 bta_dm_get_remname(), (BD_NAME_LEN-1)); 2304 2305 /* make sure the string is terminated */ 2306 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 2307 2308 bta_sys_sendmsg(p_msg); 2309 } 2310 } 2311 } 2312 2313 /******************************************************************************* 2314 ** 2315 ** Function bta_dm_discover_next_device 2316 ** 2317 ** Description Starts discovery on the next device in Inquiry data base 2318 ** 2319 ** Returns void 2320 ** 2321 *******************************************************************************/ 2322 static void bta_dm_discover_next_device(void) 2323 { 2324 2325 tBTA_DM_MSG * p_msg; 2326 2327 APPL_TRACE_DEBUG0("bta_dm_discover_next_device"); 2328 2329 /* searching next device on inquiry result */ 2330 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info)) != NULL) 2331 { 2332 bta_dm_search_cb.name_discover_done = FALSE; 2333 bta_dm_search_cb.peer_name[0] = 0; 2334 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr); 2335 } 2336 else 2337 { 2338 /* no devices, search complete */ 2339 bta_dm_search_cb.services = 0; 2340 2341 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2342 { 2343 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 2344 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 2345 bta_sys_sendmsg(p_msg); 2346 } 2347 } 2348 } 2349 2350 /******************************************************************************* 2351 ** 2352 ** Function bta_dm_discover_device 2353 ** 2354 ** Description Starts name and service discovery on the device 2355 ** 2356 ** Returns void 2357 ** 2358 *******************************************************************************/ 2359 static void bta_dm_discover_device(BD_ADDR remote_bd_addr) 2360 { 2361 tBTA_DM_MSG * p_msg; 2362 2363 APPL_TRACE_DEBUG6("bta_dm_discover_device, BDA:0x%02X%02X%02X%02X%02X%02X", 2364 remote_bd_addr[0],remote_bd_addr[1], 2365 remote_bd_addr[2],remote_bd_addr[3], 2366 remote_bd_addr[4],remote_bd_addr[5]); 2367 2368 bdcpy(bta_dm_search_cb.peer_bdaddr, remote_bd_addr); 2369 2370 APPL_TRACE_DEBUG2("bta_dm_discover_device name_discover_done = %d p_btm_inq_info 0x%x ", 2371 bta_dm_search_cb.name_discover_done, 2372 bta_dm_search_cb.p_btm_inq_info 2373 ); 2374 if ( bta_dm_search_cb.p_btm_inq_info ) { 2375 2376 APPL_TRACE_DEBUG1("bta_dm_discover_device appl_knows_rem_name %d", 2377 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name 2378 ); 2379 } 2380 2381 /* if name discovery is not done and application needs remote name */ 2382 if ((!bta_dm_search_cb.name_discover_done) 2383 && (( bta_dm_search_cb.p_btm_inq_info == NULL ) 2384 ||(bta_dm_search_cb.p_btm_inq_info && (!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name)))) 2385 { 2386 if( bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr) == TRUE ) 2387 { 2388 return; 2389 } 2390 else 2391 { 2392 /* starting name discovery failed */ 2393 bta_dm_search_cb.name_discover_done = TRUE; 2394 } 2395 } 2396 2397 /* if application wants to discover service */ 2398 if ( bta_dm_search_cb.services ) 2399 { 2400 /* initialize variables */ 2401 bta_dm_search_cb.service_index = 0; 2402 bta_dm_search_cb.services_found = 0; 2403 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services; 2404 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 2405 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid; 2406 #endif 2407 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE ) 2408 if ((bta_dm_search_cb.p_btm_inq_info != NULL) && 2409 bta_dm_search_cb.services != BTA_USER_SERVICE_MASK 2410 &&(bta_dm_search_cb.sdp_search == FALSE)) 2411 { 2412 /* check if EIR provides the information of supported services */ 2413 bta_dm_eir_search_services( &bta_dm_search_cb.p_btm_inq_info->results, 2414 &bta_dm_search_cb.services_to_search, 2415 &bta_dm_search_cb.services_found ); 2416 } 2417 2418 /* if seaching with EIR is not completed */ 2419 if(bta_dm_search_cb.services_to_search) 2420 #endif 2421 { 2422 /* check whether connection already exists to the device 2423 if connection exists, we don't have to wait for ACL 2424 link to go down to start search on next device */ 2425 if(BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr)) 2426 bta_dm_search_cb.wait_disc = FALSE; 2427 else 2428 bta_dm_search_cb.wait_disc = TRUE; 2429 2430 #if (BLE_INCLUDED == TRUE && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 2431 if ( bta_dm_search_cb.p_btm_inq_info ) 2432 { 2433 APPL_TRACE_DEBUG3("bta_dm_discover_device p_btm_inq_info 0x%x results.device_type 0x%x services_to_search 0x%x", 2434 bta_dm_search_cb.p_btm_inq_info, 2435 bta_dm_search_cb.p_btm_inq_info->results.device_type, 2436 bta_dm_search_cb.services_to_search 2437 ); 2438 } 2439 if (BTM_UseLeLink(bta_dm_search_cb.peer_bdaddr)) 2440 /* 2441 if ( bta_dm_search_cb.p_btm_inq_info != NULL && 2442 bta_dm_search_cb.p_btm_inq_info->results.device_type == BT_DEVICE_TYPE_BLE && 2443 (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK))*/ 2444 { 2445 if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK) 2446 { 2447 //set the raw data buffer here 2448 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf)); 2449 bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf; 2450 2451 bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF; 2452 bta_dm_search_cb.ble_raw_used = 0; 2453 2454 /* start GATT for service discovery */ 2455 btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 2456 return; 2457 } 2458 } 2459 else 2460 #endif 2461 { 2462 bta_dm_search_cb.sdp_results = FALSE; 2463 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr); 2464 2465 return; 2466 } 2467 } 2468 } 2469 2470 /* name discovery and service discovery are done for this device */ 2471 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2472 { 2473 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 2474 /* initialize the data structure - includes p_raw_data and raw_data_size */ 2475 memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES)); 2476 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS; 2477 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 2478 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 2479 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 2480 (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1)); 2481 2482 /* make sure the string is terminated */ 2483 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 2484 2485 bta_sys_sendmsg(p_msg); 2486 } 2487 } 2488 2489 /******************************************************************************* 2490 ** 2491 ** Function bta_dm_sdp_callback 2492 ** 2493 ** Description Callback from sdp with discovery status 2494 ** 2495 ** Returns void 2496 ** 2497 *******************************************************************************/ 2498 static void bta_dm_sdp_callback (UINT16 sdp_status) 2499 { 2500 2501 tBTA_DM_SDP_RESULT * p_msg; 2502 2503 if ((p_msg = (tBTA_DM_SDP_RESULT *) GKI_getbuf(sizeof(tBTA_DM_SDP_RESULT))) != NULL) 2504 { 2505 p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT; 2506 p_msg->sdp_result = sdp_status; 2507 bta_sys_sendmsg(p_msg); 2508 2509 } 2510 } 2511 2512 /******************************************************************************* 2513 ** 2514 ** Function bta_dm_inq_results_cb 2515 ** 2516 ** Description Inquiry results callback from BTM 2517 ** 2518 ** Returns void 2519 ** 2520 *******************************************************************************/ 2521 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir) 2522 { 2523 2524 tBTA_DM_SEARCH result; 2525 tBTM_INQ_INFO *p_inq_info; 2526 UINT16 service_class; 2527 2528 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr); 2529 memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN); 2530 BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class); 2531 result.inq_res.is_limited = (service_class & BTM_COD_SERVICE_LMTD_DISCOVER)?TRUE:FALSE; 2532 result.inq_res.rssi = p_inq->rssi; 2533 2534 #if (BLE_INCLUDED == TRUE) 2535 result.inq_res.ble_addr_type = p_inq->ble_addr_type; 2536 result.inq_res.inq_result_type = p_inq->inq_result_type; 2537 result.inq_res.device_type = p_inq->device_type; 2538 2539 #endif 2540 2541 /* application will parse EIR to find out remote device name */ 2542 result.inq_res.p_eir = p_eir; 2543 2544 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL) 2545 { 2546 /* initialize remt_name_not_required to FALSE so that we get the name by default */ 2547 result.inq_res.remt_name_not_required = FALSE; 2548 2549 } 2550 2551 if(bta_dm_search_cb.p_search_cback) 2552 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result); 2553 2554 if(p_inq_info) 2555 { 2556 /* application indicates if it knows the remote name, inside the callback 2557 copy that to the inquiry data base*/ 2558 if(result.inq_res.remt_name_not_required) 2559 p_inq_info->appl_knows_rem_name = TRUE; 2560 2561 } 2562 2563 2564 } 2565 2566 2567 /******************************************************************************* 2568 ** 2569 ** Function bta_dm_inq_cmpl_cb 2570 ** 2571 ** Description Inquiry complete callback from BTM 2572 ** 2573 ** Returns void 2574 ** 2575 *******************************************************************************/ 2576 static void bta_dm_inq_cmpl_cb (void * p_result) 2577 { 2578 2579 tBTA_DM_MSG * p_msg; 2580 2581 APPL_TRACE_DEBUG0("bta_dm_inq_cmpl_cb"); 2582 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2583 { 2584 p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT; 2585 p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp; 2586 bta_sys_sendmsg(p_msg); 2587 2588 } 2589 2590 2591 } 2592 2593 /******************************************************************************* 2594 ** 2595 ** Function bta_dm_service_search_remname_cback 2596 ** 2597 ** Description Remote name call back from BTM during service discovery 2598 ** 2599 ** Returns void 2600 ** 2601 *******************************************************************************/ 2602 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name) 2603 { 2604 tBTM_REMOTE_DEV_NAME rem_name; 2605 tBTM_STATUS btm_status; 2606 2607 APPL_TRACE_DEBUG1("bta_dm_service_search_remname_cback name=<%s>", bd_name); 2608 2609 /* if this is what we are looking for */ 2610 if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr)) 2611 { 2612 rem_name.length = strlen((char*)bd_name); 2613 if (rem_name.length > (BD_NAME_LEN-1)) 2614 { 2615 rem_name.length = (BD_NAME_LEN-1); 2616 rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0; 2617 } 2618 BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); 2619 rem_name.status = BTM_SUCCESS; 2620 2621 bta_dm_remname_cback(&rem_name); 2622 } 2623 else 2624 { 2625 /* get name of device */ 2626 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr, 2627 (tBTM_CMPL_CB *) bta_dm_remname_cback); 2628 if ( btm_status == BTM_BUSY ) 2629 { 2630 /* wait for next chance(notification of remote name discovery done) */ 2631 APPL_TRACE_DEBUG0("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName is busy"); 2632 } 2633 else if ( btm_status != BTM_CMD_STARTED ) 2634 { 2635 /* if failed to start getting remote name then continue */ 2636 APPL_TRACE_WARNING1("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status); 2637 2638 rem_name.length = 0; 2639 rem_name.remote_bd_name[0] = 0; 2640 rem_name.status = btm_status; 2641 bta_dm_remname_cback(&rem_name); 2642 } 2643 } 2644 } 2645 2646 2647 /******************************************************************************* 2648 ** 2649 ** Function bta_dm_remname_cback 2650 ** 2651 ** Description Remote name complete call back from BTM 2652 ** 2653 ** Returns void 2654 ** 2655 *******************************************************************************/ 2656 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name) 2657 { 2658 tBTA_DM_REM_NAME * p_msg; 2659 2660 APPL_TRACE_DEBUG2("bta_dm_remname_cback len = %d name=<%s>", p_remote_name->length, 2661 p_remote_name->remote_bd_name); 2662 2663 /* remote name discovery is done but it could be failed */ 2664 bta_dm_search_cb.name_discover_done = TRUE; 2665 BCM_STRNCPY_S((char*)bta_dm_search_cb.peer_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN)); 2666 bta_dm_search_cb.peer_name[BD_NAME_LEN]=0; 2667 2668 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 2669 #if BLE_INCLUDED == TRUE 2670 if (BTM_UseLeLink(bta_dm_search_cb.peer_bdaddr)) 2671 