1 /****************************************************************************** 2 * 3 * Copyright (C) 2003-2014 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains the action functions for device manager state 22 * machine. 23 * 24 ******************************************************************************/ 25 26 #include "bt_target.h" 27 #include "bt_types.h" 28 #include "gki.h" 29 #include "bta_sys.h" 30 #include "bta_api.h" 31 #include "bta_dm_int.h" 32 #include "bta_dm_co.h" 33 #include "btm_api.h" 34 #include "btm_int.h" 35 #include "btu.h" 36 #include "sdp_api.h" 37 #include "l2c_api.h" 38 #include "utl.h" 39 #include "gap_api.h" /* For GAP_BleReadPeerPrefConnParams */ 40 #include <string.h> 41 42 #define LOG_TAG "bt_bta_dm" 43 #include "osi/include/log.h" 44 45 #if (GAP_INCLUDED == TRUE) 46 #include "gap_api.h" 47 #endif 48 49 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir); 50 static void bta_dm_inq_cmpl_cb (void * p_result); 51 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name); 52 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name); 53 static void bta_dm_find_services ( BD_ADDR bd_addr); 54 static void bta_dm_discover_next_device(void); 55 static void bta_dm_sdp_callback (UINT16 sdp_status); 56 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator); 57 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, BOOLEAN min_16_digit); 58 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, LINK_KEY key, UINT8 key_type); 59 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result); 60 static void bta_dm_local_name_cback(BD_ADDR bd_addr); 61 static BOOLEAN bta_dm_check_av(UINT16 event); 62 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data); 63 64 65 #if BLE_INCLUDED == TRUE 66 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc, 67 BD_NAME p_bdn, UINT8 *features, 68 BOOLEAN is_new, UINT16 handle, 69 tBT_TRANSPORT transport); 70 #else 71 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc, 72 BD_NAME p_bdn, UINT8 *features, 73 BOOLEAN is_new); 74 #endif 75 76 77 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr); 78 79 /* Extended Inquiry Response */ 80 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data); 81 82 static void bta_dm_set_eir (char *local_name); 83 84 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result, 85 tBTA_SERVICE_MASK *p_services_to_search, 86 tBTA_SERVICE_MASK *p_services_found); 87 88 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle); 89 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle); 90 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr); 91 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch); 92 static char *bta_dm_get_remname(void); 93 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result); 94 95 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr,tBT_TRANSPORT transport); 96 static void bta_dm_discover_device(BD_ADDR remote_bd_addr); 97 98 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status ); 99 static void bta_dm_disable_search_and_disc(void); 100 101 #if ((defined BLE_INCLUDED) && (BLE_INCLUDED == TRUE)) 102 #if ((defined SMP_INCLUDED) && (SMP_INCLUDED == TRUE)) 103 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data); 104 #endif 105 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key); 106 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 107 static void bta_dm_gattc_register(void); 108 static void btm_dm_start_gatt_discovery(BD_ADDR bd_addr); 109 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr); 110 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data); 111 extern tBTA_DM_CONTRL_STATE bta_dm_pm_obtain_controller_state(void); 112 #endif 113 114 #if BLE_VND_INCLUDED == TRUE 115 static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result); 116 #endif 117 118 #ifndef BTA_DM_BLE_ADV_CHNL_MAP 119 #define BTA_DM_BLE_ADV_CHNL_MAP (BTM_BLE_ADV_CHNL_37|BTM_BLE_ADV_CHNL_38|BTM_BLE_ADV_CHNL_39) 120 #endif 121 #endif 122 123 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr); 124 static void bta_dm_observe_results_cb(tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir); 125 static void bta_dm_observe_cmpl_cb(void * p_result); 126 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle); 127 extern void sdpu_uuid16_to_uuid128(UINT16 uuid16, UINT8* p_uuid128); 128 static void bta_dm_disable_timer_cback(TIMER_LIST_ENT *p_tle); 129 130 131 const UINT16 bta_service_id_to_uuid_lkup_tbl [BTA_MAX_SERVICE_ID] = 132 { 133 UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */ 134 UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */ 135 UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */ 136 UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */ 137 UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */ 138 UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */ 139 UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */ 140 UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */ 141 UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */ 142 UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */ 143 UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */ 144 UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */ 145 UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */ 146 UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */ 147 UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */ 148 UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */ 149 UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */ 150 UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */ 151 UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */ 152 UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */ 153 UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */ 154 UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */ 155 UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */ 156 UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */ 157 UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */ 158 UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */ 159 UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */ 160 UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */ 161 UUID_SERVCLASS_PBAP_PCE /* BTA_PCE_SERVICE_ID */ 162 #if BLE_INCLUDED && BTA_GATT_INCLUDED 163 ,UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */ 164 #endif 165 }; 166 167 /* 168 * NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should be matching with 169 * the value BTA_MAX_SERVICE_ID in bta_api.h 170 * 171 * i.e., If you add new Service ID for BTA, the correct security ID of the new service 172 * from Security service definitions (btm_api.h) should be added to this lookup table. 173 */ 174 const UINT32 bta_service_id_to_btm_srv_id_lkup_tbl [BTA_MAX_SERVICE_ID] = 175 { 176 0, /* Reserved */ 177 BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */ 178 BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */ 179 BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */ 180 BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */ 181 BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */ 182 BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */ 183 BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */ 184 BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */ 185 BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */ 186 BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */ 187 BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */ 188 BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */ 189 BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */ 190 BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */ 191 BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */ 192 BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */ 193 BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */ 194 BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */ 195 BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */ 196 BTM_SEC_SERVICE_HIDH_SEC_CTRL, /* BTA_HID_SERVICE_ID */ 197 BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */ 198 BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */ 199 BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */ 200 BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */ 201 BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */ 202 BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */ 203 BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */ 204 BTM_SEC_SERVICE_PBAP /* BTA_PCE_SERVICE_ID */ 205 #if BLE_INCLUDED && BTA_GATT_INCLUDED 206 ,BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */ 207 #endif 208 209 }; 210 211 /* bta security callback */ 212 const tBTM_APPL_INFO bta_security = 213 { 214 &bta_dm_authorize_cback, 215 &bta_dm_pin_cback, 216 &bta_dm_new_link_key_cback, 217 &bta_dm_authentication_complete_cback, 218 &bta_dm_bond_cancel_complete_cback, 219 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 220 &bta_dm_sp_cback 221 #else 222 NULL 223 #endif 224 #if BLE_INCLUDED == TRUE 225 #if SMP_INCLUDED == TRUE 226 ,&bta_dm_ble_smp_cback 227 #endif 228 ,&bta_dm_ble_id_key_cback 229 #endif 230 231 }; 232 233 #define MAX_DISC_RAW_DATA_BUF (4096) 234 UINT8 g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF]; 235 236 extern DEV_CLASS local_device_default_class; 237 238 /******************************************************************************* 239 ** 240 ** Function bta_dm_enable 241 ** 242 ** Description Initialises the BT device manager 243 ** 244 ** 245 ** Returns void 246 ** 247 *******************************************************************************/ 248 void bta_dm_enable(tBTA_DM_MSG *p_data) 249 { 250 tBTA_SYS_HW_MSG *sys_enable_event; 251 tBTA_DM_ENABLE enable_event; 252 253 /* if already in use, return an error */ 254 if( bta_dm_cb.is_bta_dm_active == TRUE ) 255 { 256 APPL_TRACE_WARNING("%s Device already started by another application", __func__); 257 memset(&enable_event, 0, sizeof(tBTA_DM_ENABLE)); 258 enable_event.status = BTA_FAILURE; 259 if (p_data->enable.p_sec_cback != NULL) 260 p_data->enable.p_sec_cback(BTA_DM_ENABLE_EVT, (tBTA_DM_SEC *)&enable_event); 261 return; 262 } 263 264 /* first, register our callback to SYS HW manager */ 265 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback ); 266 267 /* make sure security callback is saved - if no callback, do not erase the previous one, 268 it could be an error recovery mechanism */ 269 if( p_data->enable.p_sec_cback != NULL ) 270 bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback; 271 /* notify BTA DM is now active */ 272 bta_dm_cb.is_bta_dm_active = TRUE; 273 274 /* send a message to BTA SYS */ 275 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL) 276 { 277 sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT; 278 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH; 279 280 bta_sys_sendmsg(sys_enable_event); 281 } 282 } 283 284 /******************************************************************************* 285 ** 286 ** Function bta_dm_sys_hw_cback 287 ** 288 ** Description callback register to SYS to get HW status updates 289 ** 290 ** 291 ** Returns void 292 ** 293 *******************************************************************************/ 294 static void bta_dm_sys_hw_cback( tBTA_SYS_HW_EVT status ) 295 { 296 DEV_CLASS dev_class; 297 tBTA_DM_SEC_CBACK *temp_cback; 298 #if BLE_INCLUDED == TRUE 299 UINT8 key_mask = 0; 300 BT_OCTET16 er; 301 tBTA_BLE_LOCAL_ID_KEYS id_key; 302 #endif 303 304 APPL_TRACE_DEBUG("%s with event: %i", __func__, status); 305 306 /* On H/W error evt, report to the registered DM application callback */ 307 if (status == BTA_SYS_HW_ERROR_EVT) { 308 if( bta_dm_cb.p_sec_cback != NULL ) 309 bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL); 310 return; 311 } 312 313 if( status == BTA_SYS_HW_OFF_EVT ) 314 { 315 if( bta_dm_cb.p_sec_cback != NULL ) 316 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL); 317 318 /* reinitialize the control block */ 319 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb)); 320 321 /* unregister from SYS */ 322 bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH ); 323 /* notify BTA DM is now unactive */ 324 bta_dm_cb.is_bta_dm_active = FALSE; 325 } 326 else 327 if( status == BTA_SYS_HW_ON_EVT ) 328 { 329 /* FIXME: We should not unregister as the SYS shall invoke this callback on a H/W error. 330 * We need to revisit when this platform has more than one BLuetooth H/W chip */ 331 //bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH); 332 333 /* save security callback */ 334 temp_cback = bta_dm_cb.p_sec_cback; 335 /* make sure the control block is properly initialized */ 336 memset(&bta_dm_cb, 0, sizeof(bta_dm_cb)); 337 /* and retrieve the callback */ 338 bta_dm_cb.p_sec_cback=temp_cback; 339 bta_dm_cb.is_bta_dm_active = TRUE; 340 341 /* hw is ready, go on with BTA DM initialization */ 342 memset(&bta_dm_search_cb, 0x00, sizeof(bta_dm_search_cb)); 343 memset(&bta_dm_conn_srvcs, 0x00, sizeof(bta_dm_conn_srvcs)); 344 memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB)); 345 346 memcpy(dev_class, p_bta_dm_cfg->dev_class, sizeof(dev_class)); 347 BTM_SetDeviceClass (dev_class); 348 349 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE) 350 /* load BLE local information: ID keys, ER if available */ 351 bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key); 352 353 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER) 354 { 355 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER, (tBTM_BLE_LOCAL_KEYS *)&er); 356 } 357 if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID) 358 { 359 BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID, (tBTM_BLE_LOCAL_KEYS *)&id_key); 360 } 361 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 362 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID; 363 #endif 364 #endif 365 366 BTM_SecRegister((tBTM_APPL_INFO*)&bta_security); 367 BTM_SetDefaultLinkSuperTout(p_bta_dm_cfg->link_timeout); 368 BTM_WritePageTimeout(p_bta_dm_cfg->page_timeout); 369 bta_dm_cb.cur_policy = p_bta_dm_cfg->policy_settings; 370 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy); 371 BTM_RegBusyLevelNotif (bta_dm_bl_change_cback, NULL, BTM_BL_UPDATE_MASK|BTM_BL_ROLE_CHG_MASK); 372 373 #if BLE_VND_INCLUDED == TRUE 374 BTM_BleReadControllerFeatures (bta_dm_ctrl_features_rd_cmpl_cback); 375 #endif 376 377 /* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the bd_addr 378 from the control block and invoking the callback which was sending the DM_ENABLE_EVT. 379 But then we have a few HCI commands being invoked above which were still in progress 380 when the ENABLE_EVT was sent. So modified this to fetch the local name which forces 381 the DM_ENABLE_EVT to be sent only after all the init steps are complete */ 382 BTM_ReadLocalDeviceNameFromController((tBTM_CMPL_CB *)bta_dm_local_name_cback); 383 384 bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback); 385 386 /* initialize bluetooth low power manager */ 387 bta_dm_init_pm(); 388 389 bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback); 390 391 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 392 bta_dm_gattc_register(); 393 #endif 394 395 } 396 else 397 APPL_TRACE_DEBUG(" --- ignored event"); 398 399 } 400 401 402 /******************************************************************************* 403 ** 404 ** Function bta_dm_disable 405 ** 406 ** Description Disables the BT device manager 407 ** 408 ** 409 ** Returns void 410 ** 411 *******************************************************************************/ 412 void bta_dm_disable (tBTA_DM_MSG *p_data) 413 { 414 UNUSED(p_data); 415 416 /* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after last channel is closed) */ 417 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0, BT_TRANSPORT_BR_EDR); 418 L2CA_SetIdleTimeoutByBdAddr((UINT8 *)BT_BD_ANY, 0, BT_TRANSPORT_LE); 419 420 /* disable all active subsystems */ 421 bta_sys_disable(BTA_SYS_HW_BLUETOOTH); 422 423 BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0); 424 BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0); 425 426 bta_dm_disable_pm(); 427 bta_dm_disable_search_and_disc(); 428 bta_dm_cb.disabling = TRUE; 429 430 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 431 BTM_BleClearBgConnDev(); 432 #endif 433 434 if(BTM_GetNumAclLinks()==0) 435 { 436 #if (defined(BTA_DISABLE_DELAY) && BTA_DISABLE_DELAY > 0) 437 /* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the shutdown by 438 * BTA_DISABLE_DELAY milliseconds 439 */ 440 APPL_TRACE_WARNING("%s BTA_DISABLE_DELAY set to %d ms", 441 __FUNCTION__, BTA_DISABLE_DELAY); 442 bta_sys_stop_timer(&bta_dm_cb.disable_timer); 443 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback; 444 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, BTA_DISABLE_DELAY); 445 #else 446 bta_dm_disable_conn_down_timer_cback(NULL); 447 #endif 448 } 449 else 450 { 451 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback; 452 bta_dm_cb.disable_timer.param = 0; 453 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 5000); 454 } 455 456 } 457 458 /******************************************************************************* 459 ** 460 ** Function bta_dm_disable_timer_cback 461 ** 462 ** Description Called if the disable timer expires 463 ** Used to close ACL connections which are still active 464 ** 465 ** 466 ** 467 ** Returns void 468 ** 469 *******************************************************************************/ 470 static void bta_dm_disable_timer_cback (TIMER_LIST_ENT *p_tle) 471 { 472 UNUSED(p_tle); 473 UINT8 i; 474 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR; 475 BOOLEAN trigger_disc = FALSE; 476 477 478 APPL_TRACE_EVENT(" bta_dm_disable_timer_cback trial %d ", p_tle->param); 479 480 if(BTM_GetNumAclLinks() && p_tle->param == 0) 481 { 482 for(i=0; i<bta_dm_cb.device_list.count; i++) 483 { 484 #if (BLE_INCLUDED == TRUE) 485 transport = bta_dm_cb.device_list.peer_device[i].transport; 486 #endif 487 btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr, transport); 488 trigger_disc = TRUE; 489 } 490 491 /* Retrigger disable timer in case ACL disconnect failed, DISABLE_EVT still need 492 to be sent out to avoid jave layer disable timeout */ 493 if (trigger_disc) 494 { 495 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_timer_cback; 496 bta_dm_cb.disable_timer.param = 1; 497 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1500); 498 } 499 } 500 else 501 { 502 bta_dm_cb.disabling = FALSE; 503 504 bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION); 505 bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL); 506 } 507 } 508 509 510 511 512 /******************************************************************************* 513 ** 514 ** Function bta_dm_set_dev_name 515 ** 516 ** Description Sets local device name 517 ** 518 ** 519 ** Returns void 520 ** 521 *******************************************************************************/ 522 void bta_dm_set_dev_name (tBTA_DM_MSG *p_data) 523 { 524 525 BTM_SetLocalDeviceName((char*)p_data->set_name.name); 526 bta_dm_set_eir ((char*)p_data->set_name.name); 527 } 528 529 /******************************************************************************* 530 ** 531 ** Function bta_dm_set_visibility 532 ** 533 ** Description Sets discoverability, connectability and pairability 534 ** 535 ** 536 ** Returns void 537 ** 538 *******************************************************************************/ 539 void bta_dm_set_visibility(tBTA_DM_MSG *p_data) 540 { 541 UINT16 window, interval; 542 UINT16 le_disc_mode = BTM_BleReadDiscoverability(); 543 UINT16 disc_mode = BTM_ReadDiscoverability(&window, &interval); 544 UINT16 le_conn_mode = BTM_BleReadConnectability(); 545 UINT16 conn_mode = BTM_ReadConnectability(&window, &interval); 546 547 /* set modes for Discoverability and connectability if not ignore */ 548 if (p_data->set_visibility.disc_mode != (BTA_DM_IGNORE | BTA_DM_LE_IGNORE)) 549 { 550 if ((p_data->set_visibility.disc_mode & BTA_DM_LE_IGNORE) == BTA_DM_LE_IGNORE) 551 p_data->set_visibility.disc_mode = 552 ((p_data->set_visibility.disc_mode & ~BTA_DM_LE_IGNORE) | le_disc_mode); 553 554 if ((p_data->set_visibility.disc_mode & BTA_DM_IGNORE) == BTA_DM_IGNORE) 555 p_data->set_visibility.disc_mode = 556 ((p_data->set_visibility.disc_mode & ~BTA_DM_IGNORE) | disc_mode); 557 558 BTM_SetDiscoverability(p_data->set_visibility.disc_mode, 559 bta_dm_cb.inquiry_scan_window, 560 bta_dm_cb.inquiry_scan_interval); 561 } 562 563 if (p_data->set_visibility.conn_mode != (BTA_DM_IGNORE | BTA_DM_LE_IGNORE)) 564 { 565 if ((p_data->set_visibility.conn_mode & BTA_DM_LE_IGNORE) == BTA_DM_LE_IGNORE) 566 p_data->set_visibility.conn_mode = 567 ((p_data->set_visibility.conn_mode & ~BTA_DM_LE_IGNORE) | le_conn_mode); 568 569 if ((p_data->set_visibility.conn_mode & BTA_DM_IGNORE) == BTA_DM_IGNORE) 570 p_data->set_visibility.conn_mode = 571 ((p_data->set_visibility.conn_mode & ~BTA_DM_IGNORE) | conn_mode); 572 573 BTM_SetConnectability(p_data->set_visibility.conn_mode, 574 bta_dm_cb.page_scan_window, 575 bta_dm_cb.page_scan_interval); 576 } 577 578 /* Send False or True if not ignore */ 579 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE ) 580 { 581 582 if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE) 583 bta_dm_cb.disable_pair_mode = TRUE; 584 else 585 bta_dm_cb.disable_pair_mode = FALSE; 586 587 } 588 589 /* Send False or True if not ignore */ 590 if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE) 591 { 592 593 if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL) 594 bta_dm_cb.conn_paired_only = FALSE; 595 else 596 bta_dm_cb.conn_paired_only = TRUE; 597 598 } 599 600 /* Change mode if either mode is not ignore */ 601 if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE || p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE) 602 BTM_SetPairableMode((BOOLEAN)(!(bta_dm_cb.disable_pair_mode)),bta_dm_cb.conn_paired_only); 603 604 } 605 606 /******************************************************************************* 607 ** 608 ** Function bta_dm_process_remove_device 609 ** 610 ** Description Removes device, Disconnects ACL link if required. 611 **** 612 *******************************************************************************/ 613 void bta_dm_process_remove_device(BD_ADDR bd_addr) 614 { 615 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 616 /* need to remove all pending background connection before unpair */ 617 BTA_GATTC_CancelOpen(0, bd_addr, FALSE); 618 #endif 619 620 BTM_SecDeleteDevice(bd_addr); 621 622 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 623 /* remove all cached GATT information */ 624 BTA_GATTC_Refresh(bd_addr); 625 #endif 626 627 if (bta_dm_cb.p_sec_cback) 628 { 629 tBTA_DM_SEC sec_event; 630 bdcpy(sec_event.link_down.bd_addr, bd_addr); 631 /* No connection, set status to success (acl disc code not valid) */ 632 sec_event.link_down.status = HCI_SUCCESS; 633 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event); 634 } 635 } 636 637 /******************************************************************************* 638 ** 639 ** Function bta_dm_remove_device 640 ** 641 ** Description Removes device, disconnects ACL link if required. 