GAP_BleReadPeerPrefConnParams (bta_dm_search_cb.peer_bdaddr); 2672 #endif 2673 if ((p_msg = (tBTA_DM_REM_NAME *) GKI_getbuf(sizeof(tBTA_DM_REM_NAME))) != NULL) 2674 { 2675 bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 2676 BCM_STRNCPY_S((char*)p_msg->result.disc_res.bd_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN)); 2677 2678 /* make sure the string is null terminated */ 2679 p_msg->result.disc_res.bd_name[BD_NAME_LEN] = 0; 2680 2681 p_msg->hdr.event = BTA_DM_REMT_NAME_EVT; 2682 bta_sys_sendmsg(p_msg); 2683 2684 } 2685 } 2686 2687 /******************************************************************************* 2688 ** 2689 ** Function bta_dm_authorize_cback 2690 ** 2691 ** Description cback requesting authorization 2692 ** 2693 ** Returns void 2694 ** 2695 *******************************************************************************/ 2696 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, 2697 UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator) 2698 { 2699 tBTA_DM_SEC sec_event; 2700 UINT8 index = 1; 2701 2702 bdcpy(sec_event.authorize.bd_addr, bd_addr); 2703 memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN); 2704 2705 BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); 2706 2707 /* make sure the string is null terminated */ 2708 sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0; 2709 2710 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE ) 2711 sec_event.authorize.service = service_id; 2712 #endif 2713 2714 while(index < BTA_MAX_SERVICE_ID) 2715 { 2716 /* get the BTA service id corresponding to BTM id */ 2717 if(bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id) 2718 { 2719 sec_event.authorize.service = index; 2720 break; 2721 } 2722 index++; 2723 } 2724 2725 2726 /* if supported service callback otherwise not authorized */ 2727 if(bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID 2728 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE ) 2729 /* pass through JV service ID */ 2730 || (service_id >= BTA_FIRST_JV_SERVICE_ID && service_id <= BTA_LAST_JV_SERVICE_ID) 2731 #endif 2732 )) 2733 { 2734 bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event); 2735 return BTM_CMD_STARTED; 2736 } 2737 else 2738 { 2739 return BTM_NOT_AUTHORIZED; 2740 } 2741 } 2742 2743 2744 2745 2746 2747 /******************************************************************************* 2748 ** 2749 ** Function bta_dm_pinname_cback 2750 ** 2751 ** Description Callback requesting pin_key 2752 ** 2753 ** Returns void 2754 ** 2755 *******************************************************************************/ 2756 static void bta_dm_pinname_cback (void *p_data) 2757 { 2758 tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data; 2759 tBTA_DM_SEC sec_event; 2760 UINT32 bytes_to_copy; 2761 tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt; 2762 2763 if (BTA_DM_SP_CFM_REQ_EVT == event) 2764 { 2765 /* Retrieved saved device class and bd_addr */ 2766 bdcpy(sec_event.cfm_req.bd_addr, bta_dm_cb.pin_bd_addr); 2767 BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class); 2768 2769 if (p_result && p_result->status == BTM_SUCCESS) 2770 { 2771 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1)) 2772 ? p_result->length : (BD_NAME_LEN-1); 2773 memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy); 2774 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; 2775 } 2776 else /* No name found */ 2777 sec_event.cfm_req.bd_name[0] = 0; 2778 2779 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */ 2780 2781 /* 1 additional event data fields for this event */ 2782 sec_event.cfm_req.just_works = bta_dm_cb.just_works; 2783 } 2784 else 2785 { 2786 /* Retrieved saved device class and bd_addr */ 2787 bdcpy(sec_event.pin_req.bd_addr, bta_dm_cb.pin_bd_addr); 2788 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class); 2789 2790 if (p_result && p_result->status == BTM_SUCCESS) 2791 { 2792 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1)) 2793 ? p_result->length : (BD_NAME_LEN-1); 2794 memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy); 2795 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; 2796 } 2797 else /* No name found */ 2798 sec_event.pin_req.bd_name[0] = 0; 2799 2800 event = bta_dm_cb.pin_evt; 2801 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */ 2802 } 2803 2804 if( bta_dm_cb.p_sec_cback ) 2805 bta_dm_cb.p_sec_cback(event, &sec_event); 2806 } 2807 2808 2809 2810 /******************************************************************************* 2811 ** 2812 ** Function bta_dm_pin_cback 2813 ** 2814 ** Description Callback requesting pin_key 2815 ** 2816 ** Returns void 2817 ** 2818 *******************************************************************************/ 2819 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name) 2820 { 2821 tBTA_DM_SEC sec_event; 2822 2823 if (!bta_dm_cb.p_sec_cback) 2824 return BTM_NOT_AUTHORIZED; 2825 2826 /* If the device name is not known, save bdaddr and devclass and initiate a name request */ 2827 if (bd_name[0] == 0) 2828 { 2829 bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT; 2830 bdcpy(bta_dm_cb.pin_bd_addr, bd_addr); 2831 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class); 2832 if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED) 2833 return BTM_CMD_STARTED; 2834 2835 APPL_TRACE_WARNING0(" bta_dm_pin_cback() -> Failed to start Remote Name Request "); 2836 } 2837 2838 bdcpy(sec_event.pin_req.bd_addr, bd_addr); 2839 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class); 2840 BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); 2841 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; 2842 2843 bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event); 2844 return BTM_CMD_STARTED; 2845 } 2846 2847 2848 2849 /******************************************************************************* 2850 ** 2851 ** Function bta_dm_link_key_request_cback 2852 ** 2853 ** Description Callback requesting linkkey 2854 ** 2855 ** Returns void 2856 ** 2857 *******************************************************************************/ 2858 static UINT8 bta_dm_link_key_request_cback (BD_ADDR bd_addr, LINK_KEY key) 2859 { 2860 /* Application passes all link key to 2861 BTM during initialization using add_device 2862 API. If BTM doesn't have the link key in it's 2863 data base, that's because application doesn't 2864 it */ 2865 2866 return BTM_NOT_AUTHORIZED; 2867 } 2868 2869 2870 2871 2872 2873 /******************************************************************************* 2874 ** 2875 ** Function bta_dm_new_link_key_cback 2876 ** 2877 ** Description Callback from BTM to notify new link key 2878 ** 2879 ** Returns void 2880 ** 2881 *******************************************************************************/ 2882 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, 2883 BD_NAME bd_name, LINK_KEY key, UINT8 key_type) 2884 { 2885 tBTA_DM_SEC sec_event; 2886 tBTA_DM_AUTH_CMPL *p_auth_cmpl; 2887 UINT8 event; 2888 2889 memset (&sec_event, 0, sizeof(tBTA_DM_SEC)); 2890 2891 /* Not AMP Key type */ 2892 if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB) 2893 { 2894 event = BTA_DM_AUTH_CMPL_EVT; 2895 p_auth_cmpl = &sec_event.auth_cmpl; 2896 2897 bdcpy(p_auth_cmpl->bd_addr, bd_addr); 2898 2899 memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1)); 2900 p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0; 2901 2902 p_auth_cmpl->key_present = TRUE; 2903 p_auth_cmpl->key_type = key_type; 2904 p_auth_cmpl->success = TRUE; 2905 2906 memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN); 2907 sec_event.auth_cmpl.fail_reason = HCI_SUCCESS; 2908 2909 if(bta_dm_cb.p_sec_cback) 2910 { 2911 bta_dm_cb.p_sec_cback(event, &sec_event); 2912 } 2913 } 2914 else 2915 { 2916 APPL_TRACE_WARNING0(" bta_dm_new_link_key_cback() Received AMP Key?? "); 2917 } 2918 2919 return BTM_CMD_STARTED; 2920 } 2921 2922 2923 /******************************************************************************* 2924 ** 2925 ** Function bta_dm_authentication_complete_cback 2926 ** 2927 ** Description Authentication complete callback from BTM 2928 ** 2929 ** Returns void 2930 ** 2931 *******************************************************************************/ 2932 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result) 2933 { 2934 2935 tBTA_DM_SEC sec_event; 2936 2937 if(result != BTM_SUCCESS) 2938 { 2939 memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); 2940 bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr); 2941 2942 memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1)); 2943 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0; 2944 2945 /* taken care of by memset [above] 2946 sec_event.auth_cmpl.key_present = FALSE; 2947 sec_event.auth_cmpl.success = FALSE; 2948 */ 2949 sec_event.auth_cmpl.fail_reason = (UINT8)result; 2950 if(bta_dm_cb.p_sec_cback) 2951 { 2952 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); 2953 } 2954 /* delete this device entry from Sec Dev DB */ 2955 bta_dm_remove_sec_dev_entry(bd_addr); 2956 2957 } 2958 2959 return BTM_SUCCESS; 2960 } 2961 2962 /******************************************************************************* 2963 ** 2964 ** Function bta_dm_sp_cback 2965 ** 2966 ** Description simple pairing callback from BTM 2967 ** 2968 ** Returns void 2969 ** 2970 *******************************************************************************/ 2971 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data) 2972 { 2973 tBTM_STATUS status = BTM_CMD_STARTED; 2974 tBTA_DM_SEC sec_event; 2975 tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT; 2976 2977 APPL_TRACE_EVENT1("bta_dm_sp_cback: %d", event); 2978 if (!bta_dm_cb.p_sec_cback) 2979 return BTM_NOT_AUTHORIZED; 2980 2981 /* TODO_SP */ 2982 switch(event) 2983 { 2984 case BTM_SP_IO_REQ_EVT: 2985 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 2986 /* translate auth_req */ 2987 bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap, 2988 &p_data->io_req.oob_data, &p_data->io_req.auth_req, p_data->io_req.is_orig); 2989 #endif 2990 #if BTM_OOB_INCLUDED == FALSE 2991 status = BTM_SUCCESS; 2992 #endif 2993 2994 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data); 2995 break; 2996 case BTM_SP_IO_RSP_EVT: 2997 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 2998 bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap, 2999 p_data->io_rsp.oob_data, p_data->io_rsp.auth_req ); 3000 #endif 3001 break; 3002 3003 case BTM_SP_CFM_REQ_EVT: 3004 pin_evt = BTA_DM_SP_CFM_REQ_EVT; 3005 bta_dm_cb.just_works = sec_event.cfm_req.just_works = p_data->cfm_req.just_works; 3006 sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req; 3007 sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req; 3008 sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps; 3009 sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps; 3010 /* continue to next case */ 3011 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 3012 /* Passkey entry mode, mobile device with output capability is very 3013 unlikely to receive key request, so skip this event */ 3014 /*case BTM_SP_KEY_REQ_EVT: */ 3015 case BTM_SP_KEY_NOTIF_EVT: 3016 #endif 3017 bta_dm_cb.num_val = sec_event.key_notif.passkey = p_data->key_notif.passkey; 3018 /* If the device name is not known, save bdaddr and devclass and initiate a name request */ 3019 if (p_data->key_notif.bd_name[0] == 0) 3020 { 3021 bta_dm_cb.pin_evt = pin_evt; 3022 bdcpy(bta_dm_cb.pin_bd_addr, p_data->key_notif.bd_addr); 3023 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->key_notif.dev_class); 3024 if ((BTM_ReadRemoteDeviceName(p_data->key_notif.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED) 3025 return BTM_CMD_STARTED; 3026 3027 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request "); 3028 } 3029 bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr); 3030 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class); 3031 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), (char*)p_data->key_notif.bd_name, (BD_NAME_LEN-1)); 3032 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0; 3033 3034 bta_dm_cb.p_sec_cback(pin_evt, &sec_event); 3035 3036 break; 3037 3038 #if BTM_OOB_INCLUDED == TRUE 3039 case BTM_SP_LOC_OOB_EVT: 3040 bta_dm_co_loc_oob((BOOLEAN)(p_data->loc_oob.status == BTM_SUCCESS), 3041 p_data->loc_oob.c, p_data->loc_oob.r); 3042 break; 3043 3044 case BTM_SP_RMT_OOB_EVT: 3045 /* If the device name is not known, save bdaddr and devclass and initiate a name request */ 3046 if (p_data->rmt_oob.bd_name[0] == 0) 3047 { 3048 bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT; 3049 bdcpy(bta_dm_cb.pin_bd_addr, p_data->rmt_oob.bd_addr); 3050 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->rmt_oob.dev_class); 3051 if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr, bta_dm_pinname_cback)) == BTM_CMD_STARTED) 3052 return BTM_CMD_STARTED; 3053 3054 APPL_TRACE_WARNING0(" bta_dm_sp_cback() -> Failed to start Remote Name Request "); 3055 } 3056 bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr); 3057 BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class); 3058 BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1)); 3059 sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0; 3060 3061 bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event); 3062 3063 bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr); 3064 break; 3065 #endif 3066 case BTM_SP_COMPLT_EVT: 3067 /* do not report this event - handled by link_key_callback or auth_complete_callback */ 3068 break; 3069 3070 case BTM_SP_KEYPRESS_EVT: 3071 memcpy(&sec_event.key_press, &p_data->key_press, sizeof(tBTM_SP_KEYPRESS)); 3072 bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event); 3073 break; 3074 3075 case BTM_SP_UPGRADE_EVT: 3076 bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade ); 3077 break; 3078 3079 default: 3080 status = BTM_NOT_AUTHORIZED; 3081 break; 3082 } 3083 APPL_TRACE_EVENT1("dm status: %d", status); 3084 return status; 3085 } 3086 3087 /******************************************************************************* 3088 ** 3089 ** Function bta_dm_local_name_cback 3090 ** 3091 ** Description Callback from btm after local name is read 3092 ** 3093 ** 3094 ** Returns void 3095 ** 3096 *******************************************************************************/ 3097 static void bta_dm_local_name_cback(UINT8 *p_name) 3098 { 3099 tBTA_DM_SEC sec_event; 3100 3101 BTM_GetLocalDeviceAddr(sec_event.enable.bd_addr); 3102 sec_event.enable.status = BTA_SUCCESS; 3103 3104 if(bta_dm_cb.p_sec_cback) 3105 bta_dm_cb.p_sec_cback(BTA_DM_ENABLE_EVT, &sec_event); 3106 } 3107 3108 /******************************************************************************* 3109 ** 3110 ** Function bta_dm_signal_strength 3111 ** 3112 ** Description Callback from btm after local bdaddr is read 3113 ** 3114 ** 3115 ** Returns void 3116 ** 3117 *******************************************************************************/ 3118 void bta_dm_signal_strength(tBTA_DM_MSG *p_data) 3119 { 3120 3121 if(p_data->sig_strength.start) 3122 { 3123 bta_dm_cb.signal_strength_mask = p_data->sig_strength.mask; 3124 bta_dm_cb.signal_strength_period = p_data->sig_strength.period; 3125 bta_dm_signal_strength_timer_cback(NULL); 3126 } 3127 else 3128 { 3129 bta_sys_stop_timer(&bta_dm_cb.signal_strength_timer); 3130 } 3131 3132 } 3133 /******************************************************************************* 3134 ** 3135 ** Function bta_dm_signal_strength_timer_cback 3136 ** 3137 ** Description Periodic timer callback to read signal strength 3138 ** 3139 ** 3140 ** Returns void 3141 ** 3142 *******************************************************************************/ 3143 static void bta_dm_signal_strength_timer_cback (TIMER_LIST_ENT *p_tle) 3144 { 3145 3146 UINT8 i; 3147 3148 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_RSSI_MASK) 3149 { 3150 for(i=0; i<bta_dm_cb.device_list.count; i++) 3151 { 3152 BTM_ReadRSSI (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_rssi_cback); 3153 3154 } 3155 } 3156 if(bta_dm_cb.signal_strength_mask & BTA_SIG_STRENGTH_LINK_QUALITY_MASK) 3157 { 3158 3159 for(i=0; i<bta_dm_cb.device_list.count; i++) 3160 { 3161 BTM_ReadLinkQuality (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, (tBTM_CMPL_CB *)bta_dm_link_quality_cback); 3162 } 3163 3164 } 3165 3166 if(bta_dm_cb.signal_strength_period) 3167 { 3168 bta_dm_cb.signal_strength_timer.p_cback = (TIMER_CBACK*)&bta_dm_signal_strength_timer_cback; 3169 bta_sys_start_timer(&bta_dm_cb.signal_strength_timer, 0, (UINT32)1000*bta_dm_cb.signal_strength_period); 3170 } 3171 } 3172 3173 3174 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE) 3175 /******************************************************************************* 3176 ** 3177 ** Function bta_dm_bl_change_cback 3178 ** 3179 ** Description Callback from btm when acl connection goes up or down 3180 ** 3181 ** 3182 ** Returns void 3183 ** 3184 *******************************************************************************/ 3185 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data) 3186 { 3187 tBTA_DM_ACL_CHANGE * p_msg; 3188 3189 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL) 3190 { 3191 p_msg->event = p_data->event; 3192 p_msg->is_new = FALSE; 3193 3194 switch(p_msg->event) 3195 { 3196 case BTM_BL_CONN_EVT: 3197 p_msg->is_new = TRUE; 3198 bdcpy(p_msg->bd_addr, p_data->conn.p_bda); 3199 break; 3200 case BTM_BL_DISCN_EVT: 3201 bdcpy(p_msg->bd_addr, p_data->discn.p_bda); 3202 break; 3203 case BTM_BL_UPDATE_EVT: 3204 p_msg->busy_level = p_data->update.busy_level; 3205 p_msg->busy_level_flags = p_data->update.busy_level_flags; 3206 break; 3207 case BTM_BL_ROLE_CHG_EVT: 3208 p_msg->new_role = p_data->role_chg.new_role; 3209 p_msg->hci_status = p_data->role_chg.hci_status; 3210 bdcpy(p_msg->bd_addr, p_data->role_chg.p_bda); 3211 break; 3212 case BTM_BL_COLLISION_EVT: 3213 bdcpy(p_msg->bd_addr, p_data->conn.p_bda); 3214 break;; 3215 } 3216 3217 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT; 3218 bta_sys_sendmsg(p_msg); 3219 3220 } 3221 3222 } 3223 #else 3224 3225 /******************************************************************************* 3226 ** 3227 ** Function bta_dm_acl_change_cback 3228 ** 3229 ** Description Callback from btm when acl connection goes up or down 3230 ** 3231 ** 3232 ** Returns void 3233 ** 3234 *******************************************************************************/ 3235 static void bta_dm_acl_change_cback (BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, 3236 UINT8 *features, BOOLEAN is_new) 3237 { 3238 3239 tBTA_DM_ACL_CHANGE * p_msg; 3240 3241 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL) 3242 { 3243 bdcpy (p_msg->bd_addr, p_bda); 3244 p_msg->is_new = is_new; 3245 3246 /* This is collision case */ 3247 if (features != NULL) 3248 { 3249 if ((features[0] == 0xFF) && !is_new) 3250 p_msg->event = BTM_BL_COLLISION_EVT; 3251 } 3252 3253 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT; 3254 bta_sys_sendmsg(p_msg); 3255 3256 } 3257 3258 } 3259 #endif 3260 /******************************************************************************* 3261 ** 3262 ** Function bta_dm_rs_cback 3263 ** 3264 ** Description Receives the role switch complete event 3265 ** 3266 ** Returns 3267 ** 3268 *******************************************************************************/ 3269 static void bta_dm_rs_cback (tBTM_ROLE_SWITCH_CMPL *p1) 3270 { 3271 APPL_TRACE_WARNING1("bta_dm_rs_cback:%d", bta_dm_cb.rs_event); 3272 if(bta_dm_cb.rs_event == BTA_DM_API_SEARCH_EVT) 3273 { 3274 bta_dm_cb.search_msg.rs_res = BTA_DM_RS_OK; /* do not care about the result for now */ 3275 bta_dm_cb.rs_event = 0; 3276 bta_dm_search_start((tBTA_DM_MSG *)&bta_dm_cb.search_msg); 3277 } 3278 } 3279 3280 /******************************************************************************* 3281 ** 3282 ** Function bta_dm_check_av 3283 ** 3284 ** Description This function checks if AV is active 3285 ** if yes, make sure the AV link is master 3286 ** 3287 ** Returns BOOLEAN - TRUE, if switch is in progress 3288 ** 3289 *******************************************************************************/ 3290 static BOOLEAN bta_dm_check_av(UINT16 event) 3291 { 3292 BOOLEAN avoid_roleswitch = FALSE; 3293 BOOLEAN switching = FALSE; 3294 UINT8 i; 3295 tBTA_DM_PEER_DEVICE *p_dev; 3296 3297 #if defined(BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY) && (BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY == TRUE) 3298 3299 /* avoid role switch upon inquiry if a2dp is actively streaming as it 3300 introduces an audioglitch due to FW scheduling delays (unavoidable) */ 3301 if (event == BTA_DM_API_SEARCH_EVT) 3302 { 3303 avoid_roleswitch = TRUE; 3304 } 3305 #endif 3306 3307 APPL_TRACE_WARNING1("bta_dm_check_av:%d", bta_dm_cb.cur_av_count); 3308 if(bta_dm_cb.cur_av_count) 3309 { 3310 for(i=0; i<bta_dm_cb.device_list.count; i++) 3311 { 3312 p_dev = &bta_dm_cb.device_list.peer_device[i]; 3313 APPL_TRACE_WARNING4("[%d]: state:%d, info:x%x, avoid_rs %d", 3314 i, p_dev->conn_state, p_dev->info, avoid_roleswitch); 3315 if((p_dev->conn_state == BTA_DM_CONNECTED) && (p_dev->info & BTA_DM_DI_AV_ACTIVE) && 3316 (avoid_roleswitch == FALSE)) 3317 { 3318 /* make master and take away the role switch policy */ 3319 if(BTM_CMD_STARTED == BTM_SwitchRole (p_dev->peer_bdaddr, HCI_ROLE_MASTER, (tBTM_CMPL_CB *)bta_dm_rs_cback)) 3320 { 3321 /* the role switch command is actually sent */ 3322 bta_dm_cb.rs_event = event; 3323 switching = TRUE; 3324 } 3325 /* else either already master or can not switch for some reasons */ 3326 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr); 3327 break; 3328 } 3329 } 3330 } 3331 return switching; 3332 } 3333 3334 /******************************************************************************* 3335 ** 3336 ** Function bta_dm_acl_change 3337 ** 3338 ** Description Process BTA_DM_ACL_CHANGE_EVT 3339 ** 3340 ** 3341 ** Returns void 3342 ** 3343 *******************************************************************************/ 3344 void bta_dm_acl_change(tBTA_DM_MSG *p_data) 3345 { 3346 3347 UINT8 i; 3348 UINT8 *p; 3349 tBTA_DM_SEC conn; 3350 BOOLEAN is_new = p_data->acl_change.is_new; 3351 BD_ADDR_PTR p_bda = p_data->acl_change.bd_addr; 3352 BOOLEAN need_policy_change = FALSE; 3353 BOOLEAN issue_unpair_cb = FALSE; 3354 3355 #if (defined(BTM_BUSY_LEVEL_CHANGE_INCLUDED) && BTM_BUSY_LEVEL_CHANGE_INCLUDED == TRUE) 3356 tBTA_DM_PEER_DEVICE *p_dev; 3357 3358 switch(p_data->acl_change.event) 3359 { 3360 case BTM_BL_UPDATE_EVT: /* busy level update */ 3361 if( bta_dm_cb.p_sec_cback ) 3362 { 3363 conn.busy_level.level = p_data->acl_change.busy_level; 3364 conn.busy_level.level_flags = p_data->acl_change.busy_level_flags; 3365 bta_dm_cb.p_sec_cback(BTA_DM_BUSY_LEVEL_EVT, &conn); 3366 } 3367 return; 3368 3369 case BTM_BL_ROLE_CHG_EVT: /* role change event */ 3370 p_dev = bta_dm_find_peer_device(p_bda); 3371 if(p_dev) 3372 { 3373 APPL_TRACE_DEBUG3("bta_dm_acl_change role chg info:x%x new_role:%d dev count:%d", 3374 p_dev->info, p_data->acl_change.new_role, bta_dm_cb.device_list.count); 3375 if(p_dev->info & BTA_DM_DI_AV_ACTIVE) 3376 { 3377 /* there's AV activity on this link */ 3378 if(p_data->acl_change.new_role == HCI_ROLE_SLAVE && bta_dm_cb.device_list.count > 1 3379 && p_data->acl_change.hci_status == HCI_SUCCESS) 3380 { 3381 /* more than one connections and the AV connection is role switched to slave 3382 * switch it back to master and remove the switch policy */ 3383 BTM_SwitchRole(p_bda, BTM_ROLE_MASTER, NULL); 3384 need_policy_change = TRUE; 3385 } 3386 else if (bta_dm_cfg.avoid_scatter && (p_data->acl_change.new_role == HCI_ROLE_MASTER)) 3387 { 3388 /* if the link updated to be master include AV activities, remove the switch policy */ 3389 need_policy_change = TRUE; 3390 } 3391 3392 if(need_policy_change) 3393 { 3394 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr); 3395 } 3396 } 3397 else 3398 { 3399 /* there's AV no activity on this link and role switch happened 3400 * check if AV is active 3401 * if so, make sure the AV link is master */ 3402 bta_dm_check_av(0); 3403 } 3404 bta_sys_notify_role_chg(p_data->acl_change.bd_addr, p_data->acl_change.new_role, p_data->acl_change.hci_status); 3405 bdcpy(conn.role_chg.bd_addr, p_bda); 3406 conn.role_chg.new_role = (UINT8) p_data->acl_change.new_role; 3407 if( bta_dm_cb.p_sec_cback ) 3408 bta_dm_cb.p_sec_cback(BTA_DM_ROLE_CHG_EVT, &conn); 3409 } 3410 return; 3411 } 3412 #endif 3413 3414 /* Collision report from Stack: Notify profiles */ 3415 if (p_data->acl_change.event == BTM_BL_COLLISION_EVT) 3416 { 3417 bta_sys_notify_collision (p_bda); 3418 return; 3419 } 3420 3421 if(is_new) 3422 { 3423 for(i=0; i<bta_dm_cb.device_list.count; i++) 3424 { 3425 if(!