642 **** 643 *******************************************************************************/ 644 void bta_dm_remove_device(tBTA_DM_MSG *p_data) 645 { 646 tBTA_DM_API_REMOVE_DEVICE *p_dev = &p_data->remove_dev; 647 if (p_dev == NULL) 648 return; 649 650 BD_ADDR other_address; 651 bdcpy(other_address, p_dev->bd_addr); 652 653 /* If ACL exists for the device in the remove_bond message*/ 654 BOOLEAN continue_delete_dev = FALSE; 655 UINT8 other_transport = BT_TRANSPORT_INVALID; 656 657 if (BTM_IsAclConnectionUp(p_dev->bd_addr, BT_TRANSPORT_LE) || 658 BTM_IsAclConnectionUp(p_dev->bd_addr, BT_TRANSPORT_BR_EDR)) 659 { 660 APPL_TRACE_DEBUG("%s: ACL Up count %d", __func__, bta_dm_cb.device_list.count); 661 continue_delete_dev = FALSE; 662 663 /* Take the link down first, and mark the device for removal when disconnected */ 664 for(int i=0; i < bta_dm_cb.device_list.count; i++) 665 { 666 if (!bdcmp(bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_dev->bd_addr)) 667 { 668 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING; 669 btm_remove_acl( p_dev->bd_addr, bta_dm_cb.device_list.peer_device[i].transport); 670 APPL_TRACE_DEBUG("%s:transport = %d", __func__, 671 bta_dm_cb.device_list.peer_device[i].transport); 672 673 /* save the other transport to check if device is connected on other_transport */ 674 if(bta_dm_cb.device_list.peer_device[i].transport == BT_TRANSPORT_LE) 675 other_transport = BT_TRANSPORT_BR_EDR; 676 else 677 other_transport = BT_TRANSPORT_LE; 678 break; 679 } 680 } 681 } 682 else 683 { 684 continue_delete_dev = TRUE; 685 } 686 687 // If it is DUMO device and device is paired as different address, unpair that device 688 // if different address 689 BOOLEAN continue_delete_other_dev = FALSE; 690 if ((other_transport && (BTM_ReadConnectedTransportAddress(other_address, other_transport))) || 691 (!other_transport && (BTM_ReadConnectedTransportAddress(other_address, BT_TRANSPORT_BR_EDR) || 692 BTM_ReadConnectedTransportAddress(other_address, BT_TRANSPORT_LE)))) 693 { 694 continue_delete_other_dev = FALSE; 695 /* Take the link down first, and mark the device for removal when disconnected */ 696 for(int i=0; i < bta_dm_cb.device_list.count; i++) 697 { 698 if (!bdcmp(bta_dm_cb.device_list.peer_device[i].peer_bdaddr, other_address)) 699 { 700 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING; 701 btm_remove_acl(other_address,bta_dm_cb.device_list.peer_device[i].transport); 702 break; 703 } 704 } 705 } 706 else 707 { 708 APPL_TRACE_DEBUG("%s: continue to delete the other dev ", __func__); 709 continue_delete_other_dev = TRUE; 710 } 711 712 /* Delete the device mentioned in the msg */ 713 if (continue_delete_dev) 714 bta_dm_process_remove_device(p_dev->bd_addr); 715 716 /* Delete the other paired device too */ 717 BD_ADDR dummy_bda = {0}; 718 if (continue_delete_other_dev && (bdcmp(other_address, dummy_bda) != 0)) 719 bta_dm_process_remove_device(other_address); 720 } 721 722 /******************************************************************************* 723 ** 724 ** Function bta_dm_add_device 725 ** 726 ** Description This function adds a Link Key to an security database entry. 727 ** It is normally called during host startup to restore all required information 728 ** stored in the NVRAM. 729 **** 730 *******************************************************************************/ 731 void bta_dm_add_device (tBTA_DM_MSG *p_data) 732 { 733 tBTA_DM_API_ADD_DEVICE *p_dev = &p_data->add_dev; 734 UINT8 *p_dc = NULL; 735 UINT8 *p_lc = NULL; 736 UINT32 trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE]; 737 UINT8 index = 0; 738 UINT8 btm_mask_index = 0; 739 740 memset (trusted_services_mask, 0, sizeof(trusted_services_mask)); 741 742 /* If not all zeros, the device class has been specified */ 743 if (p_dev->dc_known) 744 p_dc = (UINT8 *)p_dev->dc; 745 746 if (p_dev->link_key_known) 747 p_lc = (UINT8 *)p_dev->link_key; 748 749 if (p_dev->is_trusted) 750 { 751 /* covert BTA service mask to BTM mask */ 752 while (p_dev->tm && (index < BTA_MAX_SERVICE_ID)) 753 { 754 if (p_dev->tm & (UINT32)(1<<index)) 755 { 756 757 btm_mask_index = bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS; 758 trusted_services_mask[btm_mask_index] |= (UINT32)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] - (UINT32)(btm_mask_index * 32))); 759 760 p_dev->tm &= (UINT32)(~(1<<index)); 761 762 } 763 index++; 764 } 765 } 766 767 if (!BTM_SecAddDevice (p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features, 768 trusted_services_mask, p_lc, p_dev->key_type, p_dev->io_cap, 769 p_dev->pin_length)) 770 { 771 APPL_TRACE_ERROR ("BTA_DM: Error adding device %08x%04x", 772 (p_dev->bd_addr[0]<<24)+(p_dev->bd_addr[1]<<16)+(p_dev->bd_addr[2]<<8)+p_dev->bd_addr[3], 773 (p_dev->bd_addr[4]<<8)+p_dev->bd_addr[5]); 774 } 775 } 776 777 /******************************************************************************* 778 ** 779 ** Function bta_dm_close_acl 780 ** 781 ** Description This function forces to close the connection to a remote device 782 ** and optionaly remove the device from security database if 783 ** required. 784 **** 785 *******************************************************************************/ 786 void bta_dm_close_acl(tBTA_DM_MSG *p_data) 787 { 788 tBTA_DM_API_REMOVE_ACL *p_remove_acl = &p_data->remove_acl; 789 UINT8 index; 790 791 APPL_TRACE_DEBUG("bta_dm_close_acl"); 792 793 if (BTM_IsAclConnectionUp(p_remove_acl->bd_addr, p_remove_acl->transport)) 794 { 795 for (index = 0; index < bta_dm_cb.device_list.count; index ++) 796 { 797 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, p_remove_acl->bd_addr)) 798 break; 799 } 800 if (index != bta_dm_cb.device_list.count) 801 { 802 if (p_remove_acl->remove_dev) 803 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE; 804 } 805 else 806 { 807 APPL_TRACE_ERROR("unknown device, remove ACL failed"); 808 } 809 /* Disconnect the ACL link */ 810 btm_remove_acl(p_remove_acl->bd_addr, p_remove_acl->transport); 811 } 812 /* if to remove the device from security database ? do it now */ 813 else if (p_remove_acl->remove_dev) 814 { 815 if (!BTM_SecDeleteDevice(p_remove_acl->bd_addr)) 816 { 817 APPL_TRACE_ERROR("delete device from security database failed."); 818 } 819 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 820 /* need to remove all pending background connection if any */ 821 BTA_GATTC_CancelOpen(0, p_remove_acl->bd_addr, FALSE); 822 /* remove all cached GATT information */ 823 BTA_GATTC_Refresh(p_remove_acl->bd_addr); 824 #endif 825 } 826 /* otherwise, no action needed */ 827 828 } 829 830 /******************************************************************************* 831 ** 832 ** Function bta_dm_remove_all_acl 833 ** 834 ** Description This function forces to close all the ACL links specified by link type 835 **** 836 *******************************************************************************/ 837 void bta_dm_remove_all_acl(tBTA_DM_MSG *p_data) 838 { 839 const tBTA_DM_LINK_TYPE link_type = p_data->remove_all_acl.link_type; 840 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR; 841 842 APPL_TRACE_DEBUG("%s link type = %d", __func__, link_type); 843 844 for (UINT8 i=0; i < bta_dm_cb.device_list.count; i++) 845 { 846 BD_ADDR addr = {0}; 847 bdcpy(addr, bta_dm_cb.device_list.peer_device[i].peer_bdaddr); 848 #if defined (BLE_INCLUDED) && (BLE_INCLUDED == TRUE) 849 transport = bta_dm_cb.device_list.peer_device[i].transport; 850 #endif 851 if ((link_type == BTA_DM_LINK_TYPE_ALL) || 852 ((link_type == BTA_DM_LINK_TYPE_LE) && (transport == BT_TRANSPORT_LE)) || 853 ((link_type == BTA_DM_LINK_TYPE_BR_EDR) && (transport == BT_TRANSPORT_BR_EDR))) 854 { 855 /* Disconnect the ACL link */ 856 btm_remove_acl(addr, transport); 857 } 858 } 859 } 860 861 862 /******************************************************************************* 863 ** 864 ** Function bta_dm_bond 865 ** 866 ** Description Bonds with peer device 867 ** 868 ** 869 ** Returns void 870 ** 871 *******************************************************************************/ 872 void bta_dm_bond (tBTA_DM_MSG *p_data) 873 { 874 tBTM_STATUS status; 875 tBTA_DM_SEC sec_event; 876 char *p_name; 877 878 if (p_data->bond.transport == BTA_TRANSPORT_UNKNOWN) 879 status = BTM_SecBond ( p_data->bond.bd_addr, 0, NULL, 0 ); 880 else 881 status = BTM_SecBondByTransport ( p_data->bond.bd_addr, p_data->bond.transport, 0, NULL, 0 ); 882 883 884 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED)) 885 { 886 887 memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); 888 bdcpy(sec_event.auth_cmpl.bd_addr, p_data->bond.bd_addr); 889 p_name = BTM_SecReadDevName(p_data->bond.bd_addr); 890 if (p_name != NULL) 891 { 892 memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN-1)); 893 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0; 894 } 895 896 /* taken care of by memset [above] 897 sec_event.auth_cmpl.key_present = FALSE; 898 sec_event.auth_cmpl.success = FALSE; 899 */ 900 sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND; 901 if (status == BTM_SUCCESS) 902 { 903 sec_event.auth_cmpl.success = TRUE; 904 } 905 else 906 { 907 /* delete this device entry from Sec Dev DB */ 908 bta_dm_remove_sec_dev_entry(p_data->bond.bd_addr); 909 } 910 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); 911 } 912 913 } 914 915 /******************************************************************************* 916 ** 917 ** Function bta_dm_bond_cancel 918 ** 919 ** Description Cancels bonding with a peer device 920 ** 921 ** 922 ** Returns void 923 ** 924 *******************************************************************************/ 925 void bta_dm_bond_cancel (tBTA_DM_MSG *p_data) 926 { 927 tBTM_STATUS status; 928 tBTA_DM_SEC sec_event; 929 930 APPL_TRACE_EVENT(" bta_dm_bond_cancel "); 931 status = BTM_SecBondCancel ( p_data->bond_cancel.bd_addr ); 932 933 if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED && status != BTM_SUCCESS)) 934 { 935 sec_event.bond_cancel_cmpl.result = BTA_FAILURE; 936 937 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event); 938 } 939 940 } 941 942 /******************************************************************************* 943 ** 944 ** Function bta_dm_pin_reply 945 ** 946 ** Description Send the pin_reply to a request from BTM 947 ** 948 ** 949 ** Returns void 950 ** 951 *******************************************************************************/ 952 void bta_dm_pin_reply (tBTA_DM_MSG *p_data) 953 { 954 UINT32 trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE]; 955 UINT32 * current_trusted_mask; 956 957 current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr); 958 959 if(current_trusted_mask) 960 { 961 memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask)); 962 } 963 else 964 { 965 memset(trusted_mask, 0, sizeof(trusted_mask)); 966 } 967 968 if(p_data->pin_reply.accept) 969 { 970 971 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS, p_data->pin_reply.pin_len, p_data->pin_reply.p_pin, trusted_mask ); 972 } 973 else 974 { 975 BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL, trusted_mask ); 976 } 977 978 } 979 980 /******************************************************************************* 981 ** 982 ** Function bta_dm_policy_cback 983 ** 984 ** Description process the link policy changes 985 ** 986 ** Returns void 987 ** 988 *******************************************************************************/ 989 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr) 990 { 991 tBTA_DM_PEER_DEVICE *p_dev = NULL; 992 UINT16 policy = app_id; 993 UINT32 mask = (UINT32)(1 << id); 994 995 if(peer_addr) 996 p_dev = bta_dm_find_peer_device(peer_addr); 997 998 APPL_TRACE_DEBUG(" bta_dm_policy_cback cmd:%d, policy:0x%x", 999 status, policy); 1000 switch(status) 1001 { 1002 case BTA_SYS_PLCY_SET: 1003 if(!p_dev) 1004 return; 1005 /* restore the default link policy */ 1006 p_dev->link_policy |= policy; 1007 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy)); 1008 break; 1009 1010 case BTA_SYS_PLCY_CLR: 1011 if(!p_dev) 1012 return; 1013 /* clear the policy from the default link policy */ 1014 p_dev->link_policy &= (~policy); 1015 BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy)); 1016 1017 if(policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE)) 1018 { 1019 /* if clearing sniff/park, wake the link */ 1020 bta_dm_pm_active(p_dev->peer_bdaddr); 1021 } 1022 break; 1023 1024 case BTA_SYS_PLCY_DEF_SET: 1025 /* want to restore/set the role switch policy */ 1026 bta_dm_cb.role_policy_mask &= ~mask; 1027 if(0 == bta_dm_cb.role_policy_mask) 1028 { 1029 /* if nobody wants to insist on the role */ 1030 bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH; 1031 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy); 1032 } 1033 break; 1034 1035 case BTA_SYS_PLCY_DEF_CLR: 1036 /* want to remove the role switch policy */ 1037 bta_dm_cb.role_policy_mask |= mask; 1038 bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH; 1039 BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy); 1040 break; 1041 } 1042 } 1043 1044 /******************************************************************************* 1045 ** 1046 ** Function bta_dm_confirm 1047 ** 1048 ** Description Send the user confirm request reply in response to a 1049 ** request from BTM 1050 ** 1051 ** Returns void 1052 ** 1053 *******************************************************************************/ 1054 void bta_dm_confirm(tBTA_DM_MSG *p_data) 1055 { 1056 tBTM_STATUS res = BTM_NOT_AUTHORIZED; 1057 1058 if(p_data->confirm.accept == TRUE) 1059 res = BTM_SUCCESS; 1060 BTM_ConfirmReqReply(res, p_data->confirm.bd_addr); 1061 } 1062 1063 /******************************************************************************* 1064 ** 1065 ** Function bta_dm_loc_oob 1066 ** 1067 ** Description Retrieve the OOB data from the local LM 1068 ** 1069 ** Returns void 1070 ** 1071 *******************************************************************************/ 1072 #if (BTM_OOB_INCLUDED == TRUE) 1073 void bta_dm_loc_oob(tBTA_DM_MSG *p_data) 1074 { 1075 UNUSED(p_data); 1076 BTM_ReadLocalOobData(); 1077 } 1078 1079 /******************************************************************************* 1080 ** 1081 ** Function bta_dm_ci_io_req_act 1082 ** 1083 ** Description respond to the IO capabilities request from BTM 1084 ** 1085 ** Returns void 1086 ** 1087 *******************************************************************************/ 1088 void bta_dm_ci_io_req_act(tBTA_DM_MSG *p_data) 1089 { 1090 tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO; 1091 if(p_data->ci_io_req.auth_req) 1092 auth_req = BTM_AUTH_AP_YES; 1093 BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap, 1094 p_data->ci_io_req.oob_data, auth_req); 1095 } 1096 1097 /******************************************************************************* 1098 ** 1099 ** Function bta_dm_ci_rmt_oob_act 1100 ** 1101 ** Description respond to the OOB data request for the remote device from BTM 1102 ** 1103 ** 1104 ** Returns void 1105 ** 1106 *******************************************************************************/ 1107 void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG *p_data) 1108 { 1109 tBTM_STATUS res = BTM_NOT_AUTHORIZED; 1110 1111 if(p_data->ci_rmt_oob.accept == TRUE) 1112 res = BTM_SUCCESS; 1113 BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr, 1114 p_data->ci_rmt_oob.c, p_data->ci_rmt_oob.r ); 1115 } 1116 #endif /* BTM_OOB_INCLUDED */ 1117 1118 /******************************************************************************* 1119 ** 1120 ** Function bta_dm_search_start 1121 ** 1122 ** Description Starts an inquiry 1123 ** 1124 ** 1125 ** Returns void 1126 ** 1127 *******************************************************************************/ 1128 void bta_dm_search_start (tBTA_DM_MSG *p_data) 1129 { 1130 tBTM_INQUIRY_CMPL result; 1131 1132 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 1133 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->search.num_uuid); 1134 bta_dm_gattc_register(); 1135 #endif 1136 1137 APPL_TRACE_DEBUG("%s avoid_scatter=%d", __func__, p_bta_dm_cfg->avoid_scatter); 1138 1139 if (p_bta_dm_cfg->avoid_scatter && 1140 (p_data->search.rs_res == BTA_DM_RS_NONE) && bta_dm_check_av(BTA_DM_API_SEARCH_EVT)) 1141 { 1142 memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH)); 1143 return; 1144 } 1145 1146 BTM_ClearInqDb(NULL); 1147 /* save search params */ 1148 bta_dm_search_cb.p_search_cback = p_data->search.p_cback; 1149 bta_dm_search_cb.services = p_data->search.services; 1150 1151 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 1152 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid); 1153 1154 if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 && 1155 p_data->search.p_uuid != NULL) 1156 { 1157 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL) 1158 { 1159 APPL_TRACE_ERROR("%s no resources", __func__); 1160 1161 result.status = BTA_FAILURE; 1162 result.num_resp = 0; 1163 bta_dm_inq_cmpl_cb ((void *)&result); 1164 return; 1165 } 1166 1167 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len); 1168 } 1169 #endif 1170 result.status = BTM_StartInquiry( (tBTM_INQ_PARMS*)&p_data->search.inq_params, 1171 bta_dm_inq_results_cb, 1172 (tBTM_CMPL_CB*) bta_dm_inq_cmpl_cb); 1173 1174 APPL_TRACE_EVENT("%s status=%d", __func__, result.status); 1175 if (result.status != BTM_CMD_STARTED) 1176 { 1177 result.num_resp = 0; 1178 bta_dm_inq_cmpl_cb ((void *)&result); 1179 } 1180 } 1181 1182 /******************************************************************************* 1183 ** 1184 ** Function bta_dm_search_cancel 1185 ** 1186 ** Description Cancels an ongoing search for devices 1187 ** 1188 ** 1189 ** Returns void 1190 ** 1191 *******************************************************************************/ 1192 void bta_dm_search_cancel (tBTA_DM_MSG *p_data) 1193 { 1194 UNUSED(p_data); 1195 tBTA_DM_MSG * p_msg; 1196 1197 if (BTM_IsInquiryActive()) 1198 { 1199 if (BTM_CancelInquiry() != BTM_CMD_STARTED) 1200 { 1201 bta_dm_search_cancel_notify(NULL); 1202 p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG)); 1203 if (p_msg != NULL) 1204 { 1205 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1206 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1207 bta_sys_sendmsg(p_msg); 1208 } 1209 } else { 1210 /* flag a search cancel is pending */ 1211 bta_dm_search_cb.cancel_pending = TRUE; 1212 } 1213 } 1214 /* If no Service Search going on then issue cancel remote name in case it is active */ 1215 else if (!bta_dm_search_cb.name_discover_done) 1216 { 1217 BTM_CancelRemoteDeviceName(); 1218 1219 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1220 { 1221 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1222 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1223 bta_sys_sendmsg(p_msg); 1224 } 1225 1226 } 1227 else { 1228 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1229 { 1230 p_msg->hdr.event = BTA_DM_INQUIRY_CMPL_EVT; 1231 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1232 bta_sys_sendmsg(p_msg); 1233 } 1234 } 1235 1236 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1237 if (bta_dm_search_cb.gatt_disc_active) 1238 { 1239 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 1240 } 1241 #endif 1242 } 1243 1244 /******************************************************************************* 1245 ** 1246 ** Function bta_dm_discover 1247 ** 1248 ** Description Discovers services on a remote device 1249 ** 1250 ** 1251 ** Returns void 1252 ** 1253 *******************************************************************************/ 1254 void bta_dm_discover (tBTA_DM_MSG *p_data) 1255 { 1256 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1257 UINT16 len = (UINT16)(sizeof(tBT_UUID) * p_data->discover.num_uuid); 1258 #endif 1259 APPL_TRACE_EVENT("%s services_to_search=0x%04X, sdp_search=%d", __func__, 1260 p_data->discover.services, p_data->discover.sdp_search); 1261 1262 /* save the search condition */ 1263 bta_dm_search_cb.services = p_data->discover.services; 1264 1265 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1266 bta_dm_gattc_register(); 1267 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid); 1268 if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 && 1269 p_data->discover.p_uuid != NULL) 1270 { 1271 if ((bta_dm_search_cb.p_srvc_uuid = (tBT_UUID *)GKI_getbuf(len)) == NULL) 1272 { 1273 p_data->discover.p_cback(BTA_DM_DISC_CMPL_EVT, NULL); 1274 return; 1275 } 1276 memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len); 1277 } 1278 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid; 1279 #endif 1280 1281 bta_dm_search_cb.p_search_cback = p_data->discover.p_cback; 1282 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search; 1283 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services; 1284 bta_dm_search_cb.service_index = 0; 1285 bta_dm_search_cb.services_found = 0; 1286 bta_dm_search_cb.peer_name[0] = 0; 1287 bta_dm_search_cb.sdp_search = p_data->discover.sdp_search; 1288 bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead (p_data->discover.bd_addr); 1289 bta_dm_search_cb.transport = p_data->discover.transport; 1290 1291 bta_dm_search_cb.name_discover_done = FALSE; 1292 memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID)); 1293 bta_dm_discover_device(p_data->discover.bd_addr); 1294 } 1295 1296 /******************************************************************************* 1297 ** 1298 ** Function bta_dm_di_disc_cmpl 1299 ** 1300 ** Description Sends event to application when DI discovery complete 1301 ** 1302 ** Returns void 1303 ** 1304 *******************************************************************************/ 1305 void bta_dm_di_disc_cmpl(tBTA_DM_MSG *p_data) 1306 { 1307 tBTA_DM_DI_DISC_CMPL di_disc; 1308 1309 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL)); 1310 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr); 1311 1312 if((p_data->hdr.offset == SDP_SUCCESS) 1313 || (p_data->hdr.offset == SDP_DB_FULL)) 1314 { 1315 di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db); 1316 } 1317 else 1318 di_disc.result = BTA_FAILURE; 1319 1320 bta_dm_di_cb.p_di_db = NULL; 1321 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, (tBTA_DM_SEARCH *) &di_disc); 1322 } 1323 1324 /******************************************************************************* 1325 ** 1326 ** Function bta_dm_di_disc_callback 1327 ** 1328 ** Description This function queries a remote device for DI information. 1329 ** 1330 ** 1331 ** Returns void 1332 ** 1333 *******************************************************************************/ 1334 static void bta_dm_di_disc_callback(UINT16 result) 1335 { 1336 tBTA_DM_MSG * p_msg; 1337 1338 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1339 { 1340 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1341 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT; 1342 p_msg->hdr.offset = result; 1343 bta_sys_sendmsg(p_msg); 1344 } 1345 } 1346 1347 /******************************************************************************* 1348 ** 1349 ** Function bta_dm_disable_search_and_disc 1350 ** 1351 ** Description Cancels an ongoing search or discovery for devices in case of 1352 ** a Bluetooth disable 1353 ** 1354 ** 1355 ** Returns void 1356 ** 1357 *******************************************************************************/ 1358 static void bta_dm_disable_search_and_disc (void) 1359 { 1360 tBTA_DM_DI_DISC_CMPL di_disc; 1361 1362 if (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) 1363 bta_dm_search_cancel(NULL); 1364 1365 if (bta_dm_di_cb.p_di_db != NULL) 1366 { 1367 memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL)); 1368 bdcpy(di_disc.bd_addr, bta_dm_search_cb.peer_bdaddr); 1369 di_disc.result = BTA_FAILURE; 1370 1371 bta_dm_di_cb.p_di_db = NULL; 1372 bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, NULL); 1373 } 1374 } 1375 1376 /******************************************************************************* 1377 ** 1378 ** Function bta_dm_di_disc 1379 ** 1380 ** Description This function queries a remote device for DI information. 