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda)) 3426 break; 3427 3428 } 3429 3430 if(i == bta_dm_cb.device_list.count) 3431 { 3432 bdcpy(bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].peer_bdaddr, p_bda); 3433 bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].link_policy = bta_dm_cb.cur_policy; 3434 bta_dm_cb.device_list.count++; 3435 } 3436 3437 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_CONNECTED; 3438 bta_dm_cb.device_list.peer_device[i].pref_role = BTA_ANY_ROLE; 3439 bdcpy(conn.link_up.bd_addr, p_bda); 3440 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_NONE; 3441 if( ((NULL != (p = BTM_ReadLocalFeatures ())) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) && 3442 ((NULL != (p = BTM_ReadRemoteFeatures (p_bda))) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) ) 3443 { 3444 /* both local and remote devices support SSR */ 3445 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_USE_SSR; 3446 } 3447 APPL_TRACE_WARNING1("info:x%x", bta_dm_cb.device_list.peer_device[i].info); 3448 if( bta_dm_cb.p_sec_cback ) 3449 bta_dm_cb.p_sec_cback(BTA_DM_LINK_UP_EVT, &conn); 3450 3451 } 3452 else 3453 { 3454 for(i=0; i<bta_dm_cb.device_list.count; i++) 3455 { 3456 if(bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda)) 3457 continue; 3458 3459 if( bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_UNPAIRING ) 3460 { 3461 BTM_SecDeleteDevice(bta_dm_cb.device_list.peer_device[i].peer_bdaddr); 3462 issue_unpair_cb = TRUE; 3463 } 3464 3465 conn.link_down.is_removed = bta_dm_cb.device_list.peer_device[i].remove_dev_pending; 3466 3467 for(; i<bta_dm_cb.device_list.count ; i++) 3468 { 3469 memcpy(&bta_dm_cb.device_list.peer_device[i], &bta_dm_cb.device_list.peer_device[i+1], sizeof(bta_dm_cb.device_list.peer_device[i])); 3470 } 3471 break; 3472 } 3473 if(bta_dm_cb.device_list.count) 3474 bta_dm_cb.device_list.count--; 3475 3476 if(bta_dm_search_cb.wait_disc && !bdcmp(bta_dm_search_cb.peer_bdaddr, p_bda)) 3477 { 3478 bta_dm_search_cb.wait_disc = FALSE; 3479 3480 if(bta_dm_search_cb.sdp_results) 3481 { 3482 APPL_TRACE_EVENT0(" timer stopped "); 3483 bta_sys_stop_timer(&bta_dm_search_cb.search_timer); 3484 bta_dm_discover_next_device(); 3485 } 3486 3487 } 3488 3489 if(bta_dm_cb.disabling) 3490 { 3491 if(!BTM_GetNumAclLinks()) 3492 { 3493 bta_sys_stop_timer(&bta_dm_cb.disable_timer); 3494 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback; 3495 /* start a timer to make sure that the profiles get the disconnect event */ 3496 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1000); 3497 } 3498 } 3499 if (conn.link_down.is_removed) 3500 { 3501 BTM_SecDeleteDevice(p_bda); 3502 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 3503 /* need to remove all pending background connection */ 3504 BTA_GATTC_CancelOpen(0, p_bda, FALSE); 3505 /* remove all cached GATT information */ 3506 BTA_GATTC_Refresh(p_bda); 3507 #endif 3508 } 3509 3510 bdcpy(conn.link_down.bd_addr, p_bda); 3511 conn.link_down.status = (UINT8) btm_get_acl_disc_reason_code(); 3512 if( bta_dm_cb.p_sec_cback ) 3513 { 3514 bta_dm_cb.p_sec_cback(BTA_DM_LINK_DOWN_EVT, &conn); 3515 if( issue_unpair_cb ) 3516 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &conn); 3517 } 3518 } 3519 3520 bta_dm_adjust_roles(TRUE); 3521 } 3522 3523 /******************************************************************************* 3524 ** 3525 ** Function bta_dm_disable_conn_down_timer_cback 3526 ** 3527 ** Description Sends disable event to application 3528 ** 3529 ** 3530 ** Returns void 3531 ** 3532 *******************************************************************************/ 3533 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle) 3534 { 3535 tBTA_SYS_HW_MSG *sys_enable_event; 3536 3537 /* disable the power managment module */ 3538 bta_dm_disable_pm(); 3539 3540 /* register our callback to SYS HW manager */ 3541 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback ); 3542 3543 /* send a message to BTA SYS */ 3544 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL) 3545 { 3546 sys_enable_event->hdr.event = BTA_SYS_API_DISABLE_EVT; 3547 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH; 3548 bta_sys_sendmsg(sys_enable_event); 3549 } 3550 3551 bta_dm_cb.disabling = FALSE; 3552 3553 } 3554 3555 /******************************************************************************* 3556 ** 3557 ** Function bta_dm_rssi_cback 3558 ** 3559 ** Description Callback from btm with rssi values 3560 ** 3561 ** 3562 ** Returns void 3563 ** 3564 *******************************************************************************/ 3565 static void bta_dm_rssi_cback (tBTM_RSSI_RESULTS *p_result) 3566 { 3567 tBTA_DM_SEC sec_event; 3568 3569 if(p_result->status == BTM_SUCCESS) 3570 { 3571 3572 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda); 3573 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_RSSI_MASK; 3574 sec_event.sig_strength.rssi_value = p_result->rssi; 3575 if( bta_dm_cb.p_sec_cback!= NULL ) 3576 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event); 3577 3578 } 3579 } 3580 3581 /******************************************************************************* 3582 ** 3583 ** Function bta_dm_link_quality_cback 3584 ** 3585 ** Description Callback from btm with link quality value 3586 ** 3587 ** 3588 ** Returns void 3589 ** 3590 *******************************************************************************/ 3591 static void bta_dm_link_quality_cback (tBTM_LINK_QUALITY_RESULTS *p_result) 3592 { 3593 3594 tBTA_DM_SEC sec_event; 3595 3596 if(p_result->status == BTM_SUCCESS) 3597 { 3598 3599 bdcpy(sec_event.sig_strength.bd_addr, p_result->rem_bda); 3600 sec_event.sig_strength.mask = BTA_SIG_STRENGTH_LINK_QUALITY_MASK; 3601 sec_event.sig_strength.link_quality_value = p_result->link_quality; 3602 if( bta_dm_cb.p_sec_cback!= NULL ) 3603 bta_dm_cb.p_sec_cback(BTA_DM_SIG_STRENGTH_EVT, &sec_event); 3604 3605 } 3606 } 3607 3608 /******************************************************************************* 3609 ** 3610 ** Function bta_dm_rm_cback 3611 ** 3612 ** Description Role management callback from sys 3613 ** 3614 ** 3615 ** Returns void 3616 ** 3617 *******************************************************************************/ 3618 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr) 3619 { 3620 3621 UINT8 j; 3622 tBTA_PREF_ROLES role; 3623 tBTA_DM_PEER_DEVICE *p_dev; 3624 3625 p_dev = bta_dm_find_peer_device(peer_addr); 3626 if( status == BTA_SYS_CONN_OPEN) 3627 { 3628 if(p_dev) 3629 { 3630 /* Do not set to connected if we are in the middle of unpairing. When AV stream is 3631 * started it fakes out a SYS_CONN_OPEN to potentially trigger a role switch command. 3632 * But this should not be done if we are in the middle of unpairing. 3633 */ 3634 if (p_dev->conn_state != BTA_DM_UNPAIRING) 3635 p_dev->conn_state = BTA_DM_CONNECTED; 3636 3637 for(j=1; j<= p_bta_dm_rm_cfg[0].app_id; j++) 3638 { 3639 if(((p_bta_dm_rm_cfg[j].app_id == app_id) || (p_bta_dm_rm_cfg[j].app_id == BTA_ALL_APP_ID)) 3640 && (p_bta_dm_rm_cfg[j].id == id)) 3641 { 3642 role = p_bta_dm_rm_cfg[j].cfg; 3643 3644 if(role > p_dev->pref_role ) 3645 p_dev->pref_role = role; 3646 break; 3647 } 3648 } 3649 3650 } 3651 3652 } 3653 3654 if((BTA_ID_AV == id)||(BTA_ID_AVK ==id)) 3655 { 3656 if( status == BTA_SYS_CONN_BUSY) 3657 { 3658 if(p_dev) 3659 p_dev->info |= BTA_DM_DI_AV_ACTIVE; 3660 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */ 3661 if(BTA_ID_AV == id) 3662 bta_dm_cb.cur_av_count = app_id; 3663 } 3664 else if( status == BTA_SYS_CONN_IDLE) 3665 { 3666 if(p_dev) 3667 p_dev->info &= ~BTA_DM_DI_AV_ACTIVE; 3668 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */ 3669 if(BTA_ID_AV == id) 3670 bta_dm_cb.cur_av_count = app_id; 3671 } 3672 APPL_TRACE_WARNING2("bta_dm_rm_cback:%d, status:%d", bta_dm_cb.cur_av_count, status); 3673 } 3674 else if ((status == BTA_SYS_CONN_BUSY) || (status == BTA_SYS_CONN_IDLE)) 3675 { 3676 /* Do not do role switch management for non-AV profiles when data flow starts/stops */ 3677 return; 3678 } 3679 3680 bta_dm_adjust_roles(FALSE); 3681 3682 } 3683 3684 /******************************************************************************* 3685 ** 3686 ** Function bta_dm_dev_blacklisted_for_switch 3687 ** 3688 ** Description Checks if the device is blacklisted for immediate role switch after connection. 3689 ** 3690 ** Returns TRUE if dev is blacklisted else FALSE 3691 ** 3692 *******************************************************************************/ 3693 static BOOLEAN bta_dm_dev_blacklisted_for_switch (BD_ADDR remote_bd_addr) 3694 { 3695 UINT16 manufacturer = 0; 3696 UINT16 lmp_sub_version = 0; 3697 UINT8 lmp_version = 0; 3698 UINT8 i = 0; 3699 3700 if (BTM_ReadRemoteVersion(remote_bd_addr, &lmp_version, 3701 &manufacturer, &lmp_sub_version) == BTM_SUCCESS) 3702 { 3703 /* Check if this device version info matches with is 3704 blacklisted versions for role switch */ 3705 for (i = 0; i < BTA_DM_MAX_ROLE_SWITCH_BLACKLIST_COUNT; i++) 3706 { 3707 if ((bta_role_switch_blacklist[i].lmp_version == lmp_version) && 3708 (bta_role_switch_blacklist[i].manufacturer == manufacturer)&& 3709 ((bta_role_switch_blacklist[i].lmp_sub_version & lmp_sub_version) == 3710 bta_role_switch_blacklist[i].lmp_sub_version)) 3711 { 3712 APPL_TRACE_EVENT0("Black list F/W version matches.. Delay Role Switch..."); 3713 return TRUE; 3714 } 3715 3716 } 3717 } 3718 return FALSE; 3719 } 3720 3721 /******************************************************************************* 3722 ** 3723 ** Function bta_dm_delay_role_switch_cback 3724 ** 3725 ** Description Callback from btm to delay a role switch 3726 ** 3727 ** Returns void 3728 ** 3729 *******************************************************************************/ 3730 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle) 3731 { 3732 APPL_TRACE_EVENT0("bta_dm_delay_role_switch_cback: initiating Delayed RS"); 3733 bta_dm_adjust_roles (FALSE); 3734 } 3735 3736 /******************************************************************************* 3737 ** 3738 ** Function bta_dm_remove_sec_dev_entry 3739 ** 3740 ** Description Removes device entry from Security device DB if ACL connection with 3741 ** remtoe device does not exist, else schedule for dev entry removal upon 3742 ACL close 3743 ** 3744 ** Returns void 3745 ** 3746 *******************************************************************************/ 3747 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr) 3748 { 3749 UINT16 index = 0; 3750 if (BTM_IsAclConnectionUp(remote_bd_addr)) 3751 { 3752 APPL_TRACE_DEBUG1("%s ACL is not down. Schedule for Dev Removal when ACL closes", 3753 __FUNCTION__); 3754 for (index = 0; index < bta_dm_cb.device_list.count; index ++) 3755 { 3756 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, remote_bd_addr)) 3757 break; 3758 } 3759 if (index != bta_dm_cb.device_list.count) 3760 { 3761 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE; 3762 } 3763 else 3764 { 3765 APPL_TRACE_ERROR1(" %s Device does not exist in DB", __FUNCTION__); 3766 } 3767 } 3768 else 3769 { 3770 BTM_SecDeleteDevice (remote_bd_addr); 3771 } 3772 } 3773 3774 3775 /******************************************************************************* 3776 ** 3777 ** Function bta_dm_adjust_roles 3778 ** 3779 ** Description Adjust roles 3780 ** 3781 ** 3782 ** Returns void 3783 ** 3784 *******************************************************************************/ 3785 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch) 3786 { 3787 3788 UINT8 i; 3789 BOOLEAN set_master_role = FALSE; 3790 3791 if(bta_dm_cb.device_list.count) 3792 { 3793 3794 /* the configuration is no scatternet 3795 * or AV connection exists and there are more than one ACL link */ 3796 if( (p_bta_dm_rm_cfg[0].cfg == BTA_DM_NO_SCATTERNET) || 3797 (bta_dm_cb.cur_av_count && bta_dm_cb.device_list.count > 1) ) 3798 { 3799 3800 L2CA_SetDesireRole (HCI_ROLE_MASTER); 3801 set_master_role = TRUE; 3802 3803 } 3804 3805 for(i=0; i<bta_dm_cb.device_list.count; i++) 3806 { 3807 if(bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED) 3808 { 3809 if(!set_master_role && (bta_dm_cb.device_list.peer_device[i].pref_role != BTA_ANY_ROLE) 3810 && (p_bta_dm_rm_cfg[0].cfg == BTA_DM_PARTIAL_SCATTERNET)) 3811 { 3812 L2CA_SetDesireRole (HCI_ROLE_MASTER); 3813 set_master_role = TRUE; 3814 } 3815 3816 if((bta_dm_cb.device_list.peer_device[i].pref_role == BTA_MASTER_ROLE_ONLY) 3817 || (bta_dm_cb.device_list.count > 1)) 3818 { 3819 3820 /* Initiating immediate role switch with certain remote devices 3821 has caused issues due to role switch colliding with link encryption setup and 3822 causing encryption (and in turn the link) to fail . These device . Firmware 3823 versions are stored in a blacklist and role switch with these devices are 3824 delayed to avoid the collision with link encryption setup */ 3825 3826 if ((delay_role_switch == FALSE) || 3827 (bta_dm_dev_blacklisted_for_switch( 3828 bta_dm_cb.device_list.peer_device[i].peer_bdaddr) == FALSE)) 3829 { 3830 BTM_SwitchRole (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, 3831 HCI_ROLE_MASTER, NULL); 3832 } 3833 else 3834 { 3835 bta_dm_cb.switch_delay_timer.p_cback = 3836 (TIMER_CBACK*)&bta_dm_delay_role_switch_cback; 3837 bta_sys_start_timer(&bta_dm_cb.switch_delay_timer, 0, 500); 3838 } 3839 } 3840 3841 } 3842 } 3843 3844 3845 if(!set_master_role) 3846 { 3847 3848 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE); 3849 3850 } 3851 3852 } 3853 else 3854 { 3855 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE); 3856 } 3857 3858 3859 } 3860 3861 /******************************************************************************* 3862 ** 3863 ** Function bta_dm_get_remname 3864 ** 3865 ** Description Returns a pointer to the remote name stored in the DM control 3866 ** block if it exists, or from the BTM memory. 3867 ** 3868 ** Returns char * - Pointer to the remote device name 3869 *******************************************************************************/ 3870 static char *bta_dm_get_remname(void) 3871 { 3872 char *p_name = (char *)bta_dm_search_cb.peer_name; 3873 char *p_temp; 3874 3875 /* If the name isn't already stored, try retrieving from BTM */ 3876 if (*p_name == '\0') 3877 if ((p_temp = BTM_SecReadDevName(bta_dm_search_cb.peer_bdaddr)) != NULL) 3878 p_name = p_temp; 3879 3880 return p_name; 3881 } 3882 3883 /******************************************************************************* 3884 ** 3885 ** Function bta_dm_bond_cancel_complete_cback 3886 ** 3887 ** Description Authentication complete callback from BTM 3888 ** 3889 ** Returns void 3890 ** 3891 *******************************************************************************/ 3892 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result) 3893 { 3894 3895 tBTA_DM_SEC sec_event; 3896 3897 if (result == BTM_SUCCESS) 3898 sec_event.bond_cancel_cmpl.result = BTA_SUCCESS; 3899 else 3900 sec_event.bond_cancel_cmpl.result = BTA_FAILURE; 3901 3902 if(bta_dm_cb.p_sec_cback) 3903 { 3904 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event); 3905 } 3906 } 3907 3908 #if ( BTM_EIR_SERVER_INCLUDED == TRUE ) 3909 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 3910 /******************************************************************************* 3911 ** 3912 ** Function bta_dm_update_eir_uuid 3913 ** 3914 ** Description 3915 ** 3916 ** 3917 *******************************************************************************/ 3918 void bta_dm_update_eir_uuid (tBTA_DM_MSG *p_data) 3919 { 3920 tBTA_DM_API_UPDATE_EIR_UUID *p_msg = (tBTA_DM_API_UPDATE_EIR_UUID *)p_data; 3921 UINT8 xx; 3922 UINT8 empty_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID; 3923 UINT8 match_slot = BTA_EIR_SERVER_NUM_CUSTOM_UUID; 3924 3925 for (xx = 0; xx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; xx++) 3926 { 3927 if (bta_dm_cb.custom_uuid[xx].len == 0) 3928 { 3929 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID) 3930 empty_slot = xx; 3931 } 3932 else if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID) 3933 { 3934 if (!memcmp (bta_dm_cb.custom_uuid[xx].uu.uuid128, p_msg->uuid.uu.uuid128, p_msg->uuid.len)) 3935 { 3936 match_slot = xx;; 3937 } 3938 } 3939 } 3940 3941 if (p_msg->is_add) 3942 { 3943 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID) 3944 { 3945 if (empty_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID) 3946 { 3947 APPL_TRACE_ERROR0("No space to add UUID for EIR"); 3948 return; 3949 } 3950 else 3951 { 3952 memcpy (&(bta_dm_cb.custom_uuid[empty_slot]), &(p_msg->uuid), sizeof(tBT_UUID)); 3953 } 3954 } 3955 else 3956 { 3957 APPL_TRACE_ERROR0("UUID is already added for EIR"); 3958 return; 3959 } 3960 } 3961 else 3962 { 3963 if (match_slot == BTA_EIR_SERVER_NUM_CUSTOM_UUID) 3964 { 3965 APPL_TRACE_ERROR0("UUID is not found for EIR"); 3966 return; 3967 } 3968 else 3969 { 3970 memset (&(bta_dm_cb.custom_uuid[match_slot]), 0, sizeof(tBT_UUID)); 3971 } 3972 } 3973 3974 bta_dm_set_eir (NULL); 3975 } 3976 #endif 3977 3978 /******************************************************************************* 3979 ** 3980 ** Function bta_dm_set_eir_config 3981 ** 3982 ** Description 3983 ** 3984 ** 3985 *******************************************************************************/ 3986 void bta_dm_set_eir_config (tBTA_DM_MSG *p_data) 3987 { 3988 if (p_data->set_eir_cfg.p_eir_cfg) 3989 { 3990 /* User defined config */ 3991 p_bta_dm_eir_cfg = p_data->set_eir_cfg.p_eir_cfg; 3992 } 3993 else 3994 { 3995 /* Back to default config */ 3996 p_bta_dm_eir_cfg = (tBTA_DM_EIR_CONF*)&bta_dm_eir_cfg; 3997 } 3998 3999 bta_dm_set_eir (NULL); 4000 } 4001 4002 /******************************************************************************* 4003 ** 4004 ** Function bta_dm_set_eir 4005 ** 4006 ** Description This function creates EIR tagged data and writes it to controller. 4007 ** 4008 ** Returns None 4009 ** 4010 *******************************************************************************/ 4011 static void bta_dm_set_eir (char *local_name) 4012 { 4013 BT_HDR *p_buf; 4014 UINT8 *p; 4015 UINT8 *p_length; 4016 #if (BTA_EIR_CANNED_UUID_LIST != TRUE) 4017 UINT8 *p_type; 4018 UINT8 max_num_uuid; 4019 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 4020 UINT8 custom_uuid_idx; 4021 #endif 4022 #endif 4023 #if (BTM_EIR_DEFAULT_FEC_REQUIRED == FALSE) 4024 UINT8 free_eir_length = HCI_EXT_INQ_RESPONSE_LEN; 4025 #else 4026 UINT8 free_eir_length = HCI_DM5_PACKET_SIZE; 4027 #endif 4028 UINT8 num_uuid; 4029 UINT8 data_type; 4030 UINT8 local_name_len; 4031 4032 /* wait until complete to disable */ 4033 if (bta_dm_cb.disable_timer.in_use) 4034 return; 4035 4036 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE ) 4037 /* wait until App is ready */ 4038 if (bta_dm_cb.app_ready_timer.in_use) 4039 return; 4040 4041 /* if local name is not provided, get it from controller */ 4042 if( local_name == NULL ) 4043 { 4044 if( BTM_ReadLocalDeviceName( &local_name ) != BTM_SUCCESS ) 4045 { 4046 APPL_TRACE_ERROR0("Fail to read local device name for EIR"); 4047 } 4048 } 4049 #endif 4050 4051 /* Allocate a buffer to hold HCI command */ 4052 if ((p_buf = (BT_HDR *)GKI_getpoolbuf(BTM_CMD_POOL_ID)) == NULL) 4053 { 4054 APPL_TRACE_ERROR0("bta_dm_set_eir couldn't allocate buffer"); 4055 return; 4056 } 4057 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; 4058 4059 memset(p, 0x00, HCI_EXT_INQ_RESPONSE_LEN ); 4060 4061 APPL_TRACE_DEBUG0("BTA is generating EIR"); 4062 4063 if( local_name ) 4064 local_name_len = strlen( local_name ); 4065 else 4066 local_name_len = 0; 4067 4068 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE; 4069 /* if local name is longer than minimum length of shortened name */ 4070 /* check whether it needs to be shortened or not */ 4071 if( local_name_len > p_bta_dm_eir_cfg->bta_dm_eir_min_name_len ) 4072 { 4073 /* get number of UUID 16-bit list */ 4074 #if (BTA_EIR_CANNED_UUID_LIST == TRUE) 4075 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len/LEN_UUID_16; 4076 #else 4077 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16; 4078 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, 4079 max_num_uuid, &num_uuid ); 4080 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; /* reset p */ 4081 #endif 4082 4083 /* if UUID doesn't fit remaing space, shorten local name */ 4084 if ( local_name_len > (free_eir_length - 4 - num_uuid*LEN_UUID_16)) 4085 { 4086 APPL_TRACE_WARNING0("BTA EIR: local name is shortened"); 4087 local_name_len = p_bta_dm_eir_cfg->bta_dm_eir_min_name_len; 4088 data_type = BTM_EIR_SHORTENED_LOCAL_NAME_TYPE; 4089 } 4090 else 4091 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE; 4092 } 4093 4094 UINT8_TO_STREAM(p, local_name_len + 1); 4095 UINT8_TO_STREAM(p, data_type); 4096 4097 if (local_name != NULL) 4098 { 4099 memcpy(p, local_name, local_name_len); 4100 p += local_name_len; 4101 } 4102 free_eir_length -= local_name_len + 2; 4103 4104 #if (BTA_EIR_CANNED_UUID_LIST == TRUE) 4105 /* if UUID list is provided as static data in configuration */ 4106 if(( p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len > 0 ) 4107 &&(p_bta_dm_eir_cfg->bta_dm_eir_uuid16)) 4108 { 4109 if( free_eir_length > LEN_UUID_16 + 2) 4110 { 4111 free_eir_length -= 2; 4112 4113 if( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len) 4114 { 4115 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len / LEN_UUID_16; 4116 data_type = BTM_EIR_COMPLETE_16BITS_UUID_TYPE; 4117 } 4118 else /* not enough room for all UUIDs */ 4119 { 4120 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated"); 4121 num_uuid = free_eir_length / LEN_UUID_16; 4122 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE; 4123 } 4124 UINT8_TO_STREAM(p, num_uuid * LEN_UUID_16 + 1); 4125 UINT8_TO_STREAM(p, data_type); 4126 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_uuid16, num_uuid * LEN_UUID_16 ); 4127 p += num_uuid * LEN_UUID_16; 4128 free_eir_length -= num_uuid * LEN_UUID_16; 4129 } 4130 } 4131 #else /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */ 4132 /* if UUID list is dynamic */ 4133 if ( free_eir_length >= 2) 4134 { 4135 p_length = p++; 4136 p_type = p++; 4137 num_uuid = 0; 4138 4139 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16; 4140 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, max_num_uuid, &num_uuid ); 4141 4142 if( data_type == BTM_EIR_MORE_16BITS_UUID_TYPE ) 4143 { 4144 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated"); 4145 } 4146 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 4147 else 4148 { 4149 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++) 4150 { 4151 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_16) 4152 { 4153 if ( num_uuid < max_num_uuid ) 4154 { 4155 UINT16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid16); 4156 num_uuid++; 4157 } 4158 else 4159 { 4160 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE; 4161 APPL_TRACE_WARNING0("BTA EIR: UUID 16-bit list is truncated"); 4162 break; 4163 } 4164 } 4165 } 4166 } 4167 #endif /* (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */ 4168 4169 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_16 + 1); 4170 UINT8_TO_STREAM(p_type, data_type); 4171 free_eir_length -= num_uuid * LEN_UUID_16 + 2; 4172 } 4173 #endif /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */ 4174 4175 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 4176 /* Adding 32-bit UUID list */ 4177 if ( free_eir_length >= 2) 4178 { 4179 p_length = p++; 4180 p_type = p++; 4181 num_uuid = 0; 4182 data_type = BTM_EIR_COMPLETE_32BITS_UUID_TYPE; 4183 4184 max_num_uuid = (free_eir_length - 2)/LEN_UUID_32; 4185 4186 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++) 4187 { 4188 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_32) 4189 { 4190 if ( num_uuid < max_num_uuid ) 4191 { 4192 UINT32_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid32); 4193 num_uuid++; 4194 } 4195 else 4196 { 4197 data_type = BTM_EIR_MORE_32BITS_UUID_TYPE; 4198 APPL_TRACE_WARNING0("BTA EIR: UUID 32-bit list is truncated"); 4199 break; 4200 } 4201 } 4202 } 4203 4204 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_32 + 1); 4205 UINT8_TO_STREAM(p_type, data_type); 4206 free_eir_length -= num_uuid * LEN_UUID_32 + 2; 4207 } 4208 4209 /* Adding 128-bit UUID list */ 4210 if ( free_eir_length >= 2) 4211 { 4212 p_length = p++; 4213 p_type = p++; 4214 num_uuid = 0; 4215 data_type = BTM_EIR_COMPLETE_128BITS_UUID_TYPE; 4216 4217 max_num_uuid = (free_eir_length - 2)/LEN_UUID_128; 4218 4219 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++) 4220 { 4221 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_128) 4222 { 4223 if ( num_uuid < max_num_uuid ) 4224 { 4225 ARRAY16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid128); 