1381 ** 1382 ** 1383 ** Returns void 1384 ** 1385 *******************************************************************************/ 1386 void bta_dm_di_disc (tBTA_DM_MSG *p_data) 1387 { 1388 UINT16 result = BTA_FAILURE; 1389 tBTA_DM_MSG *p_msg; 1390 1391 bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback; 1392 bdcpy(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.bd_addr); 1393 bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db; 1394 1395 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL) 1396 { 1397 if ( SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db, 1398 p_data->di_disc.len, bta_dm_di_disc_callback) == SDP_SUCCESS) 1399 { 1400 result = BTA_SUCCESS; 1401 } 1402 } 1403 else 1404 { 1405 APPL_TRACE_ERROR("No buffer to start DI discovery"); 1406 } 1407 1408 if ( result == BTA_FAILURE && 1409 (p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1410 { 1411 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1412 p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT; 1413 p_data->hdr.offset = result; 1414 bta_sys_sendmsg(p_msg); 1415 } 1416 } 1417 1418 /******************************************************************************* 1419 ** 1420 ** Function bta_dm_read_remote_device_name 1421 ** 1422 ** Description Initiate to get remote device name 1423 ** 1424 ** Returns TRUE if started to get remote name 1425 ** 1426 *******************************************************************************/ 1427 static BOOLEAN bta_dm_read_remote_device_name (BD_ADDR bd_addr,tBT_TRANSPORT transport) 1428 { 1429 tBTM_STATUS btm_status; 1430 1431 APPL_TRACE_DEBUG("bta_dm_read_remote_device_name"); 1432 1433 bdcpy(bta_dm_search_cb.peer_bdaddr, bd_addr); 1434 bta_dm_search_cb.peer_name[0] = 0; 1435 1436 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr, 1437 (tBTM_CMPL_CB *) bta_dm_remname_cback, 1438 transport); 1439 1440 if ( btm_status == BTM_CMD_STARTED ) 1441 { 1442 APPL_TRACE_DEBUG("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is started"); 1443 1444 return (TRUE); 1445 } 1446 else if ( btm_status == BTM_BUSY ) 1447 { 1448 APPL_TRACE_DEBUG("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName is busy"); 1449 1450 /* Remote name discovery is on going now so BTM cannot notify through "bta_dm_remname_cback" */ 1451 /* adding callback to get notified that current reading remore name done */ 1452 BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 1453 1454 return (TRUE); 1455 } 1456 else 1457 { 1458 APPL_TRACE_WARNING("bta_dm_read_remote_device_name: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status); 1459 1460 return (FALSE); 1461 } 1462 } 1463 1464 /******************************************************************************* 1465 ** 1466 ** Function bta_dm_inq_cmpl 1467 ** 1468 ** Description Process the inquiry complete event from BTM 1469 ** 1470 ** Returns void 1471 ** 1472 *******************************************************************************/ 1473 void bta_dm_inq_cmpl (tBTA_DM_MSG *p_data) 1474 { 1475 tBTA_DM_MSG * p_msg; 1476 tBTA_DM_SEARCH data; 1477 1478 APPL_TRACE_DEBUG("bta_dm_inq_cmpl"); 1479 1480 data.inq_cmpl.num_resps = p_data->inq_cmpl.num; 1481 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data); 1482 1483 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst()) != NULL) 1484 { 1485 /* start name and service discovery from the first device on inquiry result */ 1486 bta_dm_search_cb.name_discover_done = FALSE; 1487 bta_dm_search_cb.peer_name[0] = 0; 1488 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr); 1489 } 1490 else 1491 { 1492 /* no devices, search complete */ 1493 bta_dm_search_cb.services = 0; 1494 1495 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1496 { 1497 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1498 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1499 bta_sys_sendmsg(p_msg); 1500 } 1501 } 1502 } 1503 1504 /******************************************************************************* 1505 ** 1506 ** Function bta_dm_rmt_name 1507 ** 1508 ** Description Process the remote name result from BTM 1509 ** 1510 ** Returns void 1511 ** 1512 *******************************************************************************/ 1513 void bta_dm_rmt_name (tBTA_DM_MSG *p_data) 1514 { 1515 APPL_TRACE_DEBUG("bta_dm_rmt_name"); 1516 1517 if( p_data->rem_name.result.disc_res.bd_name[0] && bta_dm_search_cb.p_btm_inq_info) 1518 { 1519 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = TRUE; 1520 } 1521 1522 bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr); 1523 } 1524 1525 /******************************************************************************* 1526 ** 1527 ** Function bta_dm_disc_rmt_name 1528 ** 1529 ** Description Process the remote name result from BTM when application 1530 ** wants to find the name for a bdaddr 1531 ** 1532 ** Returns void 1533 ** 1534 *******************************************************************************/ 1535 void bta_dm_disc_rmt_name (tBTA_DM_MSG *p_data) 1536 { 1537 tBTM_INQ_INFO *p_btm_inq_info; 1538 1539 APPL_TRACE_DEBUG("bta_dm_disc_rmt_name"); 1540 1541 p_btm_inq_info = BTM_InqDbRead (p_data->rem_name.result.disc_res.bd_addr); 1542 if( p_btm_inq_info ) 1543 { 1544 if( p_data->rem_name.result.disc_res.bd_name[0] ) 1545 { 1546 p_btm_inq_info->appl_knows_rem_name = TRUE; 1547 } 1548 } 1549 1550 bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr); 1551 } 1552 1553 /******************************************************************************* 1554 ** 1555 ** Function bta_dm_sdp_result 1556 ** 1557 ** Description Process the discovery result from sdp 1558 ** 1559 ** Returns void 1560 ** 1561 *******************************************************************************/ 1562 void bta_dm_sdp_result (tBTA_DM_MSG *p_data) 1563 { 1564 1565 tSDP_DISC_REC *p_sdp_rec = NULL; 1566 tBTA_DM_MSG *p_msg; 1567 BOOLEAN scn_found = FALSE; 1568 UINT16 service = 0xFFFF; 1569 tSDP_PROTOCOL_ELEM pe; 1570 1571 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1572 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid; 1573 tBTA_DM_SEARCH result; 1574 tBT_UUID service_uuid; 1575 #endif 1576 1577 UINT32 num_uuids = 0; 1578 UINT8 uuid_list[32][MAX_UUID_SIZE]; // assuming a max of 32 services 1579 1580 if((p_data->sdp_event.sdp_result == SDP_SUCCESS) 1581 || (p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH) 1582 || (p_data->sdp_event.sdp_result == SDP_DB_FULL)) 1583 { 1584 APPL_TRACE_DEBUG("sdp_result::0x%x", p_data->sdp_event.sdp_result); 1585 do 1586 { 1587 1588 p_sdp_rec = NULL; 1589 if( bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID+1) ) 1590 { 1591 p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db, &bta_dm_search_cb.uuid, p_sdp_rec); 1592 1593 if (p_sdp_rec && SDP_FindProtocolListElemInRec(p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe)) 1594 { 1595 bta_dm_search_cb.peer_scn = (UINT8) pe.params[0]; 1596 scn_found = TRUE; 1597 } 1598 } 1599 else 1600 { 1601 service = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1]; 1602 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec); 1603 } 1604 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1605 /* finished with BR/EDR services, now we check the result for GATT based service UUID */ 1606 if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID) 1607 { 1608 if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL) 1609 { 1610 p_uuid += (bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search); 1611 /* only support 16 bits UUID for now */ 1612 service = p_uuid->uu.uuid16; 1613 1614 } 1615 /* all GATT based services */ 1616 do 1617 { 1618 /* find a service record, report it */ 1619 p_sdp_rec = SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, 1620 0, p_sdp_rec); 1621 if (p_sdp_rec) 1622 { 1623 if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid)) 1624 { 1625 /* send result back to app now, one by one */ 1626 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 1627 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN)); 1628 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0; 1629 result.disc_ble_res.service.len = service_uuid.len; 1630 result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16; 1631 1632 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result); 1633 } 1634 } 1635 1636 if (bta_dm_search_cb.uuid_to_search > 0) 1637 break; 1638 1639 } while (p_sdp_rec); 1640 } 1641 else 1642 #endif 1643 { 1644 /* SDP_DB_FULL means some records with the 1645 required attributes were received */ 1646 if (((p_data->sdp_event.sdp_result == SDP_DB_FULL) && 1647 bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) || 1648 (p_sdp_rec != NULL)) 1649 { 1650 if (service != UUID_SERVCLASS_PNP_INFORMATION) 1651 { 1652 UINT16 tmp_svc = 0xFFFF; 1653 bta_dm_search_cb.services_found |= 1654 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index-1)); 1655 tmp_svc = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index-1]; 1656 /* Add to the list of UUIDs */ 1657 sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]); 1658 num_uuids++; 1659 } 1660 } 1661 } 1662 1663 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK && 1664 bta_dm_search_cb.services_to_search == 0) 1665 { 1666 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1667 if ( bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID && 1668 bta_dm_search_cb.uuid_to_search > 0) 1669 bta_dm_search_cb.uuid_to_search --; 1670 1671 if (bta_dm_search_cb.uuid_to_search == 0 || 1672 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID) 1673 #endif 1674 bta_dm_search_cb.service_index++; 1675 } 1676 else /* regular one service per search or PNP search */ 1677 break; 1678 1679 } 1680 while(bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID); 1681 1682 // GKI_freebuf(bta_dm_search_cb.p_sdp_db); 1683 // bta_dm_search_cb.p_sdp_db = NULL; 1684 APPL_TRACE_DEBUG("%s services_found = %04x", __FUNCTION__, 1685 bta_dm_search_cb.services_found); 1686 1687 /* Collect the 128-bit services here and put them into the list */ 1688 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK) 1689 { 1690 p_sdp_rec = NULL; 1691 do 1692 { 1693 tBT_UUID temp_uuid; 1694 /* find a service record, report it */ 1695 p_sdp_rec = SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec); 1696 if (p_sdp_rec) 1697 { 1698 if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid)) 1699 { 1700 memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE); 1701 num_uuids++; 1702 } 1703 } 1704 } while (p_sdp_rec); 1705 } 1706 /* if there are more services to search for */ 1707 if(bta_dm_search_cb.services_to_search) 1708 { 1709 /* Free up the p_sdp_db before checking the next one */ 1710 bta_dm_free_sdp_db(NULL); 1711 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr); 1712 } 1713 else 1714 { 1715 /* callbacks */ 1716 /* start next bd_addr if necessary */ 1717 1718 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 1719 1720 1721 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1722 { 1723 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 1724 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS; 1725 p_msg->disc_result.result.disc_res.p_raw_data = NULL; 1726 p_msg->disc_result.result.disc_res.raw_data_size = 0; 1727 p_msg->disc_result.result.disc_res.num_uuids = num_uuids; 1728 p_msg->disc_result.result.disc_res.p_uuid_list = NULL; 1729 if (num_uuids > 0) { 1730 p_msg->disc_result.result.disc_res.p_uuid_list = (UINT8*)GKI_getbuf(num_uuids*MAX_UUID_SIZE); 1731 if (p_msg->disc_result.result.disc_res.p_uuid_list) { 1732 memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list, 1733 num_uuids*MAX_UUID_SIZE); 1734 } else { 1735 p_msg->disc_result.result.disc_res.num_uuids = 0; 1736 APPL_TRACE_ERROR("%s: Unable to allocate memory for uuid_list", __func__); 1737 } 1738 } 1739 //copy the raw_data to the discovery result structure 1740 // 1741 1742 if ( bta_dm_search_cb.p_sdp_db != NULL && bta_dm_search_cb.p_sdp_db->raw_used != 0 && 1743 bta_dm_search_cb.p_sdp_db->raw_data != NULL) { 1744 APPL_TRACE_DEBUG( 1745 "%s raw_data used = 0x%x raw_data_ptr = 0x%x", __func__, 1746 bta_dm_search_cb.p_sdp_db->raw_used, 1747 bta_dm_search_cb.p_sdp_db->raw_data); 1748 1749 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.p_sdp_db->raw_used); 1750 if ( NULL != p_msg->disc_result.result.disc_res.p_raw_data ) { 1751 memcpy( p_msg->disc_result.result.disc_res.p_raw_data, 1752 bta_dm_search_cb.p_sdp_db->raw_data, 1753 bta_dm_search_cb.p_sdp_db->raw_used ); 1754 1755 p_msg->disc_result.result.disc_res.raw_data_size = 1756 bta_dm_search_cb.p_sdp_db->raw_used; 1757 1758 } else { 1759 APPL_TRACE_DEBUG("%s GKI Alloc failed to allocate %d bytes !!", __func__, 1760 bta_dm_search_cb.p_sdp_db->raw_used); 1761 } 1762 1763 bta_dm_search_cb.p_sdp_db->raw_data = NULL; //no need to free this - it is a global assigned. 1764 bta_dm_search_cb.p_sdp_db->raw_used = 0; 1765 bta_dm_search_cb.p_sdp_db->raw_size = 0; 1766 } 1767 else { 1768 APPL_TRACE_DEBUG("%s raw data size is 0 or raw_data is null!!", __func__); 1769 } 1770 /* Done with p_sdp_db. Free it */ 1771 bta_dm_free_sdp_db(NULL); 1772 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 1773 1774 //Piggy back the SCN over result field 1775 if( scn_found ) 1776 { 1777 p_msg->disc_result.result.disc_res.result = (3 + bta_dm_search_cb.peer_scn); 1778 p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK; 1779 1780 APPL_TRACE_EVENT(" Piggy back the SCN over result field SCN=%d", bta_dm_search_cb.peer_scn); 1781 1782 } 1783 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 1784 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 1785 bta_dm_get_remname(), (BD_NAME_LEN-1)); 1786 1787 /* make sure the string is null terminated */ 1788 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 1789 1790 bta_sys_sendmsg(p_msg); 1791 } 1792 } 1793 } else { 1794 /* conn failed. No need for timer */ 1795 if(p_data->sdp_event.sdp_result == SDP_CONN_FAILED || p_data->sdp_event.sdp_result == SDP_CONN_REJECTED 1796 || p_data->sdp_event.sdp_result == SDP_SECURITY_ERR) 1797 bta_dm_search_cb.wait_disc = FALSE; 1798 1799 /* not able to connect go to next device */ 1800 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 1801 bta_dm_search_cb.p_sdp_db = NULL; 1802 1803 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 1804 1805 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 1806 { 1807 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 1808 p_msg->disc_result.result.disc_res.result = BTA_FAILURE; 1809 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 1810 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 1811 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 1812 bta_dm_get_remname(), (BD_NAME_LEN-1)); 1813 1814 /* make sure the string is null terminated */ 1815 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 1816 1817 bta_sys_sendmsg(p_msg); 1818 } 1819 } 1820 } 1821 1822 /******************************************************************************* 1823 ** 1824 ** Function bta_dm_search_cmpl 1825 ** 1826 ** Description Sends event to application 1827 ** 1828 ** Returns void 1829 ** 1830 *******************************************************************************/ 1831 void bta_dm_search_cmpl (tBTA_DM_MSG *p_data) 1832 { 1833 APPL_TRACE_EVENT("%s", __func__); 1834 1835 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 1836 utl_freebuf((void **)&bta_dm_search_cb.p_srvc_uuid); 1837 #endif 1838 1839 if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT) 1840 bta_dm_di_disc_cmpl(p_data); 1841 else 1842 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL); 1843 } 1844 1845 /******************************************************************************* 1846 ** 1847 ** Function bta_dm_disc_result 1848 ** 1849 ** Description Service discovery result when discovering services on a device 1850 ** 1851 ** Returns void 1852 ** 1853 *******************************************************************************/ 1854 void bta_dm_disc_result (tBTA_DM_MSG *p_data) 1855 { 1856 APPL_TRACE_EVENT("%s", __func__); 1857 1858 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 1859 /* if any BR/EDR service discovery has been done, report the event */ 1860 if ((bta_dm_search_cb.services & ((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK ) & ~BTA_BLE_SERVICE_MASK))) 1861 #endif 1862 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result); 1863 1864 tBTA_DM_MSG *p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG)); 1865 1866 /* send a message to change state */ 1867 if (p_msg != NULL) 1868 { 1869 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 1870 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 1871 bta_sys_sendmsg(p_msg); 1872 } 1873 } 1874 1875 /******************************************************************************* 1876 ** 1877 ** Function bta_dm_search_result 1878 ** 1879 ** Description Service discovery result while searching for devices 1880 ** 1881 ** Returns void 1882 ** 1883 *******************************************************************************/ 1884 void bta_dm_search_result (tBTA_DM_MSG *p_data) 1885 { 1886 APPL_TRACE_DEBUG("%s searching:0x%04x, result:0x%04x", __func__, 1887 bta_dm_search_cb.services, 1888 p_data->disc_result.result.disc_res.services); 1889 1890 /* call back if application wants name discovery or found services that application is searching */ 1891 if (( !bta_dm_search_cb.services ) 1892 ||(( bta_dm_search_cb.services ) && ( p_data->disc_result.result.disc_res.services ))) 1893 { 1894 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT, &p_data->disc_result.result); 1895 } 1896 1897 /* if searching did not initiate to create link */ 1898 if(!bta_dm_search_cb.wait_disc ) 1899 { 1900 /* if service searching is done with EIR, don't search next device */ 1901 if( bta_dm_search_cb.p_btm_inq_info ) 1902 bta_dm_discover_next_device(); 1903 } 1904 else 1905 { 1906 /* wait until link is disconnected or timeout */ 1907 bta_dm_search_cb.sdp_results = TRUE; 1908 bta_dm_search_cb.search_timer.p_cback = (TIMER_CBACK*)&bta_dm_search_timer_cback; 1909 bta_sys_start_timer(&bta_dm_search_cb.search_timer, 0, 1000*(L2CAP_LINK_INACTIVITY_TOUT+1) ); 1910 } 1911 1912 } 1913 1914 /******************************************************************************* 1915 ** 1916 ** Function bta_dm_search_timer_cback 1917 ** 1918 ** Description Called when ACL disconnect time is over 1919 ** 1920 ** 1921 ** Returns void 1922 ** 1923 *******************************************************************************/ 1924 static void bta_dm_search_timer_cback (TIMER_LIST_ENT *p_tle) 1925 { 1926 UNUSED(p_tle); 1927 1928 APPL_TRACE_EVENT("%s", __func__); 1929 bta_dm_search_cb.wait_disc = FALSE; 1930 1931 /* proceed with next device */ 1932 bta_dm_discover_next_device(); 1933 1934 } 1935 1936 1937 /******************************************************************************* 1938 ** 1939 ** Function bta_dm_free_sdp_db 1940 ** 1941 ** Description Frees SDP data base 1942 ** 1943 ** Returns void 1944 ** 1945 *******************************************************************************/ 1946 void bta_dm_free_sdp_db (tBTA_DM_MSG *p_data) 1947 { 1948 UNUSED(p_data); 1949 if(bta_dm_search_cb.p_sdp_db) 1950 { 1951 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 1952 bta_dm_search_cb.p_sdp_db = NULL; 1953 } 1954 1955 } 1956 1957 /******************************************************************************* 1958 ** 1959 ** Function bta_dm_queue_search 1960 ** 1961 ** Description Queues search command while search is being cancelled 1962 ** 1963 ** Returns void 1964 ** 1965 *******************************************************************************/ 1966 void bta_dm_queue_search (tBTA_DM_MSG *p_data) 1967 { 1968 if(bta_dm_search_cb.p_search_queue) 1969 { 1970 GKI_freebuf(bta_dm_search_cb.p_search_queue); 1971 } 1972 1973 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_SEARCH)); 1974 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH)); 1975 1976 } 1977 1978 /******************************************************************************* 1979 ** 1980 ** Function bta_dm_queue_disc 1981 ** 1982 ** Description Queues discovery command while search is being cancelled 1983 ** 1984 ** Returns void 1985 ** 1986 *******************************************************************************/ 1987 void bta_dm_queue_disc (tBTA_DM_MSG *p_data) 1988 { 1989 if(bta_dm_search_cb.p_search_queue) 1990 { 1991 GKI_freebuf(bta_dm_search_cb.p_search_queue); 1992 } 1993 1994 bta_dm_search_cb.p_search_queue = (tBTA_DM_MSG *)GKI_getbuf(sizeof(tBTA_DM_API_DISCOVER)); 1995 memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER)); 1996 1997 } 1998 1999 /******************************************************************************* 2000 ** 2001 ** Function bta_dm_search_clear_queue 2002 ** 2003 ** Description Clears the queue if API search cancel is called 2004 ** 2005 ** Returns void 2006 ** 2007 *******************************************************************************/ 2008 void bta_dm_search_clear_queue (tBTA_DM_MSG *p_data) 2009 { 2010 UNUSED(p_data); 2011 if(bta_dm_search_cb.p_search_queue) 2012 { 2013 GKI_freebuf(bta_dm_search_cb.p_search_queue); 2014 bta_dm_search_cb.p_search_queue = NULL; 2015 } 2016 } 2017 2018 /******************************************************************************* 2019 ** 2020 ** Function bta_dm_search_cancel_cmpl 2021 ** 2022 ** Description Search cancel is complete 2023 ** 2024 ** Returns void 2025 ** 2026 *******************************************************************************/ 2027 void bta_dm_search_cancel_cmpl (tBTA_DM_MSG *p_data) 2028 { 2029 UNUSED(p_data); 2030 if(bta_dm_search_cb.p_search_queue) 2031 { 2032 bta_sys_sendmsg(bta_dm_search_cb.p_search_queue); 2033 bta_dm_search_cb.p_search_queue = NULL; 2034 } 2035 2036 } 2037 2038 /******************************************************************************* 2039 ** 2040 ** Function bta_dm_search_cancel_transac_cmpl 2041 ** 2042 ** Description Current Service Discovery or remote name procedure is 2043 ** completed after search cancellation 2044 ** 2045 ** Returns void 2046 ** 2047 *******************************************************************************/ 2048 void bta_dm_search_cancel_transac_cmpl(tBTA_DM_MSG *p_data) 2049 { 2050 UNUSED(p_data); 2051 if(bta_dm_search_cb.p_sdp_db) 2052 { 2053 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 2054 bta_dm_search_cb.p_sdp_db = NULL; 2055 } 2056 2057 bta_dm_search_cancel_notify(NULL); 2058 } 2059 2060 2061 /******************************************************************************* 2062 ** 2063 ** Function bta_dm_search_cancel_notify 2064 ** 2065 ** Description Notify application that search has been cancelled 2066 ** 2067 ** Returns void 2068 ** 2069 *******************************************************************************/ 2070 void bta_dm_search_cancel_notify (tBTA_DM_MSG *p_data) 2071 { 2072 UNUSED(p_data); 2073 if (bta_dm_search_cb.p_search_cback) 2074 { 2075 bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL); 2076 } 2077 if (!bta_dm_search_cb.name_discover_done) 2078 { 2079 BTM_CancelRemoteDeviceName(); 2080 } 2081 #if (BLE_INCLUDED == TRUE) && (BTA_GATT_INCLUDED == TRUE) 2082 if (bta_dm_search_cb.gatt_disc_active) 2083 { 2084 bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 2085 } 2086 #endif 2087 2088 } 2089 2090 /******************************************************************************* 2091 ** 2092 ** Function bta_dm_find_services 2093 ** 2094 ** Description Starts discovery on a device 2095 ** 2096 ** Returns void 2097 ** 2098 *******************************************************************************/ 2099 static void bta_dm_find_services ( BD_ADDR bd_addr) 2100 { 2101 2102 tSDP_UUID uuid; 2103 UINT16 num_attrs = 1; 2104 tBTA_DM_MSG *p_msg; 2105 2106 memset (&uuid, 0, sizeof(tSDP_UUID)); 2107 2108 while(bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID) 2109 { 2110 if( bta_dm_search_cb.services_to_search 2111 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))) 2112 { 2113 if((bta_dm_search_cb.p_sdp_db = (tSDP_DISCOVERY_DB *)GKI_getbuf(BTA_DM_SDP_DB_SIZE)) != NULL) 2114 { 2115 APPL_TRACE_DEBUG("bta_dm_search_cb.services = %04x***********", bta_dm_search_cb.services); 2116 /* try to search all services by search based on L2CAP UUID */ 2117 if(bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK ) 2118 { 2119 LOG_INFO("%s services_to_search=%08x", __func__, bta_dm_search_cb.services_to_search); 2120 if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK) 2121 { 2122 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0]; 2123 bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK; 2124 } 2125 else 2126 { 2127 uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP; 2128 bta_dm_search_cb.services_to_search = 0; 2129 } 2130 } 2131 else 2132 { 2133 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 2134 /* for LE only profile */ 2135 if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID) 2136 { 2137 if (bta_dm_search_cb.uuid_to_search > 0 && bta_dm_search_cb.p_srvc_uuid) 2138 { 2139 memcpy(&uuid, 2140 (const void *)(bta_dm_search_cb.p_srvc_uuid + \ 2141 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search), 2142 sizeof(tBT_UUID)); 2143 2144 bta_dm_search_cb.uuid_to_search -- ; 2145 } 2146 else 2147 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index]; 2148 2149 /* last one? clear the BLE service bit if all discovery has been done */ 2150 if (bta_dm_search_cb.uuid_to_search == 0) 2151 