4226 num_uuid++; 4227 } 4228 else 4229 { 4230 data_type = BTM_EIR_MORE_128BITS_UUID_TYPE; 4231 APPL_TRACE_WARNING0("BTA EIR: UUID 128-bit list is truncated"); 4232 break; 4233 } 4234 } 4235 } 4236 4237 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_128 + 1); 4238 UINT8_TO_STREAM(p_type, data_type); 4239 free_eir_length -= num_uuid * LEN_UUID_128 + 2; 4240 } 4241 #endif /* ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */ 4242 4243 /* if Flags are provided in configuration */ 4244 if(( p_bta_dm_eir_cfg->bta_dm_eir_flag_len > 0 ) 4245 &&( p_bta_dm_eir_cfg->bta_dm_eir_flags ) 4246 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2 )) 4247 { 4248 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 1); 4249 UINT8_TO_STREAM(p, BTM_EIR_FLAGS_TYPE); 4250 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_flags, 4251 p_bta_dm_eir_cfg->bta_dm_eir_flag_len); 4252 p += p_bta_dm_eir_cfg->bta_dm_eir_flag_len; 4253 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2; 4254 } 4255 4256 /* if Manufacturer Specific are provided in configuration */ 4257 if(( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len > 0 ) 4258 &&( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec ) 4259 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2 )) 4260 { 4261 p_length = p; 4262 4263 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 1); 4264 UINT8_TO_STREAM(p, BTM_EIR_MANUFACTURER_SPECIFIC_TYPE); 4265 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec, 4266 p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len); 4267 p += p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len; 4268 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2; 4269 4270 } 4271 else 4272 { 4273 p_length = NULL; 4274 } 4275 4276 /* if Inquiry Tx Resp Power compiled */ 4277 if ((p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power) && 4278 (free_eir_length >= 3)) 4279 { 4280 UINT8_TO_STREAM(p, 2); /* Length field */ 4281 UINT8_TO_STREAM(p, BTM_EIR_TX_POWER_LEVEL_TYPE); 4282 UINT8_TO_STREAM(p, *(p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power)); 4283 free_eir_length -= 3; 4284 } 4285 4286 if( free_eir_length ) 4287 UINT8_TO_STREAM(p, 0); /* terminator of significant part */ 4288 4289 BTM_WriteEIR( p_buf ); 4290 4291 } 4292 #endif 4293 4294 #if ( BTM_EIR_CLIENT_INCLUDED == TRUE ) 4295 /******************************************************************************* 4296 ** 4297 ** Function bta_dm_eir_search_services 4298 ** 4299 ** Description This function searches services in received EIR 4300 ** 4301 ** Returns None 4302 ** 4303 *******************************************************************************/ 4304 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result, 4305 tBTA_SERVICE_MASK *p_services_to_search, 4306 tBTA_SERVICE_MASK *p_services_found) 4307 { 4308 tBTA_SERVICE_MASK service_index = 0; 4309 tBTM_EIR_SEARCH_RESULT result; 4310 4311 APPL_TRACE_DEBUG6("BTA searching services in EIR of BDA:0x%02X%02X%02X%02X%02X%02X", 4312 p_result->remote_bd_addr[0],p_result->remote_bd_addr[1], 4313 p_result->remote_bd_addr[2],p_result->remote_bd_addr[3], 4314 p_result->remote_bd_addr[4],p_result->remote_bd_addr[5]); 4315 4316 APPL_TRACE_DEBUG1(" with services_to_search=0x%08X", *p_services_to_search); 4317 4318 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 4319 /* always do GATT based service discovery by SDP instead of from EIR */ 4320 /* if GATT based service is also to be put in EIR, need to modify this */ 4321 while (service_index < (BTA_MAX_SERVICE_ID - 1)) 4322 #else 4323 while(service_index < BTA_MAX_SERVICE_ID) 4324 #endif 4325 { 4326 if( *p_services_to_search 4327 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index))) 4328 { 4329 result = BTM_HasInquiryEirService( p_result, 4330 bta_service_id_to_uuid_lkup_tbl[service_index] ); 4331 4332 /* Searching for HSP v1.2 only device */ 4333 if ((result != BTM_EIR_FOUND) && 4334 (bta_service_id_to_uuid_lkup_tbl[service_index] == UUID_SERVCLASS_HEADSET)) 4335 { 4336 result = BTM_HasInquiryEirService (p_result, UUID_SERVCLASS_HEADSET_HS); 4337 } 4338 4339 if( result == BTM_EIR_FOUND ) 4340 { 4341 /* If Plug and Play service record, need to check to see if Broadcom stack */ 4342 /* However, EIR data doesn't have EXT_BRCM_VERSION so just skip it */ 4343 if( bta_service_id_to_uuid_lkup_tbl[service_index] 4344 != UUID_SERVCLASS_PNP_INFORMATION ) 4345 { 4346 4347 *p_services_found |= 4348 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)); 4349 /* remove the service from services to be searched */ 4350 *p_services_to_search &= 4351 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index))); 4352 } 4353 } 4354 else if( result == BTM_EIR_NOT_FOUND ) 4355 { 4356 /* remove the service from services to be searched */ 4357 *p_services_to_search &= 4358 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index))); 4359 } 4360 } 4361 4362 service_index++; 4363 } 4364 4365 APPL_TRACE_ERROR2("BTA EIR search result, services_to_search=0x%08X, services_found=0x%08X", 4366 *p_services_to_search, *p_services_found); 4367 } 4368 #endif 4369 4370 #if ( BTM_EIR_SERVER_INCLUDED == TRUE )&&(BTA_EIR_CANNED_UUID_LIST != TRUE) 4371 /******************************************************************************* 4372 ** 4373 ** Function bta_dm_eir_update_uuid 4374 ** 4375 ** Description This function adds or removes service UUID in EIR database. 4376 ** 4377 ** Returns None 4378 ** 4379 *******************************************************************************/ 4380 void bta_dm_eir_update_uuid(UINT16 uuid16, BOOLEAN adding) 4381 { 4382 /* if this UUID is not advertised in EIR */ 4383 if( !BTM_HasEirService( p_bta_dm_eir_cfg->uuid_mask, uuid16 )) 4384 return; 4385 4386 if( adding ) 4387 { 4388 APPL_TRACE_EVENT1("Adding UUID=0x%04X into EIR", uuid16); 4389 4390 BTM_AddEirService( bta_dm_cb.eir_uuid, uuid16 ); 4391 } 4392 else 4393 { 4394 APPL_TRACE_EVENT1("Removing UUID=0x%04X from EIR", uuid16); 4395 4396 BTM_RemoveEirService( bta_dm_cb.eir_uuid, uuid16 ); 4397 } 4398 4399 bta_dm_set_eir (NULL); 4400 4401 APPL_TRACE_EVENT2("bta_dm_eir_update_uuid UUID bit mask=0x%08X %08X", 4402 bta_dm_cb.eir_uuid[1], bta_dm_cb.eir_uuid[0] ); 4403 } 4404 #endif 4405 4406 /******************************************************************************* 4407 ** 4408 ** Function bta_dm_enable_test_mode 4409 ** 4410 ** Description enable test mode 4411 ** 4412 ** 4413 ** Returns void 4414 ** 4415 *******************************************************************************/ 4416 void bta_dm_enable_test_mode(tBTA_DM_MSG *p_data) 4417 { 4418 BTM_EnableTestMode(); 4419 } 4420 4421 /******************************************************************************* 4422 ** 4423 ** Function bta_dm_disable_test_mode 4424 ** 4425 ** Description disable test mode 4426 ** 4427 ** 4428 ** Returns void 4429 ** 4430 *******************************************************************************/ 4431 void bta_dm_disable_test_mode(tBTA_DM_MSG *p_data) 4432 { 4433 BTM_DeviceReset(NULL); 4434 } 4435 4436 /******************************************************************************* 4437 ** 4438 ** Function bta_dm_execute_callback 4439 ** 4440 ** Description Just execute a generic call back in the context of the BTU/BTA tack 4441 ** 4442 ** 4443 ** Returns void 4444 ** 4445 *******************************************************************************/ 4446 void bta_dm_execute_callback(tBTA_DM_MSG *p_data) 4447 { 4448 /* sanity check */ 4449 if(p_data->exec_cback.p_exec_cback == NULL) 4450 { 4451 return; 4452 } 4453 4454 p_data->exec_cback.p_exec_cback(p_data->exec_cback.p_param); 4455 } 4456 /******************************************************************************* 4457 ** 4458 ** Function bta_dm_encrypt_cback 4459 ** 4460 ** Description link encryption complete callback. 4461 ** 4462 ** Returns None 4463 ** 4464 *******************************************************************************/ 4465 void bta_dm_encrypt_cback(BD_ADDR bd_addr, void *p_ref_data, tBTM_STATUS result) 4466 { 4467 tBTA_STATUS bta_status = BTA_SUCCESS; 4468 tBTA_DM_ENCRYPT_CBACK *p_callback = bta_dm_cb.p_encrypt_cback; 4469 4470 bta_dm_cb.p_encrypt_cback = NULL; 4471 switch (result) 4472 { 4473 case BTM_SUCCESS: 4474 break; 4475 case BTM_WRONG_MODE: 4476 bta_status = BTA_WRONG_MODE; 4477 break; 4478 case BTM_NO_RESOURCES: 4479 bta_status = BTA_NO_RESOURCES; 4480 break; 4481 case BTM_BUSY: 4482 bta_status = BTA_BUSY; 4483 break; 4484 default: 4485 bta_status = BTA_FAILURE; 4486 break; 4487 } 4488 4489 APPL_TRACE_DEBUG2("bta_dm_encrypt_cback status =%d p_callback=0x%x", bta_status, p_callback); 4490 4491 if (p_callback) 4492 { 4493 (*p_callback)(bd_addr, bta_status); 4494 } 4495 } 4496 /******************************************************************************* 4497 ** 4498 ** Function bta_dm_set_encryption 4499 ** 4500 ** Description This function to encrypt the link 4501 ** 4502 ** Returns None 4503 ** 4504 *******************************************************************************/ 4505 void bta_dm_set_encryption (tBTA_DM_MSG *p_data) 4506 { 4507 4508 APPL_TRACE_DEBUG0("bta_dm_set_encryption"); //todo 4509 if (!p_data->set_encryption.p_callback) 4510 { 4511 APPL_TRACE_ERROR0("bta_dm_set_encryption callback is not provided"); 4512 return; 4513 } 4514 4515 if (bta_dm_cb.p_encrypt_cback) 4516 { 4517 (*p_data->set_encryption.p_callback)(p_data->set_encryption.bd_addr, BTA_BUSY); 4518 return; 4519 } 4520 4521 4522 bta_dm_cb.p_encrypt_cback = p_data->set_encryption.p_callback; 4523 bta_dm_cb.sec_act = p_data->set_encryption.sec_act; 4524 BTM_SetEncryption(p_data->set_encryption.bd_addr, bta_dm_encrypt_cback, &bta_dm_cb.sec_act); 4525 } 4526 4527 /******************************************************************************* 4528 ** 4529 ** Function bta_dm_set_afh_channels 4530 ** 4531 ** Description set afh channels 4532 ** 4533 ** 4534 ** Returns void 4535 ** 4536 *******************************************************************************/ 4537 void bta_dm_set_afh_channels(tBTA_DM_MSG * p_data) 4538 { 4539 4540 BTM_SetAfhChannels(p_data->set_afhchannels.first,p_data->set_afhchannels.last); 4541 } 4542 4543 /******************************************************************************* 4544 ** 4545 ** Function bta_dm_set_afh_channel_assesment 4546 ** 4547 ** Description set afh channel assesment 4548 ** 4549 ** 4550 ** Returns void 4551 ** 4552 *******************************************************************************/ 4553 4554 void bta_dm_set_afh_channel_assesment (tBTA_DM_MSG * p_data) 4555 { 4556 BTM_SetAfhChannelAssessment(p_data->set_afh_channel_assessment.enable_or_disable); 4557 } 4558 4559 #if (BLE_INCLUDED == TRUE) 4560 /******************************************************************************* 4561 ** 4562 ** Function bta_dm_observe_results_cb 4563 ** 4564 ** Description Callback for BLE Observe result 4565 ** 4566 ** 4567 ** Returns void 4568 ** 4569 *******************************************************************************/ 4570 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir) 4571 { 4572 ; 4573 tBTA_DM_SEARCH result; 4574 tBTM_INQ_INFO *p_inq_info; 4575 UINT16 service_class; 4576 APPL_TRACE_DEBUG0("bta_dm_observe_results_cb") 4577 4578 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr); 4579 result.inq_res.rssi = p_inq->rssi; 4580 result.inq_res.ble_addr_type = p_inq->ble_addr_type; 4581 result.inq_res.inq_result_type = p_inq->inq_result_type; 4582 result.inq_res.device_type = p_inq->device_type; 4583 4584 /* application will parse EIR to find out remote device name */ 4585 result.inq_res.p_eir = p_eir; 4586 4587 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL) 4588 { 4589 /* initialize remt_name_not_required to FALSE so that we get the name by default */ 4590 result.inq_res.remt_name_not_required = FALSE; 4591 } 4592 4593 if(bta_dm_search_cb.p_scan_cback) 4594 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_RES_EVT, &result); 4595 4596 if(p_inq_info) 4597 { 4598 /* application indicates if it knows the remote name, inside the callback 4599 copy that to the inquiry data base*/ 4600 if(result.inq_res.remt_name_not_required) 4601 p_inq_info->appl_knows_rem_name = TRUE; 4602 } 4603 } 4604 4605 /******************************************************************************* 4606 ** 4607 ** Function bta_dm_observe_cmpl_cb 4608 ** 4609 ** Description Callback for BLE Observe complete 4610 ** 4611 ** 4612 ** Returns void 4613 ** 4614 *******************************************************************************/ 4615 static void bta_dm_observe_cmpl_cb (void * p_result) 4616 { 4617 tBTA_DM_SEARCH data; 4618 4619 APPL_TRACE_DEBUG0("bta_dm_observe_cmpl_cb"); 4620 4621 data.inq_cmpl.num_resps = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp; 4622 if (bta_dm_search_cb.p_scan_cback) 4623 { 4624 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data); 4625 } 4626 } 4627 4628 #if (SMP_INCLUDED == TRUE) 4629 /******************************************************************************* 4630 ** 4631 ** Function bta_dm_ble_smp_cback 4632 ** 4633 ** Description Callback for BLE SMP 4634 ** 4635 ** 4636 ** Returns void 4637 ** 4638 *******************************************************************************/ 4639 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data) 4640 { 4641 tBTM_STATUS status = BTM_SUCCESS; 4642 tBTA_DM_SEC sec_event; 4643 char* p_name = NULL; 4644 UINT8 i; 4645 4646 APPL_TRACE_DEBUG0("bta_dm_ble_smp_cback"); 4647 4648 if (!bta_dm_cb.p_sec_cback) 4649 return BTM_NOT_AUTHORIZED; 4650 4651 memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); 4652 switch (event) 4653 { 4654 case BTM_LE_IO_REQ_EVT: 4655 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 4656 4657 bta_dm_co_ble_io_req(bda, 4658 &p_data->io_req.io_cap, 4659 &p_data->io_req.oob_data, 4660 &p_data->io_req.auth_req, 4661 &p_data->io_req.max_key_size, 4662 &p_data->io_req.init_keys, 4663 &p_data->io_req.resp_keys); 4664 #endif 4665 #if BTM_OOB_INCLUDED == FALSE 4666 status = BTM_SUCCESS; 4667 #endif 4668 APPL_TRACE_EVENT2("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data); 4669 4670 break; 4671 4672 case BTM_LE_SEC_REQUEST_EVT: 4673 bdcpy(sec_event.ble_req.bd_addr, bda); 4674 p_name = BTM_SecReadDevName(bda); 4675 if (p_name != NULL) 4676 { 4677 BCM_STRNCPY_S((char*)sec_event.ble_req.bd_name, 4678 sizeof(BD_NAME), p_name, (BD_NAME_LEN)); 4679 } 4680 else 4681 { 4682 sec_event.ble_req.bd_name[0] = 0; 4683 } 4684 bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event); 4685 break; 4686 4687 case BTM_LE_KEY_NOTIF_EVT: 4688 bdcpy(sec_event.key_notif.bd_addr, bda); 4689 p_name = BTM_SecReadDevName(bda); 4690 if (p_name != NULL) 4691 { 4692 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, 4693 sizeof(BD_NAME), p_name, (BD_NAME_LEN)); 4694 } 4695 else 4696 { 4697 sec_event.key_notif.bd_name[0] = 0; 4698 } 4699 sec_event.key_notif.passkey = p_data->key_notif; 4700 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event); 4701 break; 4702 4703 case BTM_LE_KEY_REQ_EVT: 4704 bdcpy(sec_event.ble_req.bd_addr, bda); 4705 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_REQ_EVT, &sec_event); 4706 break; 4707 4708 case BTM_LE_OOB_REQ_EVT: 4709 bdcpy(sec_event.ble_req.bd_addr, bda); 4710 bta_dm_cb.p_sec_cback(BTA_DM_BLE_OOB_REQ_EVT, &sec_event); 4711 break; 4712 4713 case BTM_LE_KEY_EVT: 4714 bdcpy(sec_event.ble_key.bd_addr, bda); 4715 sec_event.ble_key.key_type = p_data->key.key_type; 4716 4717 if (p_data->key.key_type == BTM_LE_KEY_PID) 4718 { 4719 for (i=0; i<BT_OCTET16_LEN; i++ ) 4720 { 4721 sec_event.ble_key.key_value.pid_key.irk[i] = p_data->key.p_key_value->pid_key.irk[i]; 4722 } 4723 sec_event.ble_key.key_value.pid_key.addr_type = p_data->key.p_key_value->pid_key.addr_type; 4724 memcpy( &(sec_event.ble_key.key_value.pid_key.static_addr), 4725 &(p_data->key.p_key_value->pid_key.static_addr), 4726 sizeof (BD_ADDR)); 4727 } 4728 else 4729 { 4730 memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE)); 4731 } 4732 // memcpy(&sec_event.ble_key.key_value, p_data->key.p_key_value, sizeof(tBTM_LE_KEY_VALUE)); todo will crash 4733 bta_dm_cb.p_sec_cback(BTA_DM_BLE_KEY_EVT, &sec_event); 4734 break; 4735 4736 case BTM_LE_COMPLT_EVT: 4737 bdcpy(sec_event.auth_cmpl.bd_addr, bda); 4738 p_name = BTM_SecReadDevName(bda); 4739 if (p_name != NULL) 4740 { 4741 BCM_STRNCPY_S((char*)sec_event.auth_cmpl.bd_name, 4742 sizeof(BD_NAME), p_name, (BD_NAME_LEN)); 4743 } 4744 else 4745 { 4746 sec_event.auth_cmpl.bd_name[0] = 0; 4747 } 4748 if (p_data->complt.reason != 0) 4749 { 4750 sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason)); 4751 /* delete this device entry from Sec Dev DB */ 4752 bta_dm_remove_sec_dev_entry (bda); 4753 } 4754 else 4755 { 4756 sec_event.auth_cmpl.success = TRUE; 4757 } 4758 sec_event.auth_cmpl.privacy_enabled = p_data->complt.privacy_supported; 4759 if (bta_dm_cb.p_sec_cback) 4760 { 4761 //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); 4762 bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event); 4763 } 4764 4765 break; 4766 4767 default: 4768 status = BTM_NOT_AUTHORIZED; 4769 break; 4770 } 4771 return status; 4772 } 4773 #endif /* SMP_INCLUDED == TRUE */ 4774 4775 /******************************************************************************* 4776 ** 4777 ** Function bta_dm_ble_id_key_cback 4778 ** 4779 ** Description Callback for BLE local ID keys 4780 ** 4781 ** 4782 ** Returns void 4783 ** 4784 *******************************************************************************/ 4785 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key) 4786 { 4787 UINT8 evt; 4788 tBTA_DM_SEC dm_key; 4789 4790 switch (key_type) 4791 { 4792 case BTM_BLE_KEY_TYPE_ID: 4793 case BTM_BLE_KEY_TYPE_ER: 4794 if (bta_dm_cb.p_sec_cback) 4795 { 4796 memcpy(&dm_key.ble_id_keys, p_key, sizeof(tBTM_BLE_LOCAL_KEYS)); 4797 4798 evt = (key_type == BTM_BLE_KEY_TYPE_ID) ? BTA_DM_BLE_LOCAL_IR_EVT :\ 4799 BTA_DM_BLE_LOCAL_ER_EVT; 4800 bta_dm_cb.p_sec_cback(evt, &dm_key); 4801 } 4802 break; 4803 4804 default: 4805 APPL_TRACE_DEBUG1("Unknown key type %d", key_type); 4806 break; 4807 } 4808 return; 4809 4810 } 4811 4812 /******************************************************************************* 4813 ** 4814 ** Function bta_dm_add_blekey 4815 ** 4816 ** Description This function adds an BLE Key to an security database entry. 4817 ** This function shall only be called AFTER BTA_DmAddBleDevice has been called. 4818 ** It is normally called during host startup to restore all required information 4819 ** stored in the NVRAM. 4820 ** 4821 ** Parameters: 4822 ** 4823 *******************************************************************************/ 4824 void bta_dm_add_blekey (tBTA_DM_MSG *p_data) 4825 { 4826 if (!BTM_SecAddBleKey (p_data->add_ble_key.bd_addr, 4827 (tBTM_LE_KEY_VALUE *)&p_data->add_ble_key.blekey, 4828 p_data->add_ble_key.key_type)) 4829 { 4830 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Key for device %08x%04x", 4831 (p_data->add_ble_key.bd_addr[0]<<24)+(p_data->add_ble_key.bd_addr[1]<<16)+\ 4832 (p_data->add_ble_key.bd_addr[2]<<8)+p_data->add_ble_key.bd_addr[3], 4833 (p_data->add_ble_key.bd_addr[4]<<8)+p_data->add_ble_key.bd_addr[5]); 4834 } 4835 } 4836 4837 /******************************************************************************* 4838 ** 4839 ** Function bta_dm_add_ble_device 4840 ** 4841 ** Description This function adds an BLE device to an security database entry. 4842 ** It is normally called during host startup to restore all required information 4843 ** stored in the NVRAM. 4844 ** 4845 ** Parameters: 4846 ** 4847 *******************************************************************************/ 4848 void bta_dm_add_ble_device (tBTA_DM_MSG *p_data) 4849 { 4850 if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL, 4851 p_data->add_ble_device.dev_type , 4852 p_data->add_ble_device.addr_type)) 4853 { 4854 APPL_TRACE_ERROR2 ("BTA_DM: Error adding BLE Device for device %08x%04x", 4855 (p_data->add_ble_device.bd_addr[0]<<24)+(p_data->add_ble_device.bd_addr[1]<<16)+ \ 4856 (p_data->add_ble_device.bd_addr[2]<<8)+p_data->add_ble_device.bd_addr[3], 4857 (p_data->add_ble_device.bd_addr[4]<<8)+p_data->add_ble_device.bd_addr[5]); 4858 } 4859 } 4860 4861 /******************************************************************************* 4862 ** 4863 ** Function bta_dm_add_ble_device 4864 ** 4865 ** Description This function adds an BLE device to an security database entry. 4866 ** It is normally called during host startup to restore all required information 4867 ** stored in the NVRAM. 4868 ** 4869 ** Parameters: 4870 ** 4871 *******************************************************************************/ 4872 void bta_dm_ble_passkey_reply (tBTA_DM_MSG *p_data) 4873 { 4874 if (p_data->pin_reply.accept) 4875 { 4876 4877 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_SUCCESS, p_data->ble_passkey_reply.passkey); 4878 } 4879 else 4880 { 4881 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED, p_data->ble_passkey_reply.passkey); 4882 } 4883 4884 } 4885 4886 /******************************************************************************* 4887 ** 4888 ** Function bta_dm_security_grant 4889 ** 4890 ** Description This function grant SMP security request access. 4891 ** 4892 ** Parameters: 4893 ** 4894 *******************************************************************************/ 4895 void bta_dm_security_grant (tBTA_DM_MSG *p_data) 4896 { 4897 BTM_SecurityGrant(p_data->ble_sec_grant.bd_addr, p_data->ble_sec_grant.res); 4898 } 4899 4900 /******************************************************************************* 4901 ** 4902 ** Function bta_dm_ble_set_bg_conn_type 4903 ** 4904 ** Description This function set the BLE background connection type 4905 ** 4906 ** Parameters: 4907 ** 4908 *******************************************************************************/ 4909 void bta_dm_ble_set_bg_conn_type (tBTA_DM_MSG *p_data) 4910 { 4911 BTM_BleSetBgConnType(p_data->ble_set_bd_conn_type.bg_conn_type, 4912 p_data->ble_set_bd_conn_type.p_select_cback); 4913 } 4914 4915 /******************************************************************************* 4916 ** 4917 ** Function bta_dm_ble_set_conn_params 4918 ** 4919 ** Description This function set the preferred connection parameters. 4920 ** 4921 ** Parameters: 4922 ** 4923 *******************************************************************************/ 4924 void bta_dm_ble_set_conn_params (tBTA_DM_MSG *p_data) 4925 { 4926 BTM_BleSetPrefConnParams(p_data->ble_set_conn_params.peer_bda, 4927 p_data->ble_set_conn_params.conn_int_min, 4928 p_data->ble_set_conn_params.conn_int_max, 4929 p_data->ble_set_conn_params.slave_latency, 4930 p_data->ble_set_conn_params.supervision_tout); 4931 } 4932 4933 /******************************************************************************* 4934 ** 4935 ** Function bta_dm_ble_set_scan_params 4936 ** 4937 ** Description This function set the preferred connection scan parameters. 4938 ** 4939 ** Parameters: 4940 ** 4941 *******************************************************************************/ 4942 void bta_dm_ble_set_scan_params (tBTA_DM_MSG *p_data) 4943 { 4944 BTM_BleSetConnScanParams(p_data->ble_set_scan_params.scan_int, 4945 p_data->ble_set_scan_params.scan_window); 4946 } 4947 4948 4949 /******************************************************************************* 4950 ** 4951 ** Function bta_dm_ble_observe 4952 ** 4953 ** Description This function set the preferred connection scan parameters. 4954 ** 4955 ** Parameters: 4956 ** 4957 *******************************************************************************/ 4958 void bta_dm_ble_observe (tBTA_DM_MSG *p_data) 4959 { 4960 4961 tBTM_STATUS status; 4962 if (p_data->ble_observe.start) 4963 { 4964 /*Save the callback to be called when a scan results are available */ 4965 bta_dm_search_cb.p_scan_cback = p_data->ble_observe.p_cback; 4966 if ((status = BTM_BleObserve(TRUE, p_data->ble_observe.duration, 4967 bta_dm_observe_results_cb, bta_dm_observe_cmpl_cb))!= BTM_SUCCESS) 4968 { 4969 tBTA_DM_SEARCH data; 4970 APPL_TRACE_WARNING2(" %s BTM_BleObserve failed. status %d",__FUNCTION__,status); 4971 data.inq_cmpl.num_resps = 0; 4972 if (bta_dm_search_cb.p_scan_cback) 4973 { 4974 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data); 4975 } 4976 } 4977 } 4978 else 4979 { 4980 bta_dm_search_cb.p_scan_cback = NULL; 4981 BTM_BleObserve(FALSE, 0, NULL,NULL ); 4982 } 4983 } 4984 /******************************************************************************* 4985 ** 4986 ** Function bta_dm_ble_set_scan_params 4987 ** 4988 ** Description This function set the adv parameters. 