bta_dm_search_cb.services_to_search &= 2152 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))); 2153 2154 } 2155 else 2156 #endif 2157 { 2158 /* remove the service from services to be searched */ 2159 bta_dm_search_cb.services_to_search &= 2160 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))); 2161 uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index]; 2162 } 2163 } 2164 2165 if (uuid.len == 0) 2166 uuid.len = LEN_UUID_16; 2167 2168 if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID) 2169 { 2170 memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID)); 2171 } 2172 2173 LOG_INFO("%s search UUID = %04x", __func__, uuid.uu.uuid16); 2174 SDP_InitDiscoveryDb (bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1, &uuid, 0, NULL); 2175 2176 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf)); 2177 bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf; 2178 2179 bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF; 2180 2181 if (!SDP_ServiceSearchAttributeRequest (bd_addr, bta_dm_search_cb.p_sdp_db, &bta_dm_sdp_callback)) 2182 { 2183 /* if discovery not successful with this device 2184 proceed to next one */ 2185 GKI_freebuf(bta_dm_search_cb.p_sdp_db); 2186 bta_dm_search_cb.p_sdp_db = NULL; 2187 bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID; 2188 2189 } 2190 else 2191 { 2192 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 2193 if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID && 2194 bta_dm_search_cb.uuid_to_search == 0) || 2195 bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID) 2196 #endif 2197 bta_dm_search_cb.service_index++; 2198 return; 2199 } 2200 } 2201 else 2202 { 2203 APPL_TRACE_ERROR("#### Failed to allocate SDP DB buffer! ####"); 2204 } 2205 } 2206 2207 bta_dm_search_cb.service_index++; 2208 } 2209 2210 /* no more services to be discovered */ 2211 if(bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID) 2212 { 2213 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2214 { 2215 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 2216 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 2217 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 2218 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 2219 bta_dm_get_remname(), (BD_NAME_LEN-1)); 2220 2221 /* make sure the string is terminated */ 2222 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 2223 2224 bta_sys_sendmsg(p_msg); 2225 } 2226 } 2227 } 2228 2229 /******************************************************************************* 2230 ** 2231 ** Function bta_dm_discover_next_device 2232 ** 2233 ** Description Starts discovery on the next device in Inquiry data base 2234 ** 2235 ** Returns void 2236 ** 2237 *******************************************************************************/ 2238 static void bta_dm_discover_next_device(void) 2239 { 2240 2241 tBTA_DM_MSG * p_msg; 2242 2243 APPL_TRACE_DEBUG("bta_dm_discover_next_device"); 2244 2245 /* searching next device on inquiry result */ 2246 if((bta_dm_search_cb.p_btm_inq_info = BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info)) != NULL) 2247 { 2248 bta_dm_search_cb.name_discover_done = FALSE; 2249 bta_dm_search_cb.peer_name[0] = 0; 2250 bta_dm_discover_device(bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr); 2251 } 2252 else 2253 { 2254 /* no devices, search complete */ 2255 bta_dm_search_cb.services = 0; 2256 2257 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2258 { 2259 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 2260 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 2261 bta_sys_sendmsg(p_msg); 2262 } 2263 } 2264 } 2265 2266 /******************************************************************************* 2267 ** 2268 ** Function bta_dm_discover_device 2269 ** 2270 ** Description Starts name and service discovery on the device 2271 ** 2272 ** Returns void 2273 ** 2274 *******************************************************************************/ 2275 static void bta_dm_discover_device(BD_ADDR remote_bd_addr) 2276 { 2277 tBTA_DM_MSG * p_msg; 2278 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR; 2279 2280 #if BLE_INCLUDED == TRUE 2281 if (bta_dm_search_cb.transport == BTA_TRANSPORT_UNKNOWN) 2282 { 2283 tBT_DEVICE_TYPE dev_type; 2284 tBLE_ADDR_TYPE addr_type; 2285 2286 BTM_ReadDevInfo(remote_bd_addr, &dev_type, &addr_type); 2287 if (dev_type == BT_DEVICE_TYPE_BLE || addr_type == BLE_ADDR_RANDOM) 2288 transport = BT_TRANSPORT_LE; 2289 } else { 2290 transport = bta_dm_search_cb.transport; 2291 } 2292 #endif 2293 2294 /* Reset transport state for next discovery */ 2295 bta_dm_search_cb.transport = BTA_TRANSPORT_UNKNOWN; 2296 2297 APPL_TRACE_DEBUG("%s BDA:0x%02X%02X%02X%02X%02X%02X", __func__, 2298 remote_bd_addr[0],remote_bd_addr[1], 2299 remote_bd_addr[2],remote_bd_addr[3], 2300 remote_bd_addr[4],remote_bd_addr[5]); 2301 2302 bdcpy(bta_dm_search_cb.peer_bdaddr, remote_bd_addr); 2303 2304 APPL_TRACE_DEBUG("%s name_discover_done = %d p_btm_inq_info 0x%x state = %d, transport=%d", 2305 __func__, 2306 bta_dm_search_cb.name_discover_done, 2307 bta_dm_search_cb.p_btm_inq_info, 2308 bta_dm_search_cb.state, 2309 transport); 2310 2311 if (bta_dm_search_cb.p_btm_inq_info) 2312 { 2313 APPL_TRACE_DEBUG("%s appl_knows_rem_name %d", __func__, 2314 bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name); 2315 } 2316 2317 if((bta_dm_search_cb.p_btm_inq_info) 2318 && (bta_dm_search_cb.p_btm_inq_info->results.device_type == BT_DEVICE_TYPE_BLE) 2319 && (bta_dm_search_cb.state == BTA_DM_SEARCH_ACTIVE)) 2320 { 2321 /* Do not perform RNR for LE devices at inquiry complete*/ 2322 bta_dm_search_cb.name_discover_done = TRUE; 2323 } 2324 2325 /* if name discovery is not done and application needs remote name */ 2326 if ((!bta_dm_search_cb.name_discover_done) 2327 && (( bta_dm_search_cb.p_btm_inq_info == NULL ) 2328 ||(bta_dm_search_cb.p_btm_inq_info && (!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name)))) 2329 { 2330 if (bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr, transport) == TRUE) 2331 return; 2332 2333 /* starting name discovery failed */ 2334 bta_dm_search_cb.name_discover_done = TRUE; 2335 } 2336 2337 /* if application wants to discover service */ 2338 if ( bta_dm_search_cb.services ) 2339 { 2340 /* initialize variables */ 2341 bta_dm_search_cb.service_index = 0; 2342 bta_dm_search_cb.services_found = 0; 2343 bta_dm_search_cb.services_to_search = bta_dm_search_cb.services; 2344 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 2345 bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid; 2346 #endif 2347 if ((bta_dm_search_cb.p_btm_inq_info != NULL) && 2348 bta_dm_search_cb.services != BTA_USER_SERVICE_MASK 2349 &&(bta_dm_search_cb.sdp_search == FALSE)) 2350 { 2351 /* check if EIR provides the information of supported services */ 2352 bta_dm_eir_search_services( &bta_dm_search_cb.p_btm_inq_info->results, 2353 &bta_dm_search_cb.services_to_search, 2354 &bta_dm_search_cb.services_found ); 2355 } 2356 2357 /* if seaching with EIR is not completed */ 2358 if(bta_dm_search_cb.services_to_search) 2359 { 2360 /* check whether connection already exists to the device 2361 if connection exists, we don't have to wait for ACL 2362 link to go down to start search on next device */ 2363 if (BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr, BT_TRANSPORT_BR_EDR)) 2364 bta_dm_search_cb.wait_disc = FALSE; 2365 else 2366 bta_dm_search_cb.wait_disc = TRUE; 2367 2368 #if (BLE_INCLUDED == TRUE && (defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 2369 if ( bta_dm_search_cb.p_btm_inq_info ) 2370 { 2371 APPL_TRACE_DEBUG("%s p_btm_inq_info 0x%x results.device_type 0x%x services_to_search 0x%x", 2372 __func__, 2373 bta_dm_search_cb.p_btm_inq_info, 2374 bta_dm_search_cb.p_btm_inq_info->results.device_type, 2375 bta_dm_search_cb.services_to_search); 2376 } 2377 2378 if (transport == BT_TRANSPORT_LE) 2379 { 2380 if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK) 2381 { 2382 //set the raw data buffer here 2383 memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf)); 2384 bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf; 2385 2386 bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF; 2387 bta_dm_search_cb.ble_raw_used = 0; 2388 2389 /* start GATT for service discovery */ 2390 btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr); 2391 return; 2392 } 2393 } 2394 else 2395 #endif 2396 { 2397 bta_dm_search_cb.sdp_results = FALSE; 2398 bta_dm_find_services(bta_dm_search_cb.peer_bdaddr); 2399 return; 2400 } 2401 } 2402 } 2403 2404 /* name discovery and service discovery are done for this device */ 2405 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 2406 { 2407 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 2408 /* initialize the data structure - includes p_raw_data and raw_data_size */ 2409 memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES)); 2410 p_msg->disc_result.result.disc_res.result = BTA_SUCCESS; 2411 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 2412 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 2413 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 2414 (char*)bta_dm_search_cb.peer_name, (BD_NAME_LEN-1)); 2415 2416 /* make sure the string is terminated */ 2417 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 2418 2419 bta_sys_sendmsg(p_msg); 2420 } 2421 } 2422 2423 /******************************************************************************* 2424 ** 2425 ** Function bta_dm_sdp_callback 2426 ** 2427 ** Description Callback from sdp with discovery status 2428 ** 2429 ** Returns void 2430 ** 2431 *******************************************************************************/ 2432 static void bta_dm_sdp_callback (UINT16 sdp_status) 2433 { 2434 2435 tBTA_DM_SDP_RESULT * p_msg; 2436 2437 if ((p_msg = (tBTA_DM_SDP_RESULT *) GKI_getbuf(sizeof(tBTA_DM_SDP_RESULT))) != NULL) 2438 { 2439 p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT; 2440 p_msg->sdp_result = sdp_status; 2441 bta_sys_sendmsg(p_msg); 2442 2443 } 2444 } 2445 2446 /******************************************************************************* 2447 ** 2448 ** Function bta_dm_inq_results_cb 2449 ** 2450 ** Description Inquiry results callback from BTM 2451 ** 2452 ** Returns void 2453 ** 2454 *******************************************************************************/ 2455 static void bta_dm_inq_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir) 2456 { 2457 2458 tBTA_DM_SEARCH result; 2459 tBTM_INQ_INFO *p_inq_info; 2460 UINT16 service_class; 2461 2462 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr); 2463 memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN); 2464 BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class); 2465 result.inq_res.is_limited = (service_class & BTM_COD_SERVICE_LMTD_DISCOVER)?TRUE:FALSE; 2466 result.inq_res.rssi = p_inq->rssi; 2467 2468 #if (BLE_INCLUDED == TRUE) 2469 result.inq_res.ble_addr_type = p_inq->ble_addr_type; 2470 result.inq_res.inq_result_type = p_inq->inq_result_type; 2471 result.inq_res.device_type = p_inq->device_type; 2472 result.inq_res.flag = p_inq->flag; 2473 #endif 2474 2475 /* application will parse EIR to find out remote device name */ 2476 result.inq_res.p_eir = p_eir; 2477 2478 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL) 2479 { 2480 /* initialize remt_name_not_required to FALSE so that we get the name by default */ 2481 result.inq_res.remt_name_not_required = FALSE; 2482 2483 } 2484 2485 if(bta_dm_search_cb.p_search_cback) 2486 bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result); 2487 2488 if(p_inq_info) 2489 { 2490 /* application indicates if it knows the remote name, inside the callback 2491 copy that to the inquiry data base*/ 2492 if(result.inq_res.remt_name_not_required) 2493 p_inq_info->appl_knows_rem_name = TRUE; 2494 2495 } 2496 2497 2498 } 2499 2500 2501 /******************************************************************************* 2502 ** 2503 ** Function bta_dm_inq_cmpl_cb 2504 ** 2505 ** Description Inquiry complete callback from BTM 2506 ** 2507 ** Returns void 2508 ** 2509 *******************************************************************************/ 2510 static void bta_dm_inq_cmpl_cb (void * p_result) 2511 { 2512 tBTA_DM_MSG * p_msg; 2513 2514 if (bta_dm_search_cb.cancel_pending == FALSE) 2515 { 2516 APPL_TRACE_DEBUG("%s", __FUNCTION__); 2517 p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG)); 2518 if (p_msg != NULL) { 2519 p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT; 2520 p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp; 2521 bta_sys_sendmsg(p_msg); 2522 } 2523 } 2524 else 2525 { 2526 bta_dm_search_cb.cancel_pending = FALSE; 2527 bta_dm_search_cancel_notify(NULL); 2528 2529 p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG)); 2530 if (p_msg != NULL) { 2531 p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT; 2532 p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT; 2533 bta_sys_sendmsg(p_msg); 2534 } 2535 } 2536 } 2537 2538 /******************************************************************************* 2539 ** 2540 ** Function bta_dm_service_search_remname_cback 2541 ** 2542 ** Description Remote name call back from BTM during service discovery 2543 ** 2544 ** Returns void 2545 ** 2546 *******************************************************************************/ 2547 static void bta_dm_service_search_remname_cback (BD_ADDR bd_addr, DEV_CLASS dc, BD_NAME bd_name) 2548 { 2549 tBTM_REMOTE_DEV_NAME rem_name; 2550 tBTM_STATUS btm_status; 2551 UNUSED(dc); 2552 2553 APPL_TRACE_DEBUG("bta_dm_service_search_remname_cback name=<%s>", bd_name); 2554 2555 /* if this is what we are looking for */ 2556 if (!bdcmp( bta_dm_search_cb.peer_bdaddr, bd_addr)) 2557 { 2558 rem_name.length = strlen((char*)bd_name); 2559 if (rem_name.length > (BD_NAME_LEN-1)) 2560 { 2561 rem_name.length = (BD_NAME_LEN-1); 2562 rem_name.remote_bd_name[(BD_NAME_LEN-1)] = 0; 2563 } 2564 BCM_STRNCPY_S((char*)rem_name.remote_bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); 2565 rem_name.status = BTM_SUCCESS; 2566 2567 bta_dm_remname_cback(&rem_name); 2568 } 2569 else 2570 { 2571 /* get name of device */ 2572 btm_status = BTM_ReadRemoteDeviceName (bta_dm_search_cb.peer_bdaddr, 2573 (tBTM_CMPL_CB *) bta_dm_remname_cback, 2574 BT_TRANSPORT_BR_EDR); 2575 if ( btm_status == BTM_BUSY ) 2576 { 2577 /* wait for next chance(notification of remote name discovery done) */ 2578 APPL_TRACE_DEBUG("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName is busy"); 2579 } 2580 else if ( btm_status != BTM_CMD_STARTED ) 2581 { 2582 /* if failed to start getting remote name then continue */ 2583 APPL_TRACE_WARNING("bta_dm_service_search_remname_cback: BTM_ReadRemoteDeviceName returns 0x%02X", btm_status); 2584 2585 rem_name.length = 0; 2586 rem_name.remote_bd_name[0] = 0; 2587 rem_name.status = btm_status; 2588 bta_dm_remname_cback(&rem_name); 2589 } 2590 } 2591 } 2592 2593 2594 /******************************************************************************* 2595 ** 2596 ** Function bta_dm_remname_cback 2597 ** 2598 ** Description Remote name complete call back from BTM 2599 ** 2600 ** Returns void 2601 ** 2602 *******************************************************************************/ 2603 static void bta_dm_remname_cback (tBTM_REMOTE_DEV_NAME *p_remote_name) 2604 { 2605 tBTA_DM_REM_NAME * p_msg; 2606 2607 APPL_TRACE_DEBUG("bta_dm_remname_cback len = %d name=<%s>", p_remote_name->length, 2608 p_remote_name->remote_bd_name); 2609 2610 /* remote name discovery is done but it could be failed */ 2611 bta_dm_search_cb.name_discover_done = TRUE; 2612 BCM_STRNCPY_S((char*)bta_dm_search_cb.peer_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN)); 2613 bta_dm_search_cb.peer_name[BD_NAME_LEN]=0; 2614 2615 BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback); 2616 2617 #if BLE_INCLUDED == TRUE 2618 if (bta_dm_search_cb.transport == BT_TRANSPORT_LE ) 2619 { 2620 GAP_BleReadPeerPrefConnParams (bta_dm_search_cb.peer_bdaddr); 2621 } 2622 #endif 2623 2624 if ((p_msg = (tBTA_DM_REM_NAME *) GKI_getbuf(sizeof(tBTA_DM_REM_NAME))) != NULL) 2625 { 2626 bdcpy (p_msg->result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 2627 BCM_STRNCPY_S((char*)p_msg->result.disc_res.bd_name, sizeof(BD_NAME), (char*)p_remote_name->remote_bd_name, (BD_NAME_LEN)); 2628 2629 /* make sure the string is null terminated */ 2630 p_msg->result.disc_res.bd_name[BD_NAME_LEN] = 0; 2631 2632 p_msg->hdr.event = BTA_DM_REMT_NAME_EVT; 2633 bta_sys_sendmsg(p_msg); 2634 2635 } 2636 } 2637 2638 /******************************************************************************* 2639 ** 2640 ** Function bta_dm_authorize_cback 2641 ** 2642 ** Description cback requesting authorization 2643 ** 2644 ** Returns void 2645 ** 2646 *******************************************************************************/ 2647 static UINT8 bta_dm_authorize_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, 2648 UINT8 *service_name, UINT8 service_id, BOOLEAN is_originator) 2649 { 2650 tBTA_DM_SEC sec_event; 2651 UINT8 index = 1; 2652 UNUSED(service_name); 2653 UNUSED(is_originator); 2654 2655 bdcpy(sec_event.authorize.bd_addr, bd_addr); 2656 memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN); 2657 2658 BCM_STRNCPY_S((char*)sec_event.authorize.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); 2659 2660 /* make sure the string is null terminated */ 2661 sec_event.authorize.bd_name[BD_NAME_LEN-1] = 0; 2662 2663 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE ) 2664 sec_event.authorize.service = service_id; 2665 #endif 2666 2667 while(index < BTA_MAX_SERVICE_ID) 2668 { 2669 /* get the BTA service id corresponding to BTM id */ 2670 if(bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id) 2671 { 2672 sec_event.authorize.service = index; 2673 break; 2674 } 2675 index++; 2676 } 2677 2678 2679 /* if supported service callback otherwise not authorized */ 2680 if(bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID 2681 #if ( defined(BTA_JV_INCLUDED) && BTA_JV_INCLUDED == TRUE ) 2682 /* pass through JV service ID */ 2683 || (service_id >= BTA_FIRST_JV_SERVICE_ID && service_id <= BTA_LAST_JV_SERVICE_ID) 2684 #endif 2685 )) 2686 { 2687 bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event); 2688 return BTM_CMD_STARTED; 2689 } 2690 else 2691 { 2692 return BTM_NOT_AUTHORIZED; 2693 } 2694 } 2695 2696 2697 2698 2699 2700 /******************************************************************************* 2701 ** 2702 ** Function bta_dm_pinname_cback 2703 ** 2704 ** Description Callback requesting pin_key 2705 ** 2706 ** Returns void 2707 ** 2708 *******************************************************************************/ 2709 static void bta_dm_pinname_cback (void *p_data) 2710 { 2711 tBTM_REMOTE_DEV_NAME *p_result = (tBTM_REMOTE_DEV_NAME *)p_data; 2712 tBTA_DM_SEC sec_event; 2713 UINT32 bytes_to_copy; 2714 tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt; 2715 2716 if (BTA_DM_SP_CFM_REQ_EVT == event) 2717 { 2718 /* Retrieved saved device class and bd_addr */ 2719 bdcpy(sec_event.cfm_req.bd_addr, bta_dm_cb.pin_bd_addr); 2720 BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class); 2721 2722 if (p_result && p_result->status == BTM_SUCCESS) 2723 { 2724 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1)) 2725 ? p_result->length : (BD_NAME_LEN-1); 2726 memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name, bytes_to_copy); 2727 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; 2728 } 2729 else /* No name found */ 2730 sec_event.cfm_req.bd_name[0] = 0; 2731 2732 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */ 2733 2734 /* 1 additional event data fields for this event */ 2735 sec_event.cfm_req.just_works = bta_dm_cb.just_works; 2736 } 2737 else 2738 { 2739 /* Retrieved saved device class and bd_addr */ 2740 bdcpy(sec_event.pin_req.bd_addr, bta_dm_cb.pin_bd_addr); 2741 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class); 2742 2743 if (p_result && p_result->status == BTM_SUCCESS) 2744 { 2745 bytes_to_copy = (p_result->length < (BD_NAME_LEN-1)) 2746 ? p_result->length : (BD_NAME_LEN-1); 2747 memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name, bytes_to_copy); 2748 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; 2749 } 2750 else /* No name found */ 2751 sec_event.pin_req.bd_name[0] = 0; 2752 2753 event = bta_dm_cb.pin_evt; 2754 sec_event.key_notif.passkey = bta_dm_cb.num_val; /* get PIN code numeric number */ 2755 } 2756 2757 if( bta_dm_cb.p_sec_cback ) 2758 bta_dm_cb.p_sec_cback(event, &sec_event); 2759 } 2760 2761 /******************************************************************************* 2762 ** 2763 ** Function bta_dm_pin_cback 2764 ** 2765 ** Description Callback requesting pin_key 2766 ** 2767 ** Returns void 2768 ** 2769 *******************************************************************************/ 2770 static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name, 2771 BOOLEAN min_16_digit) 2772 { 2773 tBTA_DM_SEC sec_event; 2774 2775 if (!bta_dm_cb.p_sec_cback) 2776 return BTM_NOT_AUTHORIZED; 2777 2778 /* If the device name is not known, save bdaddr and devclass and initiate a name request */ 2779 if (bd_name[0] == 0) 2780 { 2781 bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT; 2782 bdcpy(bta_dm_cb.pin_bd_addr, bd_addr); 2783 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class); 2784 if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback, BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED) 2785 return BTM_CMD_STARTED; 2786 2787 APPL_TRACE_WARNING(" bta_dm_pin_cback() -> Failed to start Remote Name Request "); 2788 } 2789 2790 bdcpy(sec_event.pin_req.bd_addr, bd_addr); 2791 BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class); 2792 BCM_STRNCPY_S((char*)sec_event.pin_req.bd_name, sizeof(BD_NAME), (char*)bd_name, (BD_NAME_LEN-1)); 2793 sec_event.pin_req.bd_name[BD_NAME_LEN-1] = 0; 2794 sec_event.pin_req.min_16_digit = min_16_digit; 2795 2796 bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event); 2797 return BTM_CMD_STARTED; 2798 } 2799 2800 /******************************************************************************* 2801 ** 2802 ** Function bta_dm_new_link_key_cback 2803 ** 2804 ** Description Callback from BTM to notify new link key 2805 ** 2806 ** Returns void 2807 ** 2808 *******************************************************************************/ 2809 static UINT8 bta_dm_new_link_key_cback(BD_ADDR bd_addr, DEV_CLASS dev_class, 2810 BD_NAME bd_name, LINK_KEY key, UINT8 key_type) 2811 { 2812 tBTA_DM_SEC sec_event; 2813 tBTA_DM_AUTH_CMPL *p_auth_cmpl; 2814 UINT8 event; 2815 UNUSED(dev_class); 2816 2817 memset (&sec_event, 0, sizeof(tBTA_DM_SEC)); 2818 2819 /* Not AMP Key type */ 2820 if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB) 2821 { 2822 event = BTA_DM_AUTH_CMPL_EVT; 2823 p_auth_cmpl = &sec_event.auth_cmpl; 2824 2825 bdcpy(p_auth_cmpl->bd_addr, bd_addr); 2826 2827 memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN-1)); 2828 p_auth_cmpl->bd_name[BD_NAME_LEN-1] = 0; 2829 2830 p_auth_cmpl->key_present = TRUE; 2831 p_auth_cmpl->key_type = key_type; 2832 p_auth_cmpl->success = TRUE; 2833 2834 memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN); 2835 sec_event.auth_cmpl.fail_reason = HCI_SUCCESS; 2836 2837 #if BLE_INCLUDED == TRUE 2838 // Report the BR link key based on the BR/EDR address and type 2839 BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type, &sec_event.auth_cmpl.addr_type); 2840 #endif 2841 if(bta_dm_cb.p_sec_cback) 2842 bta_dm_cb.p_sec_cback(event, &sec_event); 2843 } 2844 else 2845 { 2846 APPL_TRACE_WARNING("%s() Received AMP Key", __func__); 2847 } 2848 2849 return BTM_CMD_STARTED; 2850 } 2851 2852 2853 /******************************************************************************* 2854 ** 2855 ** Function bta_dm_authentication_complete_cback 2856 ** 2857 ** Description Authentication complete callback from BTM 2858 ** 2859 ** Returns void 2860 ** 2861 *******************************************************************************/ 2862 static UINT8 bta_dm_authentication_complete_cback(BD_ADDR bd_addr, DEV_CLASS dev_class,BD_NAME bd_name, int result) 2863 { 2864 tBTA_DM_SEC sec_event; 2865 UNUSED(dev_class); 2866 2867 if(result != BTM_SUCCESS) 2868 { 2869 memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); 2870 bdcpy(sec_event.auth_cmpl.bd_addr, bd_addr); 2871 2872 memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN-1)); 2873 sec_event.auth_cmpl.bd_name[BD_NAME_LEN-1] = 0; 2874 2875 #if BLE_INCLUDED == TRUE 2876 // Report the BR link key based on the BR/EDR address and type 2877 BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type, &sec_event.auth_cmpl.addr_type); 2878 #endif 2879 sec_event.auth_cmpl.fail_reason = (UINT8)result; 2880 2881 if(bta_dm_cb.p_sec_cback) 2882 bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); 2883 2884 bta_dm_remove_sec_dev_entry(bd_addr); 2885 } 2886 2887 return BTM_SUCCESS; 2888 } 2889 2890 /******************************************************************************* 2891 ** 2892 ** Function bta_dm_sp_cback 2893 ** 2894 ** Description simple pairing callback from BTM 2895 ** 2896 ** Returns void 2897 ** 2898 *******************************************************************************/ 2899 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data) 2900 { 2901 tBTM_STATUS status = BTM_CMD_STARTED; 2902 tBTA_DM_SEC sec_event; 2903 tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT; 2904 2905 APPL_TRACE_EVENT("bta_dm_sp_cback: %d", event); 2906 if (!bta_dm_cb.p_sec_cback) 2907 return BTM_NOT_AUTHORIZED; 2908 2909 /* TODO_SP */ 2910 switch(event) 2911 { 2912 case BTM_SP_IO_REQ_EVT: 2913 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 2914 /* translate auth_req */ 2915 bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap, 2916 &p_data->io_req.oob_data, &p_data->io_req.auth_req, p_data->io_req.is_orig); 2917 #endif 2918 #if BTM_OOB_INCLUDED == FALSE 2919 status = BTM_SUCCESS; 2920 #endif 2921 2922 APPL_TRACE_EVENT("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data); 2923 break; 2924 case BTM_SP_IO_RSP_EVT: 2925 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 2926 bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap, 2927 p_data->io_rsp.oob_data, p_data->io_rsp.auth_req ); 2928 #endif 2929 break; 2930 2931 case BTM_SP_CFM_REQ_EVT: 2932 pin_evt = BTA_DM_SP_CFM_REQ_EVT; 2933 bta_dm_cb.just_works = sec_event.cfm_req.just_works = p_data->cfm_req.just_works; 2934 sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req; 2935 sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req; 2936 sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps; 2937 sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps; 2938 2939 /* continue to next case */ 2940 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 2941 /* Passkey entry mode, mobile device with output capability is very 2942 unlikely to receive key request, so skip this event */ 2943 /*case BTM_SP_KEY_REQ_EVT: */ 2944 case BTM_SP_KEY_NOTIF_EVT: 2945 #endif 2946 if(BTM_SP_CFM_REQ_EVT == event) 2947 { 2948 /* Due to the switch case falling through below to BTM_SP_KEY_NOTIF_EVT, 2949 call remote name request using values from cfm_req */ 2950 if(p_data->cfm_req.bd_name[0] == 0) 2951 { 2952 bta_dm_cb.pin_evt = pin_evt; 2953 bdcpy(bta_dm_cb.pin_bd_addr, p_data->cfm_req.bd_addr); 2954 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->cfm_req.dev_class); 2955 if ((BTM_ReadRemoteDeviceName(p_data->cfm_req.bd_addr, bta_dm_pinname_cback, 2956 BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED) 2957 return BTM_CMD_STARTED; 2958 APPL_TRACE_WARNING(" bta_dm_sp_cback() -> Failed to start Remote Name Request "); 2959 } 2960 else 2961 { 2962 /* Due to the switch case falling through below to BTM_SP_KEY_NOTIF_EVT, 2963 copy these values into key_notif from cfm_req */ 2964 bdcpy(sec_event.key_notif.bd_addr, p_data->cfm_req.bd_addr); 2965 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->cfm_req.dev_class); 2966 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), 2967 (char*)p_data->cfm_req.bd_name, (BD_NAME_LEN-1)); 2968 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0; 2969 } 2970 } 2971 2972 bta_dm_cb.num_val = sec_event.key_notif.passkey = p_data->key_notif.passkey; 2973 if (BTM_SP_KEY_NOTIF_EVT == event) 2974 { 2975 /* If the device name is not known, save bdaddr and devclass 2976 and initiate a name request with values from key_notif */ 2977 if(p_data->key_notif.bd_name[0] == 0) 2978 { 2979 bta_dm_cb.pin_evt = pin_evt; 2980 bdcpy(bta_dm_cb.pin_bd_addr, p_data->key_notif.bd_addr); 2981 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->key_notif.dev_class); 2982 if ((BTM_ReadRemoteDeviceName(p_data->key_notif.bd_addr, bta_dm_pinname_cback, 2983 BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED) 2984 return BTM_CMD_STARTED; 2985 APPL_TRACE_WARNING(" bta_dm_sp_cback() -> Failed to start Remote Name Request "); 2986 } 2987 else 2988 { 2989 bdcpy(sec_event.key_notif.bd_addr, p_data->key_notif.bd_addr); 2990 BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class, p_data->key_notif.dev_class); 2991 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), 2992 (char*)p_data->key_notif.bd_name, (BD_NAME_LEN-1)); 2993 sec_event.key_notif.bd_name[BD_NAME_LEN-1] = 0; 2994 } 2995 } 2996 2997 bta_dm_cb.p_sec_cback(pin_evt, &sec_event); 2998 2999 break; 3000 3001 #if BTM_OOB_INCLUDED == TRUE 3002 case BTM_SP_LOC_OOB_EVT: 3003 bta_dm_co_loc_oob((BOOLEAN)(p_data->loc_oob.status == BTM_SUCCESS), 3004 p_data->loc_oob.c, p_data->loc_oob.r); 3005 break; 3006 3007 case BTM_SP_RMT_OOB_EVT: 3008 /* If the device name is not known, save bdaddr and devclass and initiate a name request */ 3009 if (p_data->rmt_oob.bd_name[0] == 0) 3010 { 3011 bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT; 3012 bdcpy(bta_dm_cb.pin_bd_addr, p_data->rmt_oob.bd_addr); 3013 BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, p_data->rmt_oob.dev_class); 3014 if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr, bta_dm_pinname_cback, 3015 BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED) 3016 return BTM_CMD_STARTED; 3017 APPL_TRACE_WARNING(" bta_dm_sp_cback() -> Failed to start Remote Name Request "); 3018 } 3019 3020 bdcpy(sec_event.rmt_oob.bd_addr, p_data->rmt_oob.bd_addr); 3021 BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class, p_data->rmt_oob.dev_class); 3022 BCM_STRNCPY_S((char*)sec_event.rmt_oob.bd_name, sizeof(BD_NAME), (char*)p_data->rmt_oob.bd_name, (BD_NAME_LEN-1)); 3023 sec_event.rmt_oob.bd_name[BD_NAME_LEN-1] = 0; 3024 3025 bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event); 3026 3027 bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr); 3028 break; 3029 #endif 3030 case BTM_SP_COMPLT_EVT: 3031 /* do not report this event - handled by link_key_callback or auth_complete_callback */ 3032 break; 3033 3034 case BTM_SP_KEYPRESS_EVT: 3035 memcpy(&sec_event.key_press, &p_data->key_press, sizeof(tBTM_SP_KEYPRESS)); 3036 bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event); 3037 break; 3038 3039 case BTM_SP_UPGRADE_EVT: 3040 bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade ); 3041 break; 3042 3043 default: 3044 status = BTM_NOT_AUTHORIZED; 3045 break; 3046 } 3047 APPL_TRACE_EVENT("dm status: %d", status); 3048 return status; 3049 } 3050 3051 /******************************************************************************* 3052 ** 3053 ** Function bta_dm_local_name_cback 3054 ** 3055 ** Description Callback from btm after local name is read 3056 ** 3057 ** 3058 ** Returns void 3059 ** 3060 *******************************************************************************/ 3061 static void bta_dm_local_name_cback(UINT8 *p_name) 3062 { 3063 tBTA_DM_SEC sec_event; 3064 UNUSED(p_name); 3065 3066 sec_event.enable.status = BTA_SUCCESS; 3067 3068 if(bta_dm_cb.p_sec_cback) 3069 bta_dm_cb.p_sec_cback(BTA_DM_ENABLE_EVT, &sec_event); 3070 3071 } 3072 3073 /******************************************************************************* 3074 ** 3075 ** Function bta_dm_bl_change_cback 3076 ** 3077 ** Description Callback from btm when acl connection goes up or down 3078 ** 3079 ** 3080 ** Returns void 3081 ** 3082 *******************************************************************************/ 3083 static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data) 3084 { 3085 tBTA_DM_ACL_CHANGE * p_msg; 3086 3087 if ((p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE))) != NULL) 3088 { 3089 p_msg->event = p_data->event; 3090 p_msg->is_new = FALSE; 3091 3092 switch(p_msg->event) 3093 { 3094 case BTM_BL_CONN_EVT: 3095 p_msg->is_new = TRUE; 3096 bdcpy(p_msg->bd_addr, p_data->conn.p_bda); 3097 #if BLE_INCLUDED == TRUE 3098 p_msg->transport = p_data->conn.transport; 3099 p_msg->handle = p_data->conn.handle; 3100 #endif 3101 break; 3102 case BTM_BL_DISCN_EVT: 3103 bdcpy(p_msg->bd_addr, p_data->discn.p_bda); 3104 #if BLE_INCLUDED == TRUE 3105 p_msg->transport = p_data->discn.transport; 3106 p_msg->handle = p_data->discn.handle; 3107 #endif 3108 break; 3109 case BTM_BL_UPDATE_EVT: 3110 p_msg->busy_level = p_data->update.busy_level; 3111 p_msg->busy_level_flags = p_data->update.busy_level_flags; 3112 break; 3113 case BTM_BL_ROLE_CHG_EVT: 3114 p_msg->new_role = p_data->role_chg.new_role; 3115 p_msg->hci_status = p_data->role_chg.hci_status; 3116 bdcpy(p_msg->bd_addr, p_data->role_chg.p_bda); 3117 break; 3118 case BTM_BL_COLLISION_EVT: 3119 bdcpy(p_msg->bd_addr, p_data->conn.p_bda); 3120 break; 3121 } 3122 3123 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT; 3124 bta_sys_sendmsg(p_msg); 3125 3126 } 3127 3128 } 3129 3130 /******************************************************************************* 3131 ** 3132 ** Function bta_dm_acl_change_cback 3133 ** 3134 ** Description Callback from btm when acl connection goes up or down 3135 ** 3136 ** 3137 ** Returns void 3138 ** 3139 *******************************************************************************/ 3140 #if BLE_INCLUDED == TRUE 3141 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, 3142 UINT8 *features, BOOLEAN is_new,UINT16 handle, 3143 tBT_TRANSPORT transport) 3144 #else 3145 static void bta_dm_acl_change_cback(BD_ADDR p_bda, DEV_CLASS p_dc, BD_NAME p_bdn, 3146 UINT8 *features, BOOLEAN is_new) 3147 #endif 3148 { 3149 tBTA_DM_ACL_CHANGE *p_msg = (tBTA_DM_ACL_CHANGE *) GKI_getbuf(sizeof(tBTA_DM_ACL_CHANGE)); 3150 if (p_msg != NULL) 3151 { 3152 memset(p_msg, 0, sizeof(tBTA_DM_ACL_CHANGE)); 3153 3154 bdcpy(p_msg->bd_addr, p_bda); 3155 p_msg->is_new = is_new; 3156 #if BLE_INCLUDED == TRUE 3157 p_msg->handle = handle; 3158 p_msg->transport = transport; 3159 #endif 3160 /* This is collision case */ 3161 if (features != NULL) 3162 { 3163 if ((features[0] == 0xFF) && !is_new) 3164 p_msg->event = BTM_BL_COLLISION_EVT; 3165 } 3166 3167 p_msg->hdr.event = BTA_DM_ACL_CHANGE_EVT; 3168 bta_sys_sendmsg(p_msg); 3169 } 3170 } 3171 3172 3173 /******************************************************************************* 3174 ** 3175 ** Function bta_dm_rs_cback 3176 ** 3177 ** Description Receives the role switch complete event 3178 ** 3179 ** Returns 3180 ** 3181 *******************************************************************************/ 3182 static void bta_dm_rs_cback (tBTM_ROLE_SWITCH_CMPL *p1) 3183 { 3184 UNUSED(p1); 3185 APPL_TRACE_WARNING("bta_dm_rs_cback:%d", bta_dm_cb.rs_event); 3186 if(bta_dm_cb.rs_event == BTA_DM_API_SEARCH_EVT) 3187 { 3188 bta_dm_cb.search_msg.rs_res = BTA_DM_RS_OK; /* do not care about the result for now */ 3189 bta_dm_cb.rs_event = 0; 3190 bta_dm_search_start((tBTA_DM_MSG *)&bta_dm_cb.search_msg); 3191 } 3192 } 3193 3194 /******************************************************************************* 3195 ** 3196 ** Function bta_dm_check_av 3197 ** 3198 ** Description This function checks if AV is active 3199 ** if yes, make sure the AV link is master 3200 ** 3201 ** Returns BOOLEAN - TRUE, if switch is in progress 3202 ** 3203 *******************************************************************************/ 3204 static BOOLEAN bta_dm_check_av(UINT16 event) 3205 { 3206 BOOLEAN avoid_roleswitch = FALSE; 3207 BOOLEAN switching = FALSE; 3208 UINT8 i; 3209 tBTA_DM_PEER_DEVICE *p_dev; 3210 3211 #if defined(BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY) && (BTA_DM_AVOID_A2DP_ROLESWITCH_ON_INQUIRY == TRUE) 3212 3213 /* avoid role switch upon inquiry if a2dp is actively streaming as it 3214 introduces an audioglitch due to FW scheduling delays (unavoidable) */ 3215 if (event == BTA_DM_API_SEARCH_EVT) 3216 { 3217 avoid_roleswitch = TRUE; 3218 } 3219 #endif 3220 3221 APPL_TRACE_WARNING("bta_dm_check_av:%d", bta_dm_cb.cur_av_count); 3222 if(bta_dm_cb.cur_av_count) 3223 { 3224 for(i=0; i<bta_dm_cb.device_list.count; i++) 3225 { 3226 p_dev = &bta_dm_cb.device_list.peer_device[i]; 3227 APPL_TRACE_WARNING("[%d]: state:%d, info:x%x, avoid_rs %d", 3228 i, p_dev->conn_state, p_dev->info, avoid_roleswitch); 3229 if((p_dev->conn_state == BTA_DM_CONNECTED) && (p_dev->info & BTA_DM_DI_AV_ACTIVE) && 3230 (avoid_roleswitch == FALSE)) 3231 { 3232 /* make master and take away the role switch policy */ 3233 if(BTM_CMD_STARTED == BTM_SwitchRole (p_dev->peer_bdaddr, HCI_ROLE_MASTER, (tBTM_CMPL_CB *)bta_dm_rs_cback)) 3234 { 3235 /* the role switch command is actually sent */ 3236 bta_dm_cb.rs_event = event; 3237 switching = TRUE; 3238 } 3239 /* else either already master or can not switch for some reasons */ 3240 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr); 3241 break; 3242 } 3243 } 3244 } 3245 return switching; 3246 } 3247 3248 /******************************************************************************* 3249 ** 3250 ** Function bta_dm_acl_change 3251 ** 3252 ** Description Process BTA_DM_ACL_CHANGE_EVT 3253 ** 3254 ** 3255 ** Returns void 3256 ** 3257 *******************************************************************************/ 3258 void bta_dm_acl_change(tBTA_DM_MSG *p_data) 3259 { 3260 3261 UINT8 i; 3262 UINT8 *p; 3263 tBTA_DM_SEC conn; 3264 BOOLEAN is_new = p_data->acl_change.is_new; 3265 BD_ADDR_PTR p_bda = p_data->acl_change.bd_addr; 3266 BOOLEAN need_policy_change = FALSE; 3267 BOOLEAN issue_unpair_cb = FALSE; 3268 3269 tBTA_DM_PEER_DEVICE *p_dev; 3270 memset(&conn, 0, sizeof(tBTA_DM_SEC)); 3271 3272 switch(p_data->acl_change.event) 3273 { 3274 case BTM_BL_UPDATE_EVT: /* busy level update */ 3275 if( bta_dm_cb.p_sec_cback ) 3276 { 3277 conn.busy_level.level = p_data->acl_change.busy_level; 3278 conn.busy_level.level_flags = p_data->acl_change.busy_level_flags; 3279 bta_dm_cb.p_sec_cback(BTA_DM_BUSY_LEVEL_EVT, &conn); 3280 } 3281 return; 3282 3283 case BTM_BL_ROLE_CHG_EVT: /* role change event */ 3284 p_dev = bta_dm_find_peer_device(p_bda); 3285 if(p_dev) 3286 { 3287 APPL_TRACE_DEBUG("bta_dm_acl_change role chg info:x%x new_role:%d dev count:%d", 3288 p_dev->info, p_data->acl_change.new_role, bta_dm_cb.device_list.count); 3289 if(p_dev->info & BTA_DM_DI_AV_ACTIVE) 3290 { 3291 /* there's AV activity on this link */ 3292 if(p_data->acl_change.new_role == HCI_ROLE_SLAVE && bta_dm_cb.device_list.count > 1 3293 && p_data->acl_change.hci_status == HCI_SUCCESS) 3294 { 3295 /* more than one connections and the AV connection is role switched to slave 3296 * switch it back to master and remove the switch policy */ 3297 BTM_SwitchRole(p_bda, BTM_ROLE_MASTER, NULL); 3298 need_policy_change = TRUE; 3299 } 3300 else if (p_bta_dm_cfg->avoid_scatter && (p_data->acl_change.new_role == HCI_ROLE_MASTER)) 3301 { 3302 /* if the link updated to be master include AV activities, remove the switch policy */ 3303 need_policy_change = TRUE; 3304 } 3305 3306 if(need_policy_change) 3307 { 3308 bta_dm_policy_cback(BTA_SYS_PLCY_CLR, 0, HCI_ENABLE_MASTER_SLAVE_SWITCH, p_dev->peer_bdaddr); 3309 } 3310 } 3311 else 3312 { 3313 /* there's AV no activity on this link and role switch happened 3314 * check if AV is active 3315 * if so, make sure the AV link is master */ 3316 bta_dm_check_av(0); 3317 } 3318 bta_sys_notify_role_chg(p_data->acl_change.bd_addr, p_data->acl_change.new_role, p_data->acl_change.hci_status); 3319 bdcpy(conn.role_chg.bd_addr, p_bda); 3320 conn.role_chg.new_role = (UINT8) p_data->acl_change.new_role; 3321 if( bta_dm_cb.p_sec_cback ) 3322 bta_dm_cb.p_sec_cback(BTA_DM_ROLE_CHG_EVT, (tBTA_DM_SEC *)&conn); 3323 } 3324 return; 3325 } 3326 3327 /* Collision report from Stack: Notify profiles */ 3328 if (p_data->acl_change.event == BTM_BL_COLLISION_EVT) 3329 { 3330 bta_sys_notify_collision (p_bda); 3331 return; 3332 } 3333 3334 if(is_new) 3335 { 3336 for(i=0; i<bta_dm_cb.device_list.count; i++) 3337 { 3338 if (!bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda) 3339 #if BLE_INCLUDED == TRUE 3340 && bta_dm_cb.device_list.peer_device[i].conn_handle == p_data->acl_change.handle 3341 #endif 3342 ) 3343 break; 3344 3345 } 3346 3347 if(i == bta_dm_cb.device_list.count) 3348 { 3349 if (bta_dm_cb.device_list.count < BTA_DM_NUM_PEER_DEVICE) 3350 { 3351 bdcpy(bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].peer_bdaddr, p_bda); 3352 bta_dm_cb.device_list.peer_device[bta_dm_cb.device_list.count].link_policy = bta_dm_cb.cur_policy; 3353 bta_dm_cb.device_list.count++; 3354 #if BLE_INCLUDED == TRUE 3355 bta_dm_cb.device_list.peer_device[i].conn_handle = p_data->acl_change.handle; 3356 if (p_data->acl_change.transport == BT_TRANSPORT_LE) 3357 bta_dm_cb.device_list.le_count++; 3358 #endif 3359 } else { 3360 APPL_TRACE_ERROR("%s max active connection reached, no resources", __func__); 3361 return; 3362 } 3363 } 3364 3365 bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_CONNECTED; 3366 bta_dm_cb.device_list.peer_device[i].pref_role = BTA_ANY_ROLE; 3367 bdcpy(conn.link_up.bd_addr, p_bda); 3368 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_NONE; 3369 #if BLE_INCLUDED == TRUE 3370 conn.link_up.link_type = p_data->acl_change.transport; 3371 bta_dm_cb.device_list.peer_device[i].transport = p_data->acl_change.transport; 3372 #endif 3373 3374 if (((NULL != (p = BTM_ReadLocalFeatures ())) && HCI_SNIFF_SUB_RATE_SUPPORTED(p)) && 3375 ((NULL != (p = BTM_ReadRemoteFeatures (p_bda))) && HCI_SNIFF_SUB_RATE_SUPPORTED(p))) 3376 { 3377 /* both local and remote devices support SSR */ 3378 bta_dm_cb.device_list.peer_device[i].info = BTA_DM_DI_USE_SSR; 3379 } 3380 APPL_TRACE_WARNING("%s info: 0x%x", __func__, bta_dm_cb.device_list.peer_device[i].info); 3381 3382 if (bta_dm_cb.p_sec_cback) 3383 bta_dm_cb.p_sec_cback(BTA_DM_LINK_UP_EVT, (tBTA_DM_SEC *)&conn); 3384 } else { 3385 for(i=0; i<bta_dm_cb.device_list.count; i++) 3386 { 3387 if (bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_bda) 3388 #if BLE_INCLUDED == TRUE 3389 ||bta_dm_cb.device_list.peer_device[i].transport != p_data->acl_change.transport 3390 #endif 3391 ) 3392 continue; 3393 3394 if( bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_UNPAIRING ) 3395 { 3396 if (BTM_SecDeleteDevice(bta_dm_cb.device_list.peer_device[i].peer_bdaddr)) 3397 issue_unpair_cb = TRUE; 3398 3399 APPL_TRACE_DEBUG("%s: Unpairing: issue unpair CB = %d ",__FUNCTION__, issue_unpair_cb); 3400 } 3401 3402 conn.link_down.is_removed = bta_dm_cb.device_list.peer_device[i].remove_dev_pending; 3403 3404 for(; i<bta_dm_cb.device_list.count ; i++) 3405 { 3406 memcpy(&bta_dm_cb.device_list.peer_device[i], &bta_dm_cb.device_list.peer_device[i+1], sizeof(bta_dm_cb.device_list.peer_device[i])); 3407 } 3408 break; 3409 } 3410 if(bta_dm_cb.device_list.count) 3411 bta_dm_cb.device_list.count--; 3412 #if BLE_INCLUDED == TRUE 3413 if ((p_data->acl_change.transport == BT_TRANSPORT_LE) && 3414 (bta_dm_cb.device_list.le_count)) 3415 bta_dm_cb.device_list.le_count--; 3416 conn.link_down.link_type = p_data->acl_change.transport; 3417 #endif 3418 3419 if(bta_dm_search_cb.wait_disc && !bdcmp(bta_dm_search_cb.peer_bdaddr, p_bda)) 3420 { 3421 bta_dm_search_cb.wait_disc = FALSE; 3422 3423 if(bta_dm_search_cb.sdp_results) 3424 { 3425 APPL_TRACE_EVENT(" timer stopped "); 3426 bta_sys_stop_timer(&bta_dm_search_cb.search_timer); 3427 bta_dm_discover_next_device(); 3428 } 3429 3430 } 3431 3432 if(bta_dm_cb.disabling) 3433 { 3434 if(!BTM_GetNumAclLinks()) 3435 { 3436 bta_sys_stop_timer(&bta_dm_cb.disable_timer); 3437 bta_dm_cb.disable_timer.p_cback = (TIMER_CBACK*)&bta_dm_disable_conn_down_timer_cback; 3438 /* 3439 * Start a timer to make sure that the profiles 3440 * get the disconnect event. 3441 */ 3442 bta_sys_start_timer(&bta_dm_cb.disable_timer, 0, 1000); 3443 } 3444 } 3445 if (conn.link_down.is_removed) 3446 { 3447 BTM_SecDeleteDevice(p_bda); 3448 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 3449 /* need to remove all pending background connection */ 3450 BTA_GATTC_CancelOpen(0, p_bda, FALSE); 3451 /* remove all cached GATT information */ 3452 BTA_GATTC_Refresh(p_bda); 3453 #endif 3454 } 3455 3456 bdcpy(conn.link_down.bd_addr, p_bda); 3457 conn.link_down.status = (UINT8) btm_get_acl_disc_reason_code(); 3458 if( bta_dm_cb.p_sec_cback ) 3459 { 3460 bta_dm_cb.p_sec_cback(BTA_DM_LINK_DOWN_EVT, &conn); 3461 if( issue_unpair_cb ) 3462 bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &conn); 3463 } 3464 } 3465 3466 bta_dm_adjust_roles(TRUE); 3467 } 3468 3469 /******************************************************************************* 3470 ** 3471 ** Function bta_dm_disable_conn_down_timer_cback 3472 ** 3473 ** Description Sends disable event to application 3474 ** 3475 ** 3476 ** Returns void 3477 ** 3478 *******************************************************************************/ 3479 static void bta_dm_disable_conn_down_timer_cback (TIMER_LIST_ENT *p_tle) 3480 { 3481 UNUSED(p_tle); 3482 tBTA_SYS_HW_MSG *sys_enable_event; 3483 3484 /* disable the power managment module */ 3485 bta_dm_disable_pm(); 3486 3487 /* register our callback to SYS HW manager */ 3488 bta_sys_hw_register( BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback ); 3489 3490 /* send a message to BTA SYS */ 3491 if ((sys_enable_event = (tBTA_SYS_HW_MSG *) GKI_getbuf(sizeof(tBTA_SYS_HW_MSG))) != NULL) 3492 { 3493 sys_enable_event->hdr.event = BTA_SYS_API_DISABLE_EVT; 3494 sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH; 3495 bta_sys_sendmsg(sys_enable_event); 3496 } 3497 3498 bta_dm_cb.disabling = FALSE; 3499 3500 } 3501 3502 /******************************************************************************* 3503 ** 3504 ** Function bta_dm_rm_cback 3505 ** 3506 ** Description Role management callback from sys 3507 ** 3508 ** 3509 ** Returns void 3510 ** 3511 *******************************************************************************/ 3512 static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr) 3513 { 3514 3515 UINT8 j; 3516 tBTA_PREF_ROLES role; 3517 tBTA_DM_PEER_DEVICE *p_dev; 3518 3519 p_dev = bta_dm_find_peer_device(peer_addr); 3520 if( status == BTA_SYS_CONN_OPEN) 3521 { 3522 if(p_dev) 3523 { 3524 /* Do not set to connected if we are in the middle of unpairing. When AV stream is 3525 * started it fakes out a SYS_CONN_OPEN to potentially trigger a role switch command. 3526 * But this should not be done if we are in the middle of unpairing. 3527 */ 3528 if (p_dev->conn_state != BTA_DM_UNPAIRING) 3529 p_dev->conn_state = BTA_DM_CONNECTED; 3530 3531 for(j=1; j<= p_bta_dm_rm_cfg[0].app_id; j++) 3532 { 3533 if(((p_bta_dm_rm_cfg[j].app_id == app_id) || (p_bta_dm_rm_cfg[j].app_id == BTA_ALL_APP_ID)) 3534 && (p_bta_dm_rm_cfg[j].id == id)) 3535 { 3536 role = p_bta_dm_rm_cfg[j].cfg; 3537 3538 if(role > p_dev->pref_role ) 3539 p_dev->pref_role = role; 3540 break; 3541 } 3542 } 3543 } 3544 } 3545 3546 if((BTA_ID_AV == id)||(BTA_ID_AVK ==id)) 3547 { 3548 if( status == BTA_SYS_CONN_BUSY) 3549 { 3550 if(p_dev) 3551 p_dev->info |= BTA_DM_DI_AV_ACTIVE; 3552 /* AV calls bta_sys_conn_open with the A2DP stream count as app_id */ 3553 if(BTA_ID_AV == id) 3554 bta_dm_cb.cur_av_count = bta_dm_get_av_count(); 3555 } 3556 else if( status == BTA_SYS_CONN_IDLE) 3557 { 3558 if(p_dev) 3559 p_dev->info &= ~BTA_DM_DI_AV_ACTIVE; 3560 3561 /* get cur_av_count from connected services */ 3562 if(BTA_ID_AV == id) 3563 bta_dm_cb.cur_av_count = bta_dm_get_av_count(); 3564 } 3565 APPL_TRACE_WARNING("bta_dm_rm_cback:%d, status:%d", bta_dm_cb.cur_av_count, status); 3566 } 3567 3568 bta_dm_adjust_roles(FALSE); 3569 } 3570 3571 /******************************************************************************* 3572 ** 3573 ** Function bta_dm_delay_role_switch_cback 3574 ** 3575 ** Description Callback from btm to delay a role switch 3576 ** 3577 ** Returns void 3578 ** 3579 *******************************************************************************/ 3580 static void bta_dm_delay_role_switch_cback(TIMER_LIST_ENT *p_tle) 3581 { 3582 UNUSED(p_tle); 3583 APPL_TRACE_EVENT("bta_dm_delay_role_switch_cback: initiating Delayed RS"); 3584 bta_dm_adjust_roles (FALSE); 3585 } 3586 3587 /******************************************************************************* 3588 ** 3589 ** Function bta_dm_remove_sec_dev_entry 3590 ** 3591 ** Description Removes device entry from Security device DB if ACL connection with 3592 ** remtoe device does not exist, else schedule for dev entry removal upon 3593 ACL close 3594 ** 3595 ** Returns void 3596 ** 3597 *******************************************************************************/ 3598 static void bta_dm_remove_sec_dev_entry(BD_ADDR remote_bd_addr) 3599 { 3600 UINT16 index = 0; 3601 if ( BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_LE) || 3602 BTM_IsAclConnectionUp(remote_bd_addr, BT_TRANSPORT_BR_EDR)) 3603 { 3604 APPL_TRACE_DEBUG("%s ACL is not down. Schedule for Dev Removal when ACL closes", 3605 __FUNCTION__); 3606 for (index = 0; index < bta_dm_cb.device_list.count; index ++) 3607 { 3608 if (!bdcmp( bta_dm_cb.device_list.peer_device[index].peer_bdaddr, remote_bd_addr)) 3609 break; 3610 } 3611 if (index != bta_dm_cb.device_list.count) 3612 { 3613 bta_dm_cb.device_list.peer_device[index].remove_dev_pending = TRUE; 3614 } 3615 else 3616 { 3617 APPL_TRACE_ERROR(" %s Device does not exist in DB", __FUNCTION__); 3618 } 3619 } 3620 else 3621 { 3622 BTM_SecDeleteDevice (remote_bd_addr); 3623 #if (BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE) 3624 /* need to remove all pending background connection */ 3625 BTA_GATTC_CancelOpen(0, remote_bd_addr, FALSE); 3626 /* remove all cached GATT information */ 3627 BTA_GATTC_Refresh(remote_bd_addr); 3628 #endif 3629 } 3630 } 3631 3632 3633 /******************************************************************************* 3634 ** 3635 ** Function bta_dm_adjust_roles 3636 ** 3637 ** Description Adjust roles 3638 ** 3639 ** 3640 ** Returns void 3641 ** 3642 *******************************************************************************/ 3643 static void bta_dm_adjust_roles(BOOLEAN delay_role_switch) 3644 { 3645 3646 UINT8 i; 3647 BOOLEAN set_master_role = FALSE; 3648 #if BLE_INCLUDED == TRUE 3649 UINT8 br_count = bta_dm_cb.device_list.count - bta_dm_cb.device_list.le_count; 3650 #else 3651 UINT8 br_count = bta_dm_cb.device_list.count; 3652 #endif 3653 if (br_count) 3654 { 3655 3656 /* the configuration is no scatternet 3657 * or AV connection exists and there are more than one ACL link */ 3658 if ( (p_bta_dm_rm_cfg[0].cfg == BTA_DM_NO_SCATTERNET) || 3659 (bta_dm_cb.cur_av_count && br_count > 1) ) 3660 { 3661 3662 L2CA_SetDesireRole (HCI_ROLE_MASTER); 3663 set_master_role = TRUE; 3664 3665 } 3666 3667 for(i=0; i<bta_dm_cb.device_list.count; i++) 3668 { 3669 if (bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED 3670 #if BLE_INCLUDED == TRUE 3671 && bta_dm_cb.device_list.peer_device[i].transport == BT_TRANSPORT_BR_EDR 3672 #endif 3673 ) 3674 { 3675 if(!set_master_role && (bta_dm_cb.device_list.peer_device[i].pref_role != BTA_ANY_ROLE) 3676 && (p_bta_dm_rm_cfg[0].cfg == BTA_DM_PARTIAL_SCATTERNET)) 3677 { 3678 L2CA_SetDesireRole (HCI_ROLE_MASTER); 3679 set_master_role = TRUE; 3680 } 3681 3682 if((bta_dm_cb.device_list.peer_device[i].pref_role == BTA_MASTER_ROLE_ONLY) 3683 || (bta_dm_cb.device_list.count > 1)) 3684 { 3685 3686 /* Initiating immediate role switch with certain remote devices 3687 has caused issues due to role switch colliding with link encryption setup and 3688 causing encryption (and in turn the link) to fail . These device . Firmware 3689 versions are stored in a blacklist and role switch with these devices are 3690 delayed to avoid the collision with link encryption setup */ 3691 3692 if (delay_role_switch == FALSE) 3693 { 3694 BTM_SwitchRole (bta_dm_cb.device_list.peer_device[i].peer_bdaddr, 3695 HCI_ROLE_MASTER, NULL); 3696 } 3697 else 3698 { 3699 bta_dm_cb.switch_delay_timer.p_cback = 3700 (TIMER_CBACK*)&bta_dm_delay_role_switch_cback; 3701 bta_sys_start_timer(&bta_dm_cb.switch_delay_timer, 0, 500); 3702 } 3703 } 3704 3705 } 3706 } 3707 3708 3709 if(!set_master_role) 3710 { 3711 3712 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE); 3713 3714 } 3715 3716 } 3717 else 3718 { 3719 L2CA_SetDesireRole (L2CAP_DESIRED_LINK_ROLE); 3720 } 3721 3722 3723 } 3724 3725 /******************************************************************************* 3726 ** 3727 ** Function bta_dm_get_remname 3728 ** 3729 ** Description Returns a pointer to the remote name stored in the DM control 3730 ** block if it exists, or from the BTM memory. 3731 ** 3732 ** Returns char * - Pointer to the remote device name 3733 *******************************************************************************/ 3734 static char *bta_dm_get_remname(void) 3735 { 3736 char *p_name = (char *)bta_dm_search_cb.peer_name; 3737 char *p_temp; 3738 3739 /* If the name isn't already stored, try retrieving from BTM */ 3740 if (*p_name == '\0') 3741 if ((p_temp = BTM_SecReadDevName(bta_dm_search_cb.peer_bdaddr)) != NULL) 3742 p_name = p_temp; 3743 3744 return p_name; 3745 } 3746 3747 /******************************************************************************* 3748 ** 3749 ** Function bta_dm_bond_cancel_complete_cback 3750 ** 3751 ** Description Authentication complete callback from BTM 3752 ** 3753 ** Returns void 3754 ** 3755 *******************************************************************************/ 3756 static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result) 3757 { 3758 3759 tBTA_DM_SEC sec_event; 3760 3761 if (result == BTM_SUCCESS) 3762 sec_event.bond_cancel_cmpl.result = BTA_SUCCESS; 3763 else 3764 sec_event.bond_cancel_cmpl.result = BTA_FAILURE; 3765 3766 if(bta_dm_cb.p_sec_cback) 3767 { 3768 bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event); 3769 } 3770 } 3771 3772 /******************************************************************************* 3773 ** 3774 ** Function bta_dm_set_eir 3775 ** 3776 ** Description This function creates EIR tagged data and writes it to controller. 3777 ** 3778 ** Returns None 3779 ** 3780 *******************************************************************************/ 3781 static void bta_dm_set_eir (char *local_name) 3782 { 3783 BT_HDR *p_buf; 3784 UINT8 *p; 3785 UINT8 *p_length; 3786 #if (BTA_EIR_CANNED_UUID_LIST != TRUE) 3787 UINT8 *p_type; 3788 UINT8 max_num_uuid; 3789 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 3790 UINT8 custom_uuid_idx; 3791 #endif // BTA_EIR_SERVER_NUM_CUSTOM_UUID 3792 #endif // BTA_EIR_CANNED_UUID_LIST 3793 #if (BTM_EIR_DEFAULT_FEC_REQUIRED == FALSE) 3794 UINT8 free_eir_length = HCI_EXT_INQ_RESPONSE_LEN; 3795 #else // BTM_EIR_DEFAULT_FEC_REQUIRED 3796 UINT8 free_eir_length = HCI_DM5_PACKET_SIZE; 3797 #endif // BTM_EIR_DEFAULT_FEC_REQUIRED 3798 UINT8 num_uuid; 3799 UINT8 data_type; 3800 UINT8 local_name_len; 3801 3802 /* wait until complete to disable */ 3803 if (bta_dm_cb.disable_timer.in_use) 3804 return; 3805 3806 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE ) 3807 /* wait until App is ready */ 3808 if (bta_dm_cb.app_ready_timer.in_use) 3809 return; 3810 3811 /* if local name is not provided, get it from controller */ 3812 if( local_name == NULL ) 3813 { 3814 if( BTM_ReadLocalDeviceName( &local_name ) != BTM_SUCCESS ) 3815 { 3816 APPL_TRACE_ERROR("Fail to read local device name for EIR"); 3817 } 3818 } 3819 #endif // BTA_EIR_CANNED_UUID_LIST 3820 3821 /* Allocate a buffer to hold HCI command */ 3822 if ((p_buf = (BT_HDR *)GKI_getpoolbuf(BTM_CMD_POOL_ID)) == NULL) 3823 { 3824 APPL_TRACE_ERROR("bta_dm_set_eir couldn't allocate buffer"); 3825 return; 3826 } 3827 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; 3828 3829 memset(p, 0x00, HCI_EXT_INQ_RESPONSE_LEN ); 3830 3831 APPL_TRACE_DEBUG("BTA is generating EIR"); 3832 3833 if( local_name ) 3834 local_name_len = strlen( local_name ); 3835 else 3836 local_name_len = 0; 3837 3838 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE; 3839 /* if local name is longer than minimum length of shortened name */ 3840 /* check whether it needs to be shortened or not */ 3841 if( local_name_len > p_bta_dm_eir_cfg->bta_dm_eir_min_name_len ) 3842 { 3843 /* get number of UUID 16-bit list */ 3844 #if (BTA_EIR_CANNED_UUID_LIST == TRUE) 3845 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len/LEN_UUID_16; 3846 #else // BTA_EIR_CANNED_UUID_LIST 3847 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16; 3848 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, 3849 max_num_uuid, &num_uuid ); 3850 p = (UINT8 *)p_buf + BTM_HCI_EIR_OFFSET; /* reset p */ 3851 #endif // BTA_EIR_CANNED_UUID_LIST 3852 3853 /* if UUID doesn't fit remaing space, shorten local name */ 3854 if ( local_name_len > (free_eir_length - 4 - num_uuid*LEN_UUID_16)) 3855 { 3856 APPL_TRACE_WARNING("BTA EIR: local name is shortened"); 3857 local_name_len = p_bta_dm_eir_cfg->bta_dm_eir_min_name_len; 3858 data_type = BTM_EIR_SHORTENED_LOCAL_NAME_TYPE; 3859 } 3860 else 3861 data_type = BTM_EIR_COMPLETE_LOCAL_NAME_TYPE; 3862 } 3863 3864 UINT8_TO_STREAM(p, local_name_len + 1); 3865 UINT8_TO_STREAM(p, data_type); 3866 3867 if (local_name != NULL) 3868 { 3869 memcpy(p, local_name, local_name_len); 3870 p += local_name_len; 3871 } 3872 free_eir_length -= local_name_len + 2; 3873 3874 #if (BTA_EIR_CANNED_UUID_LIST == TRUE) 3875 /* if UUID list is provided as static data in configuration */ 3876 if(( p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len > 0 ) 3877 &&(p_bta_dm_eir_cfg->bta_dm_eir_uuid16)) 3878 { 3879 if( free_eir_length > LEN_UUID_16 + 2) 3880 { 3881 free_eir_length -= 2; 3882 3883 if( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len) 3884 { 3885 num_uuid = p_bta_dm_eir_cfg->bta_dm_eir_uuid16_len / LEN_UUID_16; 3886 data_type = BTM_EIR_COMPLETE_16BITS_UUID_TYPE; 3887 } 3888 else /* not enough room for all UUIDs */ 3889 { 3890 APPL_TRACE_WARNING("BTA EIR: UUID 16-bit list is truncated"); 3891 num_uuid = free_eir_length / LEN_UUID_16; 3892 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE; 3893 } 3894 UINT8_TO_STREAM(p, num_uuid * LEN_UUID_16 + 1); 3895 UINT8_TO_STREAM(p, data_type); 3896 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_uuid16, num_uuid * LEN_UUID_16 ); 3897 p += num_uuid * LEN_UUID_16; 3898 free_eir_length -= num_uuid * LEN_UUID_16; 3899 } 3900 } 3901 #else /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */ 3902 /* if UUID list is dynamic */ 3903 if ( free_eir_length >= 2) 3904 { 3905 p_length = p++; 3906 p_type = p++; 3907 num_uuid = 0; 3908 3909 max_num_uuid = (free_eir_length - 2)/LEN_UUID_16; 3910 data_type = BTM_GetEirSupportedServices( bta_dm_cb.eir_uuid, &p, max_num_uuid, &num_uuid ); 3911 3912 if( data_type == BTM_EIR_MORE_16BITS_UUID_TYPE ) 3913 { 3914 APPL_TRACE_WARNING("BTA EIR: UUID 16-bit list is truncated"); 3915 } 3916 #if (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 3917 else 3918 { 3919 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++) 3920 { 3921 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_16) 3922 { 3923 if ( num_uuid < max_num_uuid ) 3924 { 3925 UINT16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid16); 3926 num_uuid++; 3927 } 3928 else 3929 { 3930 data_type = BTM_EIR_MORE_16BITS_UUID_TYPE; 3931 APPL_TRACE_WARNING("BTA EIR: UUID 16-bit list is truncated"); 3932 break; 3933 } 3934 } 3935 } 3936 } 3937 #endif /* (BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */ 3938 3939 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_16 + 1); 3940 UINT8_TO_STREAM(p_type, data_type); 3941 free_eir_length -= num_uuid * LEN_UUID_16 + 2; 3942 } 3943 #endif /* (BTA_EIR_CANNED_UUID_LIST == TRUE) */ 3944 3945 #if ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) 3946 /* Adding 32-bit UUID list */ 3947 if ( free_eir_length >= 2) 3948 { 3949 p_length = p++; 3950 p_type = p++; 3951 num_uuid = 0; 3952 data_type = BTM_EIR_COMPLETE_32BITS_UUID_TYPE; 3953 3954 max_num_uuid = (free_eir_length - 2)/LEN_UUID_32; 3955 3956 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++) 3957 { 3958 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_32) 3959 { 3960 if ( num_uuid < max_num_uuid ) 3961 { 3962 UINT32_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid32); 3963 num_uuid++; 3964 } 3965 else 3966 { 3967 data_type = BTM_EIR_MORE_32BITS_UUID_TYPE; 3968 APPL_TRACE_WARNING("BTA EIR: UUID 32-bit list is truncated"); 3969 break; 3970 } 3971 } 3972 } 3973 3974 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_32 + 1); 3975 UINT8_TO_STREAM(p_type, data_type); 3976 free_eir_length -= num_uuid * LEN_UUID_32 + 2; 3977 } 3978 3979 /* Adding 128-bit UUID list */ 3980 if ( free_eir_length >= 2) 3981 { 3982 p_length = p++; 3983 p_type = p++; 3984 num_uuid = 0; 3985 data_type = BTM_EIR_COMPLETE_128BITS_UUID_TYPE; 3986 3987 max_num_uuid = (free_eir_length - 2)/LEN_UUID_128; 3988 3989 for (custom_uuid_idx = 0; custom_uuid_idx < BTA_EIR_SERVER_NUM_CUSTOM_UUID; custom_uuid_idx++) 3990 { 3991 if (bta_dm_cb.custom_uuid[custom_uuid_idx].len == LEN_UUID_128) 3992 { 3993 if ( num_uuid < max_num_uuid ) 3994 { 3995 ARRAY16_TO_STREAM(p, bta_dm_cb.custom_uuid[custom_uuid_idx].uu.uuid128); 3996 num_uuid++; 3997 } 3998 else 3999 { 4000 data_type = BTM_EIR_MORE_128BITS_UUID_TYPE; 4001 APPL_TRACE_WARNING("BTA EIR: UUID 128-bit list is truncated"); 4002 break; 4003 } 4004 } 4005 } 4006 4007 UINT8_TO_STREAM(p_length, num_uuid * LEN_UUID_128 + 1); 4008 UINT8_TO_STREAM(p_type, data_type); 4009 free_eir_length -= num_uuid * LEN_UUID_128 + 2; 4010 } 4011 #endif /* ( BTA_EIR_CANNED_UUID_LIST != TRUE )&&(BTA_EIR_SERVER_NUM_CUSTOM_UUID > 0) */ 4012 4013 /* if Flags are provided in configuration */ 4014 if(( p_bta_dm_eir_cfg->bta_dm_eir_flag_len > 0 ) 4015 &&( p_bta_dm_eir_cfg->bta_dm_eir_flags ) 4016 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2 )) 4017 { 4018 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 1); 4019 UINT8_TO_STREAM(p, BTM_EIR_FLAGS_TYPE); 4020 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_flags, 4021 p_bta_dm_eir_cfg->bta_dm_eir_flag_len); 4022 p += p_bta_dm_eir_cfg->bta_dm_eir_flag_len; 4023 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_flag_len + 2; 4024 } 4025 4026 /* if Manufacturer Specific are provided in configuration */ 4027 if(( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len > 0 ) 4028 &&( p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec ) 4029 &&( free_eir_length >= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2 )) 4030 { 4031 p_length = p; 4032 4033 UINT8_TO_STREAM(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 1); 4034 UINT8_TO_STREAM(p, BTM_EIR_MANUFACTURER_SPECIFIC_TYPE); 4035 memcpy(p, p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec, 4036 p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len); 4037 p += p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len; 4038 free_eir_length -= p_bta_dm_eir_cfg->bta_dm_eir_manufac_spec_len + 2; 4039 4040 } 4041 else 4042 { 4043 p_length = NULL; 4044 } 4045 4046 /* if Inquiry Tx Resp Power compiled */ 4047 if ((p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power) && 4048 (free_eir_length >= 3)) 4049 { 4050 UINT8_TO_STREAM(p, 2); /* Length field */ 4051 UINT8_TO_STREAM(p, BTM_EIR_TX_POWER_LEVEL_TYPE); 4052 UINT8_TO_STREAM(p, *(p_bta_dm_eir_cfg->bta_dm_eir_inq_tx_power)); 4053 free_eir_length -= 3; 4054 } 4055 4056 if( free_eir_length ) 4057 UINT8_TO_STREAM(p, 0); /* terminator of significant part */ 4058 4059 BTM_WriteEIR( p_buf ); 4060 4061 } 4062 4063 /******************************************************************************* 4064 ** 4065 ** Function bta_dm_eir_search_services 4066 ** 4067 ** Description This function searches services in received EIR 4068 ** 4069 ** Returns None 4070 ** 4071 *******************************************************************************/ 4072 static void bta_dm_eir_search_services( tBTM_INQ_RESULTS *p_result, 4073 tBTA_SERVICE_MASK *p_services_to_search, 4074 tBTA_SERVICE_MASK *p_services_found) 4075 { 4076 tBTA_SERVICE_MASK service_index = 0; 4077 tBTM_EIR_SEARCH_RESULT result; 4078 4079 APPL_TRACE_DEBUG("BTA searching services in EIR of BDA:0x%02X%02X%02X%02X%02X%02X", 4080 p_result->remote_bd_addr[0],p_result->remote_bd_addr[1], 4081 p_result->remote_bd_addr[2],p_result->remote_bd_addr[3], 4082 p_result->remote_bd_addr[4],p_result->remote_bd_addr[5]); 4083 4084 APPL_TRACE_DEBUG(" with services_to_search=0x%08X", *p_services_to_search); 4085 4086 #if BLE_INCLUDED == TRUE && BTA_GATT_INCLUDED == TRUE 4087 /* always do GATT based service discovery by SDP instead of from EIR */ 4088 /* if GATT based service is also to be put in EIR, need to modify this */ 4089 while (service_index < (BTA_MAX_SERVICE_ID - 1)) 4090 #else 4091 while(service_index < BTA_MAX_SERVICE_ID) 4092 #endif 4093 { 4094 if( *p_services_to_search 4095 & (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index))) 4096 { 4097 result = BTM_HasInquiryEirService( p_result, 4098 bta_service_id_to_uuid_lkup_tbl[service_index] ); 4099 4100 /* Searching for HSP v1.2 only device */ 4101 if ((result != BTM_EIR_FOUND) && 4102 (bta_service_id_to_uuid_lkup_tbl[service_index] == UUID_SERVCLASS_HEADSET)) 4103 { 4104 result = BTM_HasInquiryEirService (p_result, UUID_SERVCLASS_HEADSET_HS); 4105 } 4106 4107 if( result == BTM_EIR_FOUND ) 4108 { 4109 /* If Plug and Play service record, need to check to see if Broadcom stack */ 4110 /* However, EIR data doesn't have EXT_BRCM_VERSION so just skip it */ 4111 if( bta_service_id_to_uuid_lkup_tbl[service_index] 4112 != UUID_SERVCLASS_PNP_INFORMATION ) 4113 { 4114 4115 *p_services_found |= 4116 (tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index)); 4117 /* remove the service from services to be searched */ 4118 *p_services_to_search &= 4119 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index))); 4120 } 4121 } 4122 else if( result == BTM_EIR_NOT_FOUND ) 4123 { 4124 /* remove the service from services to be searched */ 4125 *p_services_to_search &= 4126 (tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(service_index))); 4127 } 4128 } 4129 4130 service_index++; 4131 } 4132 4133 APPL_TRACE_ERROR("BTA EIR search result, services_to_search=0x%08X, services_found=0x%08X", 4134 *p_services_to_search, *p_services_found); 4135 } 4136 4137 #if (BTA_EIR_CANNED_UUID_LIST != TRUE) 4138 /******************************************************************************* 4139 ** 4140 ** Function bta_dm_eir_update_uuid 4141 ** 4142 ** Description This function adds or removes service UUID in EIR database. 4143 ** 4144 ** Returns None 4145 ** 4146 *******************************************************************************/ 4147 void bta_dm_eir_update_uuid(UINT16 uuid16, BOOLEAN adding) 4148 { 4149 /* if this UUID is not advertised in EIR */ 4150 if( !BTM_HasEirService( p_bta_dm_eir_cfg->uuid_mask, uuid16 )) 4151 return; 4152 4153 if( adding ) 4154 { 4155 APPL_TRACE_EVENT("Adding UUID=0x%04X into EIR", uuid16); 4156 4157 BTM_AddEirService( bta_dm_cb.eir_uuid, uuid16 ); 4158 } 4159 else 4160 { 4161 APPL_TRACE_EVENT("Removing UUID=0x%04X from EIR", uuid16); 4162 4163 BTM_RemoveEirService( bta_dm_cb.eir_uuid, uuid16 ); 4164 } 4165 4166 bta_dm_set_eir (NULL); 4167 4168 APPL_TRACE_EVENT("bta_dm_eir_update_uuid UUID bit mask=0x%08X %08X", 4169 bta_dm_cb.eir_uuid[1], bta_dm_cb.eir_uuid[0] ); 4170 } 4171 #endif 4172 4173 /******************************************************************************* 4174 ** 4175 ** Function bta_dm_enable_test_mode 4176 ** 4177 ** Description enable test mode 4178 ** 4179 ** 4180 ** Returns void 4181 ** 4182 *******************************************************************************/ 4183 void bta_dm_enable_test_mode(tBTA_DM_MSG *p_data) 4184 { 4185 UNUSED(p_data); 4186 BTM_EnableTestMode(); 4187 } 4188 4189 /******************************************************************************* 4190 ** 4191 ** Function bta_dm_disable_test_mode 4192 ** 4193 ** Description disable test mode 4194 ** 4195 ** 4196 ** Returns void 4197 ** 4198 *******************************************************************************/ 4199 void bta_dm_disable_test_mode(tBTA_DM_MSG *p_data) 4200 { 4201 UNUSED(p_data); 4202 BTM_DeviceReset(NULL); 4203 } 4204 4205 /******************************************************************************* 4206 ** 4207 ** Function bta_dm_execute_callback 4208 ** 4209 ** Description Just execute a generic call back in the context of the BTU/BTA tack 4210 ** 4211 ** 4212 ** Returns void 4213 ** 4214 *******************************************************************************/ 4215 void bta_dm_execute_callback(tBTA_DM_MSG *p_data) 4216 { 4217 /* sanity check */ 4218 if(p_data->exec_cback.p_exec_cback == NULL) 4219 { 4220 return; 4221 } 4222 4223 p_data->exec_cback.p_exec_cback(p_data->exec_cback.p_param); 4224 } 4225 4226 /******************************************************************************* 4227 ** 4228 ** Function bta_dm_encrypt_cback 4229 ** 4230 ** Description link encryption complete callback. 