4989 ** 4990 ** Parameters: 4991 ** 4992 *******************************************************************************/ 4993 void bta_dm_ble_set_adv_params (tBTA_DM_MSG *p_data) 4994 { 4995 BTM_BleSetAdvParams(p_data->ble_set_adv_params.adv_int_min, 4996 p_data->ble_set_adv_params.adv_int_max, 4997 p_data->ble_set_adv_params.p_dir_bda, 4998 BTA_DM_BLE_ADV_CHNL_MAP); 4999 } 5000 /******************************************************************************* 5001 ** 5002 ** Function bta_dm_ble_set_adv_config 5003 ** 5004 ** Description This function set the customized ADV data configuration 5005 ** 5006 ** Parameters: 5007 ** 5008 *******************************************************************************/ 5009 void bta_dm_ble_set_adv_config (tBTA_DM_MSG *p_data) 5010 { 5011 BTM_BleWriteAdvData(p_data->ble_set_adv_data.data_mask, 5012 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg); 5013 } 5014 5015 5016 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 5017 #ifndef BTA_DM_GATT_CLOSE_DELAY_TOUT 5018 #define BTA_DM_GATT_CLOSE_DELAY_TOUT 1000 5019 #endif 5020 5021 /******************************************************************************* 5022 ** 5023 ** Function bta_dm_gattc_register 5024 ** 5025 ** Description Register with GATTC in DM if BLE is needed. 5026 ** 5027 ** 5028 ** Returns void 5029 ** 5030 *******************************************************************************/ 5031 static void bta_dm_gattc_register(void) 5032 { 5033 tBT_UUID app_uuid = {LEN_UUID_128,{0}}; 5034 5035 if (bta_dm_search_cb.client_if == BTA_GATTS_INVALID_IF) 5036 { 5037 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128); 5038 BTA_GATTC_AppRegister(&app_uuid, bta_dm_gattc_callback); 5039 } 5040 } 5041 5042 /******************************************************************************* 5043 ** 5044 ** Function btm_dm_start_disc_gatt_services 5045 ** 5046 ** Description This function starts a GATT service search request. 5047 ** 5048 ** Parameters: 5049 ** 5050 *******************************************************************************/ 5051 static void btm_dm_start_disc_gatt_services (UINT16 conn_id) 5052 { 5053 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid + 5054 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search; 5055 5056 p_uuid = bta_dm_search_cb.p_srvc_uuid + 5057 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search; 5058 5059 /* always search for all services */ 5060 BTA_GATTC_ServiceSearchRequest(conn_id, p_uuid); 5061 } 5062 5063 /******************************************************************************* 5064 ** 5065 ** Function bta_dm_gatt_disc_result 5066 ** 5067 ** Description This function process the GATT service search result. 5068 ** 5069 ** Parameters: 5070 ** 5071 *******************************************************************************/ 5072 static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id) 5073 { 5074 tBTA_DM_SEARCH result; 5075 5076 /* 5077 * This logic will not work for gatt case. We are checking against the bluetooth profiles here 5078 * just copy the GATTID in raw data field and send it across. 5079 */ 5080 5081 5082 if ( bta_dm_search_cb.ble_raw_used + sizeof(tBTA_GATT_ID) < bta_dm_search_cb.ble_raw_size ) 5083 { 5084 APPL_TRACE_DEBUG3("ADDING BLE SERVICE uuid=0x%x, ble_ptr = 0x%x, ble_raw_used = 0x%x", service_id.uuid.uu.uuid16,bta_dm_search_cb.p_ble_rawdata,bta_dm_search_cb.ble_raw_used); 5085 5086 if(bta_dm_search_cb.p_ble_rawdata) 5087 { 5088 memcpy((bta_dm_search_cb.p_ble_rawdata + bta_dm_search_cb.ble_raw_used), &service_id, 5089 sizeof(service_id) ); 5090 5091 bta_dm_search_cb.ble_raw_used += sizeof(service_id); 5092 } 5093 else 5094 { 5095 APPL_TRACE_ERROR0("p_ble_rawdata is NULL"); 5096 } 5097 5098 } 5099 else 5100 { 5101 APPL_TRACE_ERROR3("%s out of room to accomodate more service ids ble_raw_size = %d ble_raw_used = %d", __FUNCTION__,bta_dm_search_cb.ble_raw_size, bta_dm_search_cb.ble_raw_used ); 5102 } 5103 5104 APPL_TRACE_ERROR1("bta_dm_gatt_disc_result serivce_id len=%d ", service_id.uuid.len); 5105 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) 5106 { 5107 5108 /* send result back to app now, one by one */ 5109 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 5110 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1)); 5111 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0; 5112 memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID)); 5113 5114 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result); 5115 } 5116 } 5117 5118 /******************************************************************************* 5119 ** 5120 ** Function bta_dm_gatt_disc_complete 5121 ** 5122 ** Description This function process the GATT service search complete. 5123 ** 5124 ** Parameters: 5125 ** 5126 *******************************************************************************/ 5127 static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status) 5128 { 5129 tBTA_DM_MSG *p_msg; 5130 5131 APPL_TRACE_DEBUG1("bta_dm_gatt_disc_complete conn_id = %d",conn_id); 5132 5133 if (bta_dm_search_cb.uuid_to_search > 0) bta_dm_search_cb.uuid_to_search --; 5134 5135 if (status == BTA_GATT_OK && bta_dm_search_cb.uuid_to_search > 0) 5136 { 5137 btm_dm_start_disc_gatt_services(conn_id); 5138 } 5139 else 5140 { 5141 bta_dm_search_cb.uuid_to_search = 0; 5142 5143 /* no more services to be discovered */ 5144 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 5145 { 5146 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 5147 p_msg->disc_result.result.disc_res.result = (status == BTA_GATT_OK) ? BTA_SUCCESS :BTA_FAILURE; 5148 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 5149 p_msg->disc_result.result.disc_res.num_uuids = 0; 5150 p_msg->disc_result.result.disc_res.p_uuid_list = NULL; 5151 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 5152 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 5153 bta_dm_get_remname(), (BD_NAME_LEN-1)); 5154 5155 /* make sure the string is terminated */ 5156 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 5157 5158 p_msg->disc_result.result.disc_res.device_type = BT_DEVICE_TYPE_BLE; 5159 if ( bta_dm_search_cb.ble_raw_used > 0 ) 5160 { 5161 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.ble_raw_used); 5162 5163 memcpy( p_msg->disc_result.result.disc_res.p_raw_data, 5164 bta_dm_search_cb.p_ble_rawdata, 5165 bta_dm_search_cb.ble_raw_used ); 5166 5167 p_msg->disc_result.result.disc_res.raw_data_size = bta_dm_search_cb.ble_raw_used; 5168 } 5169 else 5170 { 5171 p_msg->disc_result.result.disc_res.p_raw_data = NULL; 5172 bta_dm_search_cb.p_ble_rawdata = 0; 5173 } 5174 5175 bta_sys_sendmsg(p_msg); 5176 } 5177 if (conn_id != BTA_GATT_INVALID_CONN_ID) 5178 { 5179 if (BTA_DM_GATT_CLOSE_DELAY_TOUT != 0) 5180 { 5181 bta_sys_start_timer(&bta_dm_search_cb.gatt_close_timer, BTA_DM_DISC_CLOSE_TOUT_EVT, 5182 BTA_DM_GATT_CLOSE_DELAY_TOUT); 5183 } 5184 else 5185 { 5186 BTA_GATTC_Close(conn_id); 5187 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID; 5188 } 5189 } 5190 5191 bta_dm_search_cb.gatt_disc_active = FALSE; 5192 } 5193 } 5194 5195 /******************************************************************************* 5196 ** 5197 ** Function bta_dm_close_gatt_conn 5198 ** 5199 ** Description This function close the GATT connection after delay timeout. 5200 ** 5201 ** Parameters: 5202 ** 5203 *******************************************************************************/ 5204 void bta_dm_close_gatt_conn(tBTA_DM_MSG *p_data) 5205 { 5206 if (bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID) 5207 BTA_GATTC_Close(bta_dm_search_cb.conn_id); 5208 5209 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID; 5210 } 5211 5212 /******************************************************************************* 5213 ** 5214 ** Function btm_dm_start_gatt_discovery 5215 ** 5216 ** Description This is GATT initiate the service search by open a GATT connection 5217 ** first. 5218 ** 5219 ** Parameters: 5220 ** 5221 *******************************************************************************/ 5222 void btm_dm_start_gatt_discovery (BD_ADDR bd_addr) 5223 { 5224 bta_dm_search_cb.gatt_disc_active = TRUE; 5225 5226 /* connection is already open */ 5227 if (bdcmp(bta_dm_search_cb.pending_close_bda, bd_addr) == 0 && 5228 bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID) 5229 { 5230 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN); 5231 bta_sys_stop_timer(&bta_dm_search_cb.gatt_close_timer); 5232 btm_dm_start_disc_gatt_services(bta_dm_search_cb.conn_id); 5233 } 5234 else 5235 BTA_GATTC_Open(bta_dm_search_cb.client_if, bd_addr, TRUE); 5236 } 5237 5238 /******************************************************************************* 5239 ** 5240 ** Function bta_dm_cancel_gatt_discovery 5241 ** 5242 ** Description This is GATT cancel the GATT service search. 5243 ** 5244 ** Parameters: 5245 ** 5246 *******************************************************************************/ 5247 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr) 5248 { 5249 if (bta_dm_search_cb.conn_id == BTA_GATT_INVALID_CONN_ID) 5250 { 5251 BTA_GATTC_CancelOpen(bta_dm_search_cb.client_if, bd_addr, TRUE); 5252 } 5253 5254 bta_dm_gatt_disc_complete(bta_dm_search_cb.conn_id, (tBTA_GATT_STATUS) BTA_GATT_ERROR); 5255 } 5256 5257 /******************************************************************************* 5258 ** 5259 ** Function bta_dm_proc_open_evt 5260 ** 5261 ** Description process BTA_GATTC_OPEN_EVT in DM. 5262 ** 5263 ** Parameters: 5264 ** 5265 *******************************************************************************/ 5266 void bta_dm_proc_open_evt(tBTA_GATTC_OPEN *p_data) 5267 { 5268 UINT8 *p1; 5269 UINT8 *p2; 5270 5271 p1 = bta_dm_search_cb.peer_bdaddr; 5272 p2 = p_data->remote_bda; 5273 5274 APPL_TRACE_DEBUG5("DM Search state= %d search_cb.peer_dbaddr: [%08x%04x] connected_bda= [%08x%04x] ", 5275 bta_dm_search_cb.state, 5276 ((p1[0])<<24)+((p1[1])<<16)+((p1[2])<<8)+(p1[3]), 5277 ((p1[4])<<8)+ p1[5], 5278 ((p2[0])<<24)+((p2[1])<<16)+((p2[2])<<8)+(p2[3]), 5279 ((p2[4])<<8)+ p2[5]); 5280 5281 APPL_TRACE_DEBUG3("BTA_GATTC_OPEN_EVT conn_id = %d client_if=%d status = %d" , 5282 p_data->conn_id, 5283 p_data->client_if, 5284 p_data->status); 5285 5286 bta_dm_search_cb.conn_id = p_data->conn_id; 5287 5288 if (p_data->status == BTA_GATT_OK) 5289 { 5290 btm_dm_start_disc_gatt_services(p_data->conn_id); 5291 } 5292 else 5293 { 5294 bta_dm_gatt_disc_complete(BTA_GATT_INVALID_CONN_ID, p_data->status); 5295 } 5296 } 5297 5298 /******************************************************************************* 5299 ** 5300 ** Function bta_dm_gattc_callback 5301 ** 5302 ** Description This is GATT client callback function used in DM. 5303 ** 5304 ** Parameters: 5305 ** 5306 *******************************************************************************/ 5307 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data) 5308 { 5309 APPL_TRACE_DEBUG1("bta_dm_gattc_callback event = %d", event); 5310 5311 switch (event) 5312 { 5313 case BTA_GATTC_REG_EVT: 5314 APPL_TRACE_DEBUG1("BTA_GATTC_REG_EVT client_if = %d", p_data->reg_oper.client_if); 5315 if (p_data->reg_oper.status == BTA_GATT_OK) 5316 bta_dm_search_cb.client_if = p_data->reg_oper.client_if; 5317 else 5318 bta_dm_search_cb.client_if = BTA_GATTS_INVALID_IF; 5319 break; 5320 5321 case BTA_GATTC_OPEN_EVT: 5322 bta_dm_proc_open_evt(&p_data->open); 5323 break; 5324 5325 case BTA_GATTC_SEARCH_RES_EVT: 5326 bta_dm_gatt_disc_result(p_data->srvc_res.service_uuid.id); 5327 break; 5328 5329 case BTA_GATTC_SEARCH_CMPL_EVT: 5330 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) 5331 bta_dm_gatt_disc_complete(p_data->search_cmpl.conn_id, p_data->search_cmpl.status); 5332 break; 5333 5334 case BTA_GATTC_CLOSE_EVT: 5335 APPL_TRACE_DEBUG1("BTA_GATTC_CLOSE_EVT reason = %d", p_data->close.reason); 5336 /* in case of disconnect before search is completed */ 5337 if ( (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) && 5338 !memcmp(p_data->close.remote_bda, bta_dm_search_cb.peer_bdaddr, BD_ADDR_LEN)) 5339 { 5340 bta_dm_gatt_disc_complete((UINT16)BTA_GATT_INVALID_CONN_ID, (tBTA_GATT_STATUS) BTA_GATT_ERROR); 5341 } 5342 break; 5343 5344 default: 5345 break; 5346 } 5347 } 5348 5349 #endif /* BTA_GATT_INCLUDED */ 5350 #endif /* BLE_INCLUDED */ 5351