4231 ** 4232 ** Returns None 4233 ** 4234 *******************************************************************************/ 4235 void bta_dm_encrypt_cback(BD_ADDR bd_addr, tBT_TRANSPORT transport, void *p_ref_data, tBTM_STATUS result) 4236 { 4237 tBTA_STATUS bta_status = BTA_SUCCESS; 4238 tBTA_DM_ENCRYPT_CBACK *p_callback = NULL; 4239 UINT8 i ; 4240 UNUSED(p_ref_data); 4241 4242 for (i=0; i<bta_dm_cb.device_list.count; i++) 4243 { 4244 if (bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, bd_addr) == 0 && 4245 bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED) 4246 break; 4247 } 4248 4249 if (i < bta_dm_cb.device_list.count) 4250 { 4251 p_callback = bta_dm_cb.device_list.peer_device[i].p_encrypt_cback; 4252 bta_dm_cb.device_list.peer_device[i].p_encrypt_cback = NULL; 4253 } 4254 4255 switch (result) 4256 { 4257 case BTM_SUCCESS: 4258 break; 4259 case BTM_WRONG_MODE: 4260 bta_status = BTA_WRONG_MODE; 4261 break; 4262 case BTM_NO_RESOURCES: 4263 bta_status = BTA_NO_RESOURCES; 4264 break; 4265 case BTM_BUSY: 4266 bta_status = BTA_BUSY; 4267 break; 4268 default: 4269 bta_status = BTA_FAILURE; 4270 break; 4271 } 4272 4273 APPL_TRACE_DEBUG("bta_dm_encrypt_cback status =%d p_callback=0x%x", bta_status, p_callback); 4274 4275 if (p_callback) 4276 { 4277 (*p_callback)(bd_addr, transport, bta_status); 4278 } 4279 } 4280 4281 /******************************************************************************* 4282 ** 4283 ** Function bta_dm_set_encryption 4284 ** 4285 ** Description This function to encrypt the link 4286 ** 4287 ** Returns None 4288 ** 4289 *******************************************************************************/ 4290 void bta_dm_set_encryption (tBTA_DM_MSG *p_data) 4291 { 4292 UINT8 i ; 4293 4294 APPL_TRACE_DEBUG("bta_dm_set_encryption"); //todo 4295 if (!p_data->set_encryption.p_callback) 4296 { 4297 APPL_TRACE_ERROR("bta_dm_set_encryption callback is not provided"); 4298 return; 4299 } 4300 for (i=0; i<bta_dm_cb.device_list.count; i++) 4301 { 4302 if (bdcmp( bta_dm_cb.device_list.peer_device[i].peer_bdaddr, p_data->set_encryption.bd_addr) == 0 && 4303 bta_dm_cb.device_list.peer_device[i].conn_state == BTA_DM_CONNECTED) 4304 break; 4305 } 4306 if (i < bta_dm_cb.device_list.count) 4307 { 4308 if (bta_dm_cb.device_list.peer_device[i].p_encrypt_cback) 4309 { 4310 APPL_TRACE_ERROR("earlier enc was not done for same device"); 4311 (*p_data->set_encryption.p_callback)(p_data->set_encryption.bd_addr, 4312 p_data->set_encryption.transport, 4313 BTA_BUSY); 4314 return; 4315 } 4316 4317 if (BTM_SetEncryption(p_data->set_encryption.bd_addr, p_data->set_encryption.transport, 4318 bta_dm_encrypt_cback, &p_data->set_encryption.sec_act) 4319 == BTM_CMD_STARTED) 4320 { 4321 bta_dm_cb.device_list.peer_device[i].p_encrypt_cback = p_data->set_encryption.p_callback; 4322 } 4323 } 4324 } 4325 4326 #if (BLE_INCLUDED == TRUE) 4327 /******************************************************************************* 4328 ** 4329 ** Function bta_dm_observe_results_cb 4330 ** 4331 ** Description Callback for BLE Observe result 4332 ** 4333 ** 4334 ** Returns void 4335 ** 4336 *******************************************************************************/ 4337 static void bta_dm_observe_results_cb (tBTM_INQ_RESULTS *p_inq, UINT8 *p_eir) 4338 { 4339 ; 4340 tBTA_DM_SEARCH result; 4341 tBTM_INQ_INFO *p_inq_info; 4342 APPL_TRACE_DEBUG("bta_dm_observe_results_cb") 4343 4344 bdcpy(result.inq_res.bd_addr, p_inq->remote_bd_addr); 4345 result.inq_res.rssi = p_inq->rssi; 4346 result.inq_res.ble_addr_type = p_inq->ble_addr_type; 4347 result.inq_res.inq_result_type = p_inq->inq_result_type; 4348 result.inq_res.device_type = p_inq->device_type; 4349 result.inq_res.flag = p_inq->flag; 4350 4351 /* application will parse EIR to find out remote device name */ 4352 result.inq_res.p_eir = p_eir; 4353 4354 if((p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr)) != NULL) 4355 { 4356 /* initialize remt_name_not_required to FALSE so that we get the name by default */ 4357 result.inq_res.remt_name_not_required = FALSE; 4358 } 4359 4360 if(bta_dm_search_cb.p_scan_cback) 4361 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_RES_EVT, &result); 4362 4363 if(p_inq_info) 4364 { 4365 /* application indicates if it knows the remote name, inside the callback 4366 copy that to the inquiry data base*/ 4367 if(result.inq_res.remt_name_not_required) 4368 p_inq_info->appl_knows_rem_name = TRUE; 4369 } 4370 } 4371 4372 /******************************************************************************* 4373 ** 4374 ** Function bta_dm_observe_cmpl_cb 4375 ** 4376 ** Description Callback for BLE Observe complete 4377 ** 4378 ** 4379 ** Returns void 4380 ** 4381 *******************************************************************************/ 4382 static void bta_dm_observe_cmpl_cb (void * p_result) 4383 { 4384 tBTA_DM_SEARCH data; 4385 4386 APPL_TRACE_DEBUG("bta_dm_observe_cmpl_cb"); 4387 4388 data.inq_cmpl.num_resps = ((tBTM_INQUIRY_CMPL *)p_result)->num_resp; 4389 if (bta_dm_search_cb.p_scan_cback) 4390 { 4391 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data); 4392 } 4393 } 4394 4395 #if (SMP_INCLUDED == TRUE) 4396 /******************************************************************************* 4397 ** 4398 ** Function bta_dm_ble_smp_cback 4399 ** 4400 ** Description Callback for BLE SMP 4401 ** 4402 ** 4403 ** Returns void 4404 ** 4405 *******************************************************************************/ 4406 static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_DATA *p_data) 4407 { 4408 tBTM_STATUS status = BTM_SUCCESS; 4409 tBTA_DM_SEC sec_event; 4410 char *p_name = NULL; 4411 UINT8 i; 4412 tBT_DEVICE_TYPE dev_type; 4413 4414 if (!bta_dm_cb.p_sec_cback) 4415 return BTM_NOT_AUTHORIZED; 4416 4417 memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); 4418 switch (event) 4419 { 4420 case BTM_LE_IO_REQ_EVT: 4421 #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) 4422 4423 bta_dm_co_ble_io_req(bda, 4424 &p_data->io_req.io_cap, 4425 &p_data->io_req.oob_data, 4426 &p_data->io_req.auth_req, 4427 &p_data->io_req.max_key_size, 4428 &p_data->io_req.init_keys, 4429 &p_data->io_req.resp_keys); 4430 #endif 4431 #if BTM_OOB_INCLUDED == FALSE 4432 status = BTM_SUCCESS; 4433 #endif 4434 APPL_TRACE_EVENT("io mitm: %d oob_data:%d", p_data->io_req.auth_req, p_data->io_req.oob_data); 4435 4436 break; 4437 4438 case BTM_LE_SEC_REQUEST_EVT: 4439 bdcpy(sec_event.ble_req.bd_addr, bda); 4440 p_name = BTM_SecReadDevName(bda); 4441 if (p_name != NULL) 4442 { 4443 BCM_STRNCPY_S((char*)sec_event.ble_req.bd_name, 4444 sizeof(BD_NAME), p_name, (BD_NAME_LEN)); 4445 } 4446 else 4447 { 4448 sec_event.ble_req.bd_name[0] = 0; 4449 } 4450 sec_event.ble_req.bd_name[BD_NAME_LEN] = 0; 4451 bta_dm_cb.p_sec_cback(BTA_DM_BLE_SEC_REQ_EVT, &sec_event); 4452 break; 4453 4454 case BTM_LE_KEY_NOTIF_EVT: 4455 bdcpy(sec_event.key_notif.bd_addr, bda); 4456 p_name = BTM_SecReadDevName(bda); 4457 if (p_name != NULL) 4458 { 4459 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, 4460 sizeof(BD_NAME), p_name, (BD_NAME_LEN)); 4461 } 4462 else 4463 { 4464 sec_event.key_notif.bd_name[0] = 0; 4465 } 4466 sec_event.ble_req.bd_name[BD_NAME_LEN] = 0; 4467 sec_event.key_notif.passkey = p_data->key_notif; 4468 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_NOTIF_EVT, &sec_event); 4469 break; 4470 4471 case BTM_LE_KEY_REQ_EVT: 4472 bdcpy(sec_event.ble_req.bd_addr, bda); 4473 bta_dm_cb.p_sec_cback(BTA_DM_BLE_PASSKEY_REQ_EVT, &sec_event); 4474 break; 4475 4476 case BTM_LE_OOB_REQ_EVT: 4477 bdcpy(sec_event.ble_req.bd_addr, bda); 4478 bta_dm_cb.p_sec_cback(BTA_DM_BLE_OOB_REQ_EVT, &sec_event); 4479 break; 4480 4481 case BTM_LE_NC_REQ_EVT: 4482 bdcpy(sec_event.key_notif.bd_addr, bda); 4483 BCM_STRNCPY_S((char*)sec_event.key_notif.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN)); 4484 sec_event.ble_req.bd_name[BD_NAME_LEN] = 0; 4485 sec_event.key_notif.passkey = p_data->key_notif; 4486 bta_dm_cb.p_sec_cback(BTA_DM_BLE_NC_REQ_EVT, &sec_event); 4487 break; 4488 4489 case BTM_LE_KEY_EVT: 4490 bdcpy(sec_event.ble_key.bd_addr, bda); 4491 sec_event.ble_key.key_type = p_data->key.key_type; 4492 sec_event.ble_key.p_key_value = p_data->key.p_key_value; 4493 bta_dm_cb.p_sec_cback(BTA_DM_BLE_KEY_EVT, &sec_event); 4494 break; 4495 4496 case BTM_LE_COMPLT_EVT: 4497 bdcpy(sec_event.auth_cmpl.bd_addr, bda); 4498 #if BLE_INCLUDED == TRUE 4499 BTM_ReadDevInfo(bda, &sec_event.auth_cmpl.dev_type, &sec_event.auth_cmpl.addr_type); 4500 #endif 4501 p_name = BTM_SecReadDevName(bda); 4502 if (p_name != NULL) 4503 { 4504 BCM_STRNCPY_S((char*)sec_event.auth_cmpl.bd_name, 4505 sizeof(BD_NAME), p_name, (BD_NAME_LEN)); 4506 } 4507 else 4508 { 4509 sec_event.auth_cmpl.bd_name[0] = 0; 4510 } 4511 if (p_data->complt.reason != 0) 4512 { 4513 sec_event.auth_cmpl.fail_reason = BTA_DM_AUTH_CONVERT_SMP_CODE(((UINT8)p_data->complt.reason)); 4514 /* delete this device entry from Sec Dev DB */ 4515 bta_dm_remove_sec_dev_entry (bda); 4516 } 4517 else 4518 { 4519 sec_event.auth_cmpl.success = TRUE; 4520 if (!p_data->complt.smp_over_br) 4521 GATT_ConfigServiceChangeCCC(bda, TRUE, BT_TRANSPORT_LE); 4522 } 4523 4524 if (bta_dm_cb.p_sec_cback) 4525 { 4526 //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); 4527 bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event); 4528 } 4529 4530 break; 4531 4532 default: 4533 status = BTM_NOT_AUTHORIZED; 4534 break; 4535 } 4536 return status; 4537 } 4538 #endif /* SMP_INCLUDED == TRUE */ 4539 4540 /******************************************************************************* 4541 ** 4542 ** Function bta_dm_ble_id_key_cback 4543 ** 4544 ** Description Callback for BLE local ID keys 4545 ** 4546 ** 4547 ** Returns void 4548 ** 4549 *******************************************************************************/ 4550 static void bta_dm_ble_id_key_cback (UINT8 key_type, tBTM_BLE_LOCAL_KEYS *p_key) 4551 { 4552 UINT8 evt; 4553 tBTA_DM_SEC dm_key; 4554 4555 switch (key_type) 4556 { 4557 case BTM_BLE_KEY_TYPE_ID: 4558 case BTM_BLE_KEY_TYPE_ER: 4559 if (bta_dm_cb.p_sec_cback) 4560 { 4561 memcpy(&dm_key.ble_id_keys, p_key, sizeof(tBTM_BLE_LOCAL_KEYS)); 4562 4563 evt = (key_type == BTM_BLE_KEY_TYPE_ID) ? BTA_DM_BLE_LOCAL_IR_EVT :\ 4564 BTA_DM_BLE_LOCAL_ER_EVT; 4565 bta_dm_cb.p_sec_cback(evt, &dm_key); 4566 } 4567 break; 4568 4569 default: 4570 APPL_TRACE_DEBUG("Unknown key type %d", key_type); 4571 break; 4572 } 4573 return; 4574 4575 } 4576 4577 /******************************************************************************* 4578 ** 4579 ** Function bta_dm_add_blekey 4580 ** 4581 ** Description This function adds an BLE Key to an security database entry. 4582 ** This function shall only be called AFTER BTA_DmAddBleDevice has been called. 4583 ** It is normally called during host startup to restore all required information 4584 ** stored in the NVRAM. 4585 ** 4586 ** Parameters: 4587 ** 4588 *******************************************************************************/ 4589 void bta_dm_add_blekey (tBTA_DM_MSG *p_data) 4590 { 4591 if (!BTM_SecAddBleKey (p_data->add_ble_key.bd_addr, 4592 (tBTM_LE_KEY_VALUE *)&p_data->add_ble_key.blekey, 4593 p_data->add_ble_key.key_type)) 4594 { 4595 APPL_TRACE_ERROR ("BTA_DM: Error adding BLE Key for device %08x%04x", 4596 (p_data->add_ble_key.bd_addr[0]<<24)+(p_data->add_ble_key.bd_addr[1]<<16)+\ 4597 (p_data->add_ble_key.bd_addr[2]<<8)+p_data->add_ble_key.bd_addr[3], 4598 (p_data->add_ble_key.bd_addr[4]<<8)+p_data->add_ble_key.bd_addr[5]); 4599 } 4600 } 4601 4602 /******************************************************************************* 4603 ** 4604 ** Function bta_dm_add_ble_device 4605 ** 4606 ** Description This function adds an BLE device to an security database entry. 4607 ** It is normally called during host startup to restore all required information 4608 ** stored in the NVRAM. 4609 ** 4610 ** Parameters: 4611 ** 4612 *******************************************************************************/ 4613 void bta_dm_add_ble_device (tBTA_DM_MSG *p_data) 4614 { 4615 if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL, 4616 p_data->add_ble_device.dev_type , 4617 p_data->add_ble_device.addr_type)) 4618 { 4619 APPL_TRACE_ERROR ("BTA_DM: Error adding BLE Device for device %08x%04x", 4620 (p_data->add_ble_device.bd_addr[0]<<24)+(p_data->add_ble_device.bd_addr[1]<<16)+ \ 4621 (p_data->add_ble_device.bd_addr[2]<<8)+p_data->add_ble_device.bd_addr[3], 4622 (p_data->add_ble_device.bd_addr[4]<<8)+p_data->add_ble_device.bd_addr[5]); 4623 } 4624 } 4625 4626 /******************************************************************************* 4627 ** 4628 ** Function bta_dm_add_ble_device 4629 ** 4630 ** Description This function adds an BLE device to an security database entry. 4631 ** It is normally called during host startup to restore all required information 4632 ** stored in the NVRAM. 4633 ** 4634 ** Parameters: 4635 ** 4636 *******************************************************************************/ 4637 void bta_dm_ble_passkey_reply (tBTA_DM_MSG *p_data) 4638 { 4639 if (p_data->pin_reply.accept) 4640 { 4641 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_SUCCESS, p_data->ble_passkey_reply.passkey); 4642 } 4643 else 4644 { 4645 BTM_BlePasskeyReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED, p_data->ble_passkey_reply.passkey); 4646 } 4647 4648 } 4649 4650 /******************************************************************************* 4651 ** 4652 ** Function bta_dm_ble_confirm_reply 4653 ** 4654 ** Description This is response to SM numeric comparison request submitted 4655 ** to application. 4656 ** 4657 ** Parameters: 4658 ** 4659 *******************************************************************************/ 4660 void bta_dm_ble_confirm_reply (tBTA_DM_MSG *p_data) 4661 { 4662 if (p_data->confirm.accept) 4663 { 4664 BTM_BleConfirmReply(p_data->confirm.bd_addr, BTM_SUCCESS); 4665 } 4666 else 4667 { 4668 BTM_BleConfirmReply(p_data->ble_passkey_reply.bd_addr, BTM_NOT_AUTHORIZED); 4669 } 4670 } 4671 4672 /******************************************************************************* 4673 ** 4674 ** Function bta_dm_security_grant 4675 ** 4676 ** Description This function grant SMP security request access. 4677 ** 4678 ** Parameters: 4679 ** 4680 *******************************************************************************/ 4681 void bta_dm_security_grant (tBTA_DM_MSG *p_data) 4682 { 4683 BTM_SecurityGrant(p_data->ble_sec_grant.bd_addr, p_data->ble_sec_grant.res); 4684 } 4685 4686 /******************************************************************************* 4687 ** 4688 ** Function bta_dm_ble_set_bg_conn_type 4689 ** 4690 ** Description This function set the BLE background connection type 4691 ** 4692 ** Parameters: 4693 ** 4694 *******************************************************************************/ 4695 void bta_dm_ble_set_bg_conn_type (tBTA_DM_MSG *p_data) 4696 { 4697 BTM_BleSetBgConnType(p_data->ble_set_bd_conn_type.bg_conn_type, 4698 p_data->ble_set_bd_conn_type.p_select_cback); 4699 } 4700 4701 /******************************************************************************* 4702 ** 4703 ** Function bta_dm_ble_set_conn_params 4704 ** 4705 ** Description This function set the preferred connection parameters. 4706 ** 4707 ** Parameters: 4708 ** 4709 *******************************************************************************/ 4710 void bta_dm_ble_set_conn_params (tBTA_DM_MSG *p_data) 4711 { 4712 BTM_BleSetPrefConnParams(p_data->ble_set_conn_params.peer_bda, 4713 p_data->ble_set_conn_params.conn_int_min, 4714 p_data->ble_set_conn_params.conn_int_max, 4715 p_data->ble_set_conn_params.slave_latency, 4716 p_data->ble_set_conn_params.supervision_tout); 4717 } 4718 4719 /******************************************************************************* 4720 ** 4721 ** Function bta_dm_ble_set_conn_scan_params 4722 ** 4723 ** Description This function sets BLE scan parameters. 4724 ** 4725 ** Parameters: 4726 ** 4727 *******************************************************************************/ 4728 void bta_dm_ble_set_scan_params(tBTA_DM_MSG *p_data) 4729 { 4730 BTM_BleSetScanParams(p_data->ble_set_scan_params.client_if, 4731 p_data->ble_set_scan_params.scan_int, 4732 p_data->ble_set_scan_params.scan_window, 4733 p_data->ble_set_scan_params.scan_mode, 4734 p_data->ble_set_scan_params.scan_param_setup_cback); 4735 } 4736 4737 /******************************************************************************* 4738 ** 4739 ** Function bta_dm_ble_set_conn_scan_params 4740 ** 4741 ** Description This function set the preferred connection scan parameters. 4742 ** 4743 ** Parameters: 4744 ** 4745 *******************************************************************************/ 4746 void bta_dm_ble_set_conn_scan_params (tBTA_DM_MSG *p_data) 4747 { 4748 BTM_BleSetConnScanParams(p_data->ble_set_conn_scan_params.scan_int, 4749 p_data->ble_set_conn_scan_params.scan_window); 4750 } 4751 /******************************************************************************* 4752 ** 4753 ** Function bta_dm_ble_update_conn_params 4754 ** 4755 ** Description This function update LE connection parameters. 4756 ** 4757 ** Parameters: 4758 ** 4759 *******************************************************************************/ 4760 void bta_dm_ble_update_conn_params (tBTA_DM_MSG *p_data) 4761 { 4762 if (!L2CA_UpdateBleConnParams(p_data->ble_update_conn_params.bd_addr, 4763 p_data->ble_update_conn_params.min_int, 4764 p_data->ble_update_conn_params.max_int, 4765 p_data->ble_update_conn_params.latency, 4766 p_data->ble_update_conn_params.timeout)) 4767 { 4768 APPL_TRACE_ERROR("Update connection parameters failed!"); 4769 } 4770 } 4771 4772 #if BLE_PRIVACY_SPT == TRUE 4773 /******************************************************************************* 4774 ** 4775 ** Function bta_dm_ble_config_local_privacy 4776 ** 4777 ** Description This function set the local device LE privacy settings. 4778 ** 4779 ** Parameters: 4780 ** 4781 *******************************************************************************/ 4782 void bta_dm_ble_config_local_privacy (tBTA_DM_MSG *p_data) 4783 { 4784 BTM_BleConfigPrivacy (p_data->ble_local_privacy.privacy_enable); 4785 } 4786 #endif 4787 4788 /******************************************************************************* 4789 ** 4790 ** Function bta_dm_ble_observe 4791 ** 4792 ** Description This function set the preferred connection scan parameters. 4793 ** 4794 ** Parameters: 4795 ** 4796 *******************************************************************************/ 4797 void bta_dm_ble_observe (tBTA_DM_MSG *p_data) 4798 { 4799 tBTM_STATUS status; 4800 if (p_data->ble_observe.start) 4801 { 4802 /*Save the callback to be called when a scan results are available */ 4803 bta_dm_search_cb.p_scan_cback = p_data->ble_observe.p_cback; 4804 if ((status = BTM_BleObserve(TRUE, p_data->ble_observe.duration, 4805 bta_dm_observe_results_cb, bta_dm_observe_cmpl_cb))!= BTM_CMD_STARTED) 4806 { 4807 tBTA_DM_SEARCH data; 4808 APPL_TRACE_WARNING(" %s BTM_BleObserve failed. status %d",__FUNCTION__,status); 4809 data.inq_cmpl.num_resps = 0; 4810 if (bta_dm_search_cb.p_scan_cback) 4811 { 4812 bta_dm_search_cb.p_scan_cback(BTA_DM_INQ_CMPL_EVT, &data); 4813 } 4814 } 4815 } 4816 else 4817 { 4818 bta_dm_search_cb.p_scan_cback = NULL; 4819 BTM_BleObserve(FALSE, 0, NULL,NULL ); 4820 } 4821 } 4822 /******************************************************************************* 4823 ** 4824 ** Function bta_dm_ble_set_adv_params 4825 ** 4826 ** Description This function set the adv parameters. 4827 ** 4828 ** Parameters: 4829 ** 4830 *******************************************************************************/ 4831 void bta_dm_ble_set_adv_params (tBTA_DM_MSG *p_data) 4832 { 4833 BTM_BleSetAdvParams(p_data->ble_set_adv_params.adv_int_min, 4834 p_data->ble_set_adv_params.adv_int_max, 4835 p_data->ble_set_adv_params.p_dir_bda, 4836 BTA_DM_BLE_ADV_CHNL_MAP); 4837 } 4838 4839 /******************************************************************************* 4840 ** 4841 ** Function bta_dm_ble_set_adv_config 4842 ** 4843 ** Description This function set the customized ADV data configuration 4844 ** 4845 ** Parameters: 4846 ** 4847 *******************************************************************************/ 4848 void bta_dm_ble_set_adv_config (tBTA_DM_MSG *p_data) 4849 { 4850 tBTA_STATUS status = BTA_FAILURE; 4851 4852 if (BTM_BleWriteAdvData(p_data->ble_set_adv_data.data_mask, 4853 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg) == BTM_SUCCESS) 4854 { 4855 status = BTA_SUCCESS; 4856 } 4857 4858 if (p_data->ble_set_adv_data.p_adv_data_cback) 4859 (*p_data->ble_set_adv_data.p_adv_data_cback)(status); 4860 } 4861 4862 /******************************************************************************* 4863 ** 4864 ** Function bta_dm_ble_set_scan_rsp 4865 ** 4866 ** Description This function set the customized ADV scan resp. configuration 4867 ** 4868 ** Parameters: 4869 ** 4870 *******************************************************************************/ 4871 void bta_dm_ble_set_scan_rsp (tBTA_DM_MSG *p_data) 4872 { 4873 tBTA_STATUS status = BTA_FAILURE; 4874 4875 if(BTM_BleWriteScanRsp(p_data->ble_set_adv_data.data_mask, 4876 (tBTM_BLE_ADV_DATA *)p_data->ble_set_adv_data.p_adv_cfg) == BTM_SUCCESS) 4877 { 4878 status = BTA_SUCCESS; 4879 } 4880 4881 if (p_data->ble_set_adv_data.p_adv_data_cback) 4882 (*p_data->ble_set_adv_data.p_adv_data_cback)(status); 4883 } 4884 4885 /******************************************************************************* 4886 ** 4887 ** Function bta_dm_ble_set_data_length 4888 ** 4889 ** Description This function set the maximum transmission packet size 4890 ** 4891 ** Parameters 4892 ** 4893 *******************************************************************************/ 4894 void bta_dm_ble_set_data_length(tBTA_DM_MSG *p_data) 4895 { 4896 if (BTM_SetBleDataLength(p_data->ble_set_data_length.remote_bda, 4897 p_data->ble_set_data_length.tx_data_length) != BTM_SUCCESS) 4898 { 4899 APPL_TRACE_ERROR("%s failed", __FUNCTION__); 4900 } 4901 } 4902 4903 /******************************************************************************* 4904 ** 4905 ** Function bta_dm_ble_broadcast 4906 ** 4907 ** Description Starts or stops LE broadcasts 4908 ** 4909 ** Parameters: 4910 ** 4911 *******************************************************************************/ 4912 void bta_dm_ble_broadcast (tBTA_DM_MSG *p_data) 4913 { 4914 BTM_BleBroadcast(p_data->ble_observe.start); 4915 } 4916 4917 /******************************************************************************* 4918 ** 4919 ** Function bta_dm_ble_multi_adv_enb 4920 ** 4921 ** Description This function enables a single advertising instance 4922 ** 4923 ** Parameters: 4924 ** 4925 *******************************************************************************/ 4926 void bta_dm_ble_multi_adv_enb(tBTA_DM_MSG *p_data) 4927 { 4928 tBTM_STATUS btm_status = 0; 4929 4930 bta_dm_cb.p_multi_adv_cback = p_data->ble_multi_adv_enb.p_cback; 4931 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && NULL != p_data->ble_multi_adv_enb.p_ref) 4932 { 4933 btm_status = BTM_BleEnableAdvInstance((tBTM_BLE_ADV_PARAMS*) 4934 p_data->ble_multi_adv_enb.p_params, 4935 p_data->ble_multi_adv_enb.p_cback, 4936 p_data->ble_multi_adv_enb.p_ref); 4937 } 4938 4939 if(BTM_CMD_STARTED != btm_status) 4940 { 4941 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_ENB_EVT, 0xFF, 4942 p_data->ble_multi_adv_enb.p_ref, BTA_FAILURE); 4943 } 4944 } 4945 /******************************************************************************* 4946 ** 4947 ** Function bta_dm_ble_multi_adv_param_upd 4948 ** 4949 ** Description This function updates multiple advertising instance parameters 4950 ** 4951 ** Parameters: 4952 ** 4953 *******************************************************************************/ 4954 void bta_dm_ble_multi_adv_upd_param(tBTA_DM_MSG *p_data) 4955 { 4956 tBTM_STATUS btm_status = 0; 4957 void *p_ref = NULL; 4958 4959 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && p_data->ble_multi_adv_param.inst_id > 0 4960 && p_data->ble_multi_adv_param.inst_id < BTM_BleMaxMultiAdvInstanceCount()) 4961 { 4962 btm_status = BTM_BleUpdateAdvInstParam(p_data->ble_multi_adv_param.inst_id, 4963 (tBTM_BLE_ADV_PARAMS*)p_data->ble_multi_adv_param.p_params); 4964 } 4965 4966 if(BTM_CMD_STARTED != btm_status) 4967 { 4968 p_ref = btm_ble_multi_adv_get_ref(p_data->ble_multi_adv_param.inst_id); 4969 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_PARAM_EVT, 4970 p_data->ble_multi_adv_param.inst_id, p_ref, BTA_FAILURE); 4971 } 4972 } 4973 /******************************************************************************* 4974 ** 4975 ** Function bta_dm_ble_multi_adv_data 4976 ** 4977 ** Description This function write multiple advertising instance adv data 4978 ** or scan response data 4979 ** 4980 ** Parameters: 4981 ** 4982 *******************************************************************************/ 4983 void bta_dm_ble_multi_adv_data(tBTA_DM_MSG *p_data) 4984 { 4985 tBTM_STATUS btm_status = 0; 4986 void *p_ref = NULL; 4987 4988 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && p_data->ble_multi_adv_data.inst_id > 0 4989 && p_data->ble_multi_adv_data.inst_id < BTM_BleMaxMultiAdvInstanceCount()) 4990 { 4991 btm_status = BTM_BleCfgAdvInstData(p_data->ble_multi_adv_data.inst_id, 4992 p_data->ble_multi_adv_data.is_scan_rsp, 4993 p_data->ble_multi_adv_data.data_mask, 4994 (tBTM_BLE_ADV_DATA*)p_data->ble_multi_adv_data.p_data); 4995 } 4996 4997 if(BTM_CMD_STARTED != btm_status) 4998 { 4999 p_ref = btm_ble_multi_adv_get_ref(p_data->ble_multi_adv_data.inst_id); 5000 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_DATA_EVT, 5001 p_data->ble_multi_adv_data.inst_id, p_ref, BTA_FAILURE); 5002 } 5003 5004 } 5005 /******************************************************************************* 5006 ** 5007 ** Function btm_dm_ble_multi_adv_disable 5008 ** 5009 ** Description This function disable a single adv instance 5010 ** 5011 ** Parameters: 5012 ** 5013 *******************************************************************************/ 5014 void btm_dm_ble_multi_adv_disable(tBTA_DM_MSG *p_data) 5015 { 5016 tBTM_STATUS btm_status = 0; 5017 void *p_ref = NULL; 5018 5019 if(BTM_BleMaxMultiAdvInstanceCount() > 0 && p_data->ble_multi_adv_disable.inst_id > 0 5020 && p_data->ble_multi_adv_disable.inst_id < BTM_BleMaxMultiAdvInstanceCount()) 5021 { 5022 btm_status = BTM_BleDisableAdvInstance(p_data->ble_multi_adv_disable.inst_id); 5023 } 5024 5025 if(BTM_CMD_STARTED != btm_status) 5026 { 5027 p_ref = btm_ble_multi_adv_get_ref(p_data->ble_multi_adv_disable.inst_id); 5028 bta_dm_cb.p_multi_adv_cback(BTA_BLE_MULTI_ADV_DISABLE_EVT, 5029 p_data->ble_multi_adv_disable.inst_id, p_ref, BTA_FAILURE); 5030 } 5031 } 5032 5033 /******************************************************************************* 5034 ** 5035 ** Function bta_dm_ble_setup_storage 5036 ** 5037 ** Description This function configures up the storage parameters for ADV batch scanning 5038 ** 5039 ** Parameters: 5040 ** 5041 *******************************************************************************/ 5042 void bta_dm_ble_setup_storage (tBTA_DM_MSG *p_data) 5043 { 5044 tBTM_STATUS btm_status = 0; 5045 tBTM_BLE_VSC_CB cmn_ble_vsc_cb; 5046 5047 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb); 5048 5049 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg) 5050 { 5051 btm_status = BTM_BleSetStorageConfig(p_data->ble_set_storage.batch_scan_full_max, 5052 p_data->ble_set_storage.batch_scan_trunc_max, 5053 p_data->ble_set_storage.batch_scan_notify_threshold, 5054 p_data->ble_set_storage.p_setup_cback, 5055 p_data->ble_set_storage.p_thres_cback, 5056 p_data->ble_set_storage.p_read_rep_cback, 5057 p_data->ble_set_storage.ref_value); 5058 } 5059 5060 if(BTM_CMD_STARTED != btm_status) 5061 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_CFG_STRG_EVT, p_data->ble_set_storage.ref_value, 5062 btm_status); 5063 } 5064 5065 /******************************************************************************* 5066 ** 5067 ** Function bta_dm_ble_enable_batch_scan 5068 ** 5069 ** Description This function sets up the parameters and enables batch scan 5070 ** 5071 ** Parameters: 5072 ** 5073 *******************************************************************************/ 5074 void bta_dm_ble_enable_batch_scan (tBTA_DM_MSG *p_data) 5075 { 5076 tBTM_STATUS btm_status = 0; 5077 tBTM_BLE_VSC_CB cmn_ble_vsc_cb; 5078 5079 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb); 5080 5081 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg) 5082 { 5083 btm_status = BTM_BleEnableBatchScan(p_data->ble_enable_scan.scan_mode, 5084 p_data->ble_enable_scan.scan_int, 5085 p_data->ble_enable_scan.scan_window, 5086 p_data->ble_enable_scan.discard_rule, 5087 p_data->ble_enable_scan.addr_type, 5088 p_data->ble_enable_scan.ref_value); 5089 } 5090 5091 if(BTM_CMD_STARTED != btm_status) 5092 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_ENABLE_EVT, p_data->ble_enable_scan.ref_value, 5093 btm_status); 5094 } 5095 5096 /******************************************************************************* 5097 ** 5098 ** Function bta_dm_ble_disable_batch_scan 5099 ** 5100 ** Description This function disables the batch scan 5101 ** 5102 ** Parameters: 5103 ** 5104 *******************************************************************************/ 5105 void bta_dm_ble_disable_batch_scan (tBTA_DM_MSG *p_data) 5106 { 5107 UNUSED(p_data); 5108 tBTM_STATUS btm_status = 0; 5109 tBTM_BLE_VSC_CB cmn_ble_vsc_cb; 5110 5111 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb); 5112 5113 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg) 5114 { 5115 btm_status = BTM_BleDisableBatchScan(p_data->ble_disable_scan.ref_value); 5116 } 5117 5118 if(BTM_CMD_STARTED != btm_status) 5119 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_DISABLE_EVT, p_data->ble_enable_scan.ref_value, 5120 btm_status); 5121 } 5122 5123 /******************************************************************************* 5124 ** 5125 ** Function bta_dm_ble_read_scan_reports 5126 ** 5127 ** Description This function reads the batch scan reports 5128 ** 5129 ** Parameters: 5130 ** 5131 *******************************************************************************/ 5132 void bta_dm_ble_read_scan_reports(tBTA_DM_MSG *p_data) 5133 { 5134 tBTM_STATUS btm_status = 0; 5135 tBTM_BLE_VSC_CB cmn_ble_vsc_cb; 5136 5137 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb); 5138 5139 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg) 5140 { 5141 btm_status = BTM_BleReadScanReports(p_data->ble_read_reports.scan_type, 5142 p_data->ble_read_reports.ref_value); 5143 } 5144 5145 if(BTM_CMD_STARTED != btm_status) 5146 bta_ble_scan_setup_cb(BTM_BLE_BATCH_SCAN_READ_REPTS_EVT, p_data->ble_enable_scan.ref_value, 5147 btm_status); 5148 } 5149 5150 /******************************************************************************* 5151 ** 5152 ** Function bta_dm_ble_track_advertiser 5153 ** 5154 ** Description This function tracks the specific advertiser 5155 ** 5156 ** Parameters: 5157 ** 5158 *******************************************************************************/ 5159 void bta_dm_ble_track_advertiser(tBTA_DM_MSG *p_data) 5160 { 5161 tBTM_STATUS btm_status = 0; 5162 BD_ADDR bda; 5163 memset(&bda, 0 , sizeof(BD_ADDR)); 5164 tBTM_BLE_VSC_CB cmn_ble_vsc_cb; 5165 tBTA_DM_BLE_TRACK_ADV_DATA track_adv_data; 5166 5167 BTM_BleGetVendorCapabilities(&cmn_ble_vsc_cb); 5168 5169 if (0 != cmn_ble_vsc_cb.tot_scan_results_strg) 5170 { 5171 btm_status = BTM_BleTrackAdvertiser((tBTM_BLE_TRACK_ADV_CBACK *) 5172 p_data->ble_track_advert.p_track_adv_cback, 5173 p_data->ble_track_advert.ref_value); 5174 } 5175 5176 if(BTM_CMD_STARTED != btm_status) 5177 { 5178 memset(&track_adv_data, 0, sizeof(tBTA_DM_BLE_TRACK_ADV_DATA)); 5179 track_adv_data.advertiser_info_present = NO_ADV_INFO_PRESENT; /* Indicates failure */ 5180 track_adv_data.client_if = (UINT8)p_data->ble_track_advert.ref_value; 5181 p_data->ble_track_advert.p_track_adv_cback(&track_adv_data); 5182 } 5183 } 5184 5185 /******************************************************************************* 5186 ** 5187 ** Function bta_ble_scan_setup_cb 5188 ** 5189 ** Description Handle the setup callback from BTM layer and forward it to app layer 5190 ** 5191 ** Parameters: 5192 ** 5193 *******************************************************************************/ 5194 void bta_ble_scan_setup_cb(tBTM_BLE_BATCH_SCAN_EVT evt, tBTM_BLE_REF_VALUE ref_value, 5195 tBTM_STATUS status) 5196 { 5197 tBTA_BLE_BATCH_SCAN_EVT bta_evt = 0; 5198 5199 APPL_TRACE_DEBUG("bta_ble_scan_setup_cb : evt: %d, ref_value: %d, status:%d", evt, 5200 ref_value, status); 5201 5202 switch(evt) 5203 { 5204 case BTM_BLE_BATCH_SCAN_ENABLE_EVT: 5205 bta_evt = BTA_BLE_BATCH_SCAN_ENB_EVT; 5206 break; 5207 case BTM_BLE_BATCH_SCAN_CFG_STRG_EVT: 5208 bta_evt = BTA_BLE_BATCH_SCAN_CFG_STRG_EVT; 5209 break; 5210 case BTM_BLE_BATCH_SCAN_DISABLE_EVT: 5211 bta_evt = BTA_BLE_BATCH_SCAN_DIS_EVT; 5212 break; 5213 case BTM_BLE_BATCH_SCAN_PARAM_EVT: 5214 bta_evt = BTA_BLE_BATCH_SCAN_PARAM_EVT; 5215 break; 5216 default: 5217 break; 5218 } 5219 5220 if(NULL != bta_dm_cb.p_setup_cback) 5221 bta_dm_cb.p_setup_cback(bta_evt, ref_value, status); 5222 } 5223 5224 5225 #if BLE_ANDROID_CONTROLLER_SCAN_FILTER == TRUE 5226 /******************************************************************************* 5227 ** 5228 ** Function bta_ble_scan_pf_cmpl 5229 ** 5230 ** Description ADV payload filtering operation complete callback 5231 ** 5232 ** 5233 ** Returns TRUE if handled, otherwise FALSE. 5234 ** 5235 *******************************************************************************/ 5236 static void bta_ble_scan_cfg_cmpl(tBTM_BLE_PF_ACTION action, tBTM_BLE_SCAN_COND_OP cfg_op, 5237 tBTM_BLE_PF_AVBL_SPACE avbl_space, tBTM_STATUS status, 5238 tBTM_BLE_REF_VALUE ref_value) 5239 { 5240 tBTA_STATUS st = (status == BTM_SUCCESS) ? BTA_SUCCESS: BTA_FAILURE; 5241 5242 APPL_TRACE_DEBUG("bta_ble_scan_cfg_cmpl: %d, %d, %d, %d", action, cfg_op, avbl_space, status); 5243 5244 if(bta_dm_cb.p_scan_filt_cfg_cback) 5245 bta_dm_cb.p_scan_filt_cfg_cback(action, cfg_op, avbl_space, st, ref_value); 5246 } 5247 5248 /******************************************************************************* 5249 ** 5250 ** Function bta_dm_cfg_filter_cond 5251 ** 5252 ** Description This function configure adv payload filtering condition 5253 ** 5254 ** Parameters: 5255 ** 5256 *******************************************************************************/ 5257 void bta_dm_cfg_filter_cond (tBTA_DM_MSG *p_data) 5258 { 5259 tBTM_STATUS st = BTM_MODE_UNSUPPORTED; 5260 tBTA_STATUS status = BTA_FAILURE; 5261 5262 tBTM_BLE_VSC_CB cmn_vsc_cb; 5263 5264 APPL_TRACE_DEBUG("bta_dm_cfg_filter_cond"); 5265 BTM_BleGetVendorCapabilities(&cmn_vsc_cb); 5266 if(0 != cmn_vsc_cb.filter_support) 5267 { 5268 if ((st = BTM_BleCfgFilterCondition(p_data->ble_cfg_filter_cond.action, 5269 p_data->ble_cfg_filter_cond.cond_type, 5270 (tBTM_BLE_PF_FILT_INDEX)p_data->ble_cfg_filter_cond.filt_index, 5271 (tBTM_BLE_PF_COND_PARAM *)p_data->ble_cfg_filter_cond.p_cond_param, 5272 bta_ble_scan_cfg_cmpl, p_data->ble_cfg_filter_cond.ref_value)) 5273 == BTM_CMD_STARTED) 5274 { 5275 bta_dm_cb.p_scan_filt_cfg_cback = p_data->ble_cfg_filter_cond.p_filt_cfg_cback; 5276 return; 5277 } 5278 } 5279 5280 if (p_data->ble_cfg_filter_cond.p_filt_cfg_cback) 5281 p_data->ble_cfg_filter_cond.p_filt_cfg_cback(BTA_DM_BLE_PF_CONFIG_EVT, 5282 p_data->ble_cfg_filter_cond.cond_type, 0, status, 5283 p_data->ble_cfg_filter_cond.ref_value); 5284 return; 5285 } 5286 5287 /******************************************************************************* 5288 ** 5289 ** Function bta_dm_enable_scan_filter 5290 ** 5291 ** Description This function enable/disable adv payload filtering condition 5292 ** 5293 ** Parameters: 5294 ** 5295 *******************************************************************************/ 5296 void bta_dm_enable_scan_filter(tBTA_DM_MSG *p_data) 5297 { 5298 tBTM_STATUS st = BTM_MODE_UNSUPPORTED; 5299 tBTA_STATUS status = BTA_FAILURE; 5300 5301 tBTM_BLE_VSC_CB cmn_vsc_cb; 5302 APPL_TRACE_DEBUG("bta_dm_enable_scan_filter"); 5303 BTM_BleGetVendorCapabilities(&cmn_vsc_cb); 5304 5305 if(0 != cmn_vsc_cb.filter_support) 5306 { 5307 if((st = BTM_BleEnableDisableFilterFeature(p_data->ble_enable_scan_filt.action, 5308 p_data->ble_enable_scan_filt.p_filt_status_cback, 5309 (tBTM_BLE_REF_VALUE)p_data->ble_enable_scan_filt.ref_value)) == BTM_CMD_STARTED) 5310 bta_dm_cb.p_scan_filt_status_cback = p_data->ble_enable_scan_filt.p_filt_status_cback; 5311 return; 5312 } 5313 5314 if (p_data->ble_enable_scan_filt.p_filt_status_cback) 5315 p_data->ble_enable_scan_filt.p_filt_status_cback (BTA_DM_BLE_PF_ENABLE_EVT, 5316 p_data->ble_enable_scan_filt.ref_value, status); 5317 5318 } 5319 5320 /******************************************************************************* 5321 ** 5322 ** Function bta_dm_scan_filter_param_setup 5323 ** 5324 ** Description This function sets up scan filter params 5325 ** 5326 ** Parameters: 5327 ** 5328 *******************************************************************************/ 5329 void bta_dm_scan_filter_param_setup (tBTA_DM_MSG *p_data) 5330 { 5331 tBTM_STATUS st = BTM_MODE_UNSUPPORTED; 5332 tBTA_STATUS status = BTA_FAILURE; 5333 5334 tBTM_BLE_VSC_CB cmn_vsc_cb; 5335 5336 APPL_TRACE_DEBUG("bta_dm_scan_filter_param_setup"); 5337 BTM_BleGetVendorCapabilities(&cmn_vsc_cb); 5338 if(0 != cmn_vsc_cb.filter_support) 5339 { 5340 if ((st = BTM_BleAdvFilterParamSetup(p_data->ble_scan_filt_param_setup.action, 5341 p_data->ble_scan_filt_param_setup.filt_index, 5342 (tBTM_BLE_PF_FILT_PARAMS *)&p_data->ble_scan_filt_param_setup.filt_params, 5343 p_data->ble_scan_filt_param_setup.p_target, 5344 p_data->ble_scan_filt_param_setup.p_filt_param_cback, 5345 p_data->ble_scan_filt_param_setup.ref_value)) == BTM_CMD_STARTED) 5346 { 5347 bta_dm_cb.p_scan_filt_param_cback = p_data->ble_scan_filt_param_setup.p_filt_param_cback; 5348 return; 5349 } 5350 } 5351 5352 if (p_data->ble_scan_filt_param_setup.p_filt_param_cback) 5353 p_data->ble_scan_filt_param_setup.p_filt_param_cback (BTA_DM_BLE_PF_ENABLE_EVT, 0, 5354 p_data->ble_scan_filt_param_setup.ref_value, status); 5355 5356 return; 5357 } 5358 #endif 5359 5360 /******************************************************************************* 5361 ** 5362 ** Function bta_ble_enable_scan_cmpl 5363 ** 5364 ** Description ADV payload filtering enable / disable complete callback 5365 ** 5366 ** 5367 ** Returns None 5368 ** 5369 *******************************************************************************/ 5370 static void bta_ble_energy_info_cmpl(tBTM_BLE_TX_TIME_MS tx_time, 5371 tBTM_BLE_RX_TIME_MS rx_time, 5372 tBTM_BLE_IDLE_TIME_MS idle_time, 5373 tBTM_BLE_ENERGY_USED energy_used, 5374 tBTM_STATUS status) 5375 { 5376 tBTA_STATUS st = (status == BTM_SUCCESS) ? BTA_SUCCESS: BTA_FAILURE; 5377 tBTA_DM_CONTRL_STATE ctrl_state = 0; 5378 5379 if (BTA_SUCCESS == st) 5380 ctrl_state = bta_dm_pm_obtain_controller_state(); 5381 5382 if (bta_dm_cb.p_energy_info_cback) 5383 bta_dm_cb.p_energy_info_cback(tx_time, rx_time, idle_time, energy_used, ctrl_state, st); 5384 } 5385 5386 /******************************************************************************* 5387 ** 5388 ** Function bta_dm_ble_get_energy_info 5389 ** 5390 ** Description This function obtains the energy info 5391 ** 5392 ** Parameters: 5393 ** 5394 *******************************************************************************/ 5395 void bta_dm_ble_get_energy_info(tBTA_DM_MSG *p_data) 5396 { 5397 tBTM_STATUS btm_status = 0; 5398 5399 bta_dm_cb.p_energy_info_cback = p_data->ble_energy_info.p_energy_info_cback; 5400 btm_status = BTM_BleGetEnergyInfo(bta_ble_energy_info_cmpl); 5401 if (BTM_CMD_STARTED != btm_status) 5402 bta_ble_energy_info_cmpl(0, 0, 0, 0, btm_status); 5403 } 5404 5405 #if ((defined BTA_GATT_INCLUDED) && (BTA_GATT_INCLUDED == TRUE)) 5406 #ifndef BTA_DM_GATT_CLOSE_DELAY_TOUT 5407 #define BTA_DM_GATT_CLOSE_DELAY_TOUT 1000 5408 #endif 5409 5410 /******************************************************************************* 5411 ** 5412 ** Function bta_dm_gattc_register 5413 ** 5414 ** Description Register with GATTC in DM if BLE is needed. 5415 ** 5416 ** 5417 ** Returns void 5418 ** 5419 *******************************************************************************/ 5420 static void bta_dm_gattc_register(void) 5421 { 5422 tBT_UUID app_uuid = {LEN_UUID_128,{0}}; 5423 5424 if (bta_dm_search_cb.client_if == BTA_GATTS_INVALID_IF) 5425 { 5426 memset (&app_uuid.uu.uuid128, 0x87, LEN_UUID_128); 5427 BTA_GATTC_AppRegister(&app_uuid, bta_dm_gattc_callback); 5428 } 5429 } 5430 5431 /******************************************************************************* 5432 ** 5433 ** Function btm_dm_start_disc_gatt_services 5434 ** 5435 ** Description This function starts a GATT service search request. 5436 ** 5437 ** Parameters: 5438 ** 5439 *******************************************************************************/ 5440 static void btm_dm_start_disc_gatt_services (UINT16 conn_id) 5441 { 5442 tBT_UUID *p_uuid = bta_dm_search_cb.p_srvc_uuid + 5443 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search; 5444 5445 p_uuid = bta_dm_search_cb.p_srvc_uuid + 5446 bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search; 5447 5448 /* always search for all services */ 5449 BTA_GATTC_ServiceSearchRequest(conn_id, p_uuid); 5450 } 5451 5452 /******************************************************************************* 5453 ** 5454 ** Function bta_dm_gatt_disc_result 5455 ** 5456 ** Description This function process the GATT service search result. 5457 ** 5458 ** Parameters: 5459 ** 5460 *******************************************************************************/ 5461 static void bta_dm_gatt_disc_result(tBTA_GATT_ID service_id) 5462 { 5463 tBTA_DM_SEARCH result; 5464 5465 /* 5466 * This logic will not work for gatt case. We are checking against the bluetooth profiles here 5467 * just copy the GATTID in raw data field and send it across. 5468 */ 5469 5470 5471 if ( bta_dm_search_cb.ble_raw_used + sizeof(tBTA_GATT_ID) < bta_dm_search_cb.ble_raw_size ) 5472 { 5473 APPL_TRACE_DEBUG("ADDING BLE SERVICE uuid=0x%x, ble_ptr = 0x%x, ble_raw_used = 0x%x", 5474 service_id.uuid.uu.uuid16,bta_dm_search_cb.p_ble_rawdata,bta_dm_search_cb.ble_raw_used); 5475 5476 if(bta_dm_search_cb.p_ble_rawdata) 5477 { 5478 memcpy((bta_dm_search_cb.p_ble_rawdata + bta_dm_search_cb.ble_raw_used), &service_id, 5479 sizeof(service_id) ); 5480 5481 bta_dm_search_cb.ble_raw_used += sizeof(service_id); 5482 } 5483 else 5484 { 5485 APPL_TRACE_ERROR("p_ble_rawdata is NULL"); 5486 } 5487 5488 } 5489 else 5490 { 5491 APPL_TRACE_ERROR("%s out of room to accomodate more service ids ble_raw_size = %d ble_raw_used = %d", __FUNCTION__,bta_dm_search_cb.ble_raw_size, bta_dm_search_cb.ble_raw_used ); 5492 } 5493 5494 LOG_INFO("%s service_id_uuid_len=%d ", __func__, service_id.uuid.len); 5495 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) 5496 { 5497 5498 /* send result back to app now, one by one */ 5499 bdcpy (result.disc_ble_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 5500 BCM_STRNCPY_S((char*)result.disc_ble_res.bd_name, sizeof(BD_NAME), bta_dm_get_remname(), (BD_NAME_LEN-1)); 5501 result.disc_ble_res.bd_name[BD_NAME_LEN] = 0; 5502 memcpy(&result.disc_ble_res.service, &service_id.uuid, sizeof(tBT_UUID)); 5503 5504 bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result); 5505 } 5506 } 5507 5508 /******************************************************************************* 5509 ** 5510 ** Function bta_dm_gatt_disc_complete 5511 ** 5512 ** Description This function process the GATT service search complete. 5513 ** 5514 ** Parameters: 5515 ** 5516 *******************************************************************************/ 5517 static void bta_dm_gatt_disc_complete(UINT16 conn_id, tBTA_GATT_STATUS status) 5518 { 5519 tBTA_DM_MSG *p_msg; 5520 5521 APPL_TRACE_DEBUG("bta_dm_gatt_disc_complete conn_id = %d",conn_id); 5522 5523 if (bta_dm_search_cb.uuid_to_search > 0) bta_dm_search_cb.uuid_to_search --; 5524 5525 if (status == BTA_GATT_OK && bta_dm_search_cb.uuid_to_search > 0) 5526 { 5527 btm_dm_start_disc_gatt_services(conn_id); 5528 } 5529 else 5530 { 5531 bta_dm_search_cb.uuid_to_search = 0; 5532 5533 /* no more services to be discovered */ 5534 if ((p_msg = (tBTA_DM_MSG *) GKI_getbuf(sizeof(tBTA_DM_MSG))) != NULL) 5535 { 5536 p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT; 5537 p_msg->disc_result.result.disc_res.result = (status == BTA_GATT_OK) ? BTA_SUCCESS :BTA_FAILURE; 5538 APPL_TRACE_DEBUG("%s service found: 0x%08x", __FUNCTION__, 5539 bta_dm_search_cb.services_found); 5540 p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found; 5541 p_msg->disc_result.result.disc_res.num_uuids = 0; 5542 p_msg->disc_result.result.disc_res.p_uuid_list = NULL; 5543 bdcpy (p_msg->disc_result.result.disc_res.bd_addr, bta_dm_search_cb.peer_bdaddr); 5544 BCM_STRNCPY_S((char*)p_msg->disc_result.result.disc_res.bd_name, sizeof(BD_NAME), 5545 bta_dm_get_remname(), (BD_NAME_LEN-1)); 5546 5547 /* make sure the string is terminated */ 5548 p_msg->disc_result.result.disc_res.bd_name[BD_NAME_LEN-1] = 0; 5549 5550 p_msg->disc_result.result.disc_res.device_type |= BT_DEVICE_TYPE_BLE; 5551 if ( bta_dm_search_cb.ble_raw_used > 0 ) 5552 { 5553 p_msg->disc_result.result.disc_res.p_raw_data = GKI_getbuf(bta_dm_search_cb.ble_raw_used); 5554 5555 memcpy( p_msg->disc_result.result.disc_res.p_raw_data, 5556 bta_dm_search_cb.p_ble_rawdata, 5557 bta_dm_search_cb.ble_raw_used ); 5558 5559 p_msg->disc_result.result.disc_res.raw_data_size = bta_dm_search_cb.ble_raw_used; 5560 } 5561 else 5562 { 5563 p_msg->disc_result.result.disc_res.p_raw_data = NULL; 5564 bta_dm_search_cb.p_ble_rawdata = 0; 5565 } 5566 5567 bta_sys_sendmsg(p_msg); 5568 } 5569 5570 if (conn_id != BTA_GATT_INVALID_CONN_ID) 5571 { 5572 /* start a GATT channel close delay timer */ 5573 bta_sys_start_timer(&bta_dm_search_cb.gatt_close_timer, BTA_DM_DISC_CLOSE_TOUT_EVT, 5574 BTA_DM_GATT_CLOSE_DELAY_TOUT); 5575 bdcpy(bta_dm_search_cb.pending_close_bda, bta_dm_search_cb.peer_bdaddr); 5576 } 5577 bta_dm_search_cb.gatt_disc_active = FALSE; 5578 } 5579 } 5580 5581 /******************************************************************************* 5582 ** 5583 ** Function bta_dm_close_gatt_conn 5584 ** 5585 ** Description This function close the GATT connection after delay timeout. 5586 ** 5587 ** Parameters: 5588 ** 5589 *******************************************************************************/ 5590 void bta_dm_close_gatt_conn(tBTA_DM_MSG *p_data) 5591 { 5592 UNUSED(p_data); 5593 5594 if (bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID) 5595 BTA_GATTC_Close(bta_dm_search_cb.conn_id); 5596 5597 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN); 5598 bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID; 5599 } 5600 /******************************************************************************* 5601 ** 5602 ** Function btm_dm_start_gatt_discovery 5603 ** 5604 ** Description This is GATT initiate the service search by open a GATT connection 5605 ** first. 5606 ** 5607 ** Parameters: 5608 ** 5609 *******************************************************************************/ 5610 void btm_dm_start_gatt_discovery (BD_ADDR bd_addr) 5611 { 5612 bta_dm_search_cb.gatt_disc_active = TRUE; 5613 5614 /* connection is already open */ 5615 if (bdcmp(bta_dm_search_cb.pending_close_bda, bd_addr) == 0 && 5616 bta_dm_search_cb.conn_id != BTA_GATT_INVALID_CONN_ID) 5617 { 5618 memset(bta_dm_search_cb.pending_close_bda, 0, BD_ADDR_LEN); 5619 bta_sys_stop_timer(&bta_dm_search_cb.gatt_close_timer); 5620 btm_dm_start_disc_gatt_services(bta_dm_search_cb.conn_id); 5621 } 5622 else 5623 BTA_GATTC_Open(bta_dm_search_cb.client_if, bd_addr, TRUE, BTA_GATT_TRANSPORT_LE); 5624 } 5625 5626 /******************************************************************************* 5627 ** 5628 ** Function bta_dm_cancel_gatt_discovery 5629 ** 5630 ** Description This is GATT cancel the GATT service search. 5631 ** 5632 ** Parameters: 5633 ** 5634 *******************************************************************************/ 5635 static void bta_dm_cancel_gatt_discovery(BD_ADDR bd_addr) 5636 { 5637 if (bta_dm_search_cb.conn_id == BTA_GATT_INVALID_CONN_ID) 5638 { 5639 BTA_GATTC_CancelOpen(bta_dm_search_cb.client_if, bd_addr, TRUE); 5640 } 5641 5642 bta_dm_gatt_disc_complete(bta_dm_search_cb.conn_id, (tBTA_GATT_STATUS) BTA_GATT_ERROR); 5643 } 5644 5645 /******************************************************************************* 5646 ** 5647 ** Function bta_dm_proc_open_evt 5648 ** 5649 ** Description process BTA_GATTC_OPEN_EVT in DM. 5650 ** 5651 ** Parameters: 5652 ** 5653 *******************************************************************************/ 5654 void bta_dm_proc_open_evt(tBTA_GATTC_OPEN *p_data) 5655 { 5656 UINT8 *p1; 5657 UINT8 *p2; 5658 5659 p1 = bta_dm_search_cb.peer_bdaddr; 5660 p2 = p_data->remote_bda; 5661 5662 APPL_TRACE_DEBUG("DM Search state= %d search_cb.peer_dbaddr: [%08x%04x] connected_bda= [%08x%04x] ", 5663 bta_dm_search_cb.state, 5664 ((p1[0])<<24)+((p1[1])<<16)+((p1[2])<<8)+(p1[3]), 5665 ((p1[4])<<8)+ p1[5], 5666 ((p2[0])<<24)+((p2[1])<<16)+((p2[2])<<8)+(p2[3]), 5667 ((p2[4])<<8)+ p2[5]); 5668 5669 APPL_TRACE_DEBUG("BTA_GATTC_OPEN_EVT conn_id = %d client_if=%d status = %d" , 5670 p_data->conn_id, 5671 p_data->client_if, 5672 p_data->status); 5673 5674 bta_dm_search_cb.conn_id = p_data->conn_id; 5675 5676 if (p_data->status == BTA_GATT_OK) 5677 { 5678 btm_dm_start_disc_gatt_services(p_data->conn_id); 5679 } 5680 else 5681 { 5682 bta_dm_gatt_disc_complete(BTA_GATT_INVALID_CONN_ID, p_data->status); 5683 } 5684 } 5685 5686 /******************************************************************************* 5687 ** 5688 ** Function bta_dm_gattc_callback 5689 ** 5690 ** Description This is GATT client callback function used in DM. 5691 ** 5692 ** Parameters: 5693 ** 5694 *******************************************************************************/ 5695 static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC *p_data) 5696 { 5697 APPL_TRACE_DEBUG("bta_dm_gattc_callback event = %d", event); 5698 5699 switch (event) 5700 { 5701 case BTA_GATTC_REG_EVT: 5702 APPL_TRACE_DEBUG("BTA_GATTC_REG_EVT client_if = %d", p_data->reg_oper.client_if); 5703 if (p_data->reg_oper.status == BTA_GATT_OK) 5704 bta_dm_search_cb.client_if = p_data->reg_oper.client_if; 5705 else 5706 bta_dm_search_cb.client_if = BTA_GATTS_INVALID_IF; 5707 break; 5708 5709 case BTA_GATTC_OPEN_EVT: 5710 bta_dm_proc_open_evt(&p_data->open); 5711 break; 5712 5713 case BTA_GATTC_SEARCH_RES_EVT: 5714 bta_dm_gatt_disc_result(p_data->srvc_res.service_uuid.id); 5715 break; 5716 5717 case BTA_GATTC_SEARCH_CMPL_EVT: 5718 if ( bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) 5719 bta_dm_gatt_disc_complete(p_data->search_cmpl.conn_id, p_data->search_cmpl.status); 5720 break; 5721 5722 case BTA_GATTC_CLOSE_EVT: 5723 APPL_TRACE_DEBUG("BTA_GATTC_CLOSE_EVT reason = %d", p_data->close.reason); 5724 /* in case of disconnect before search is completed */ 5725 if ( (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) && 5726 (bta_dm_search_cb.state != BTA_DM_SEARCH_ACTIVE) && 5727 !memcmp(p_data->close.remote_bda, bta_dm_search_cb.peer_bdaddr, BD_ADDR_LEN)) 5728 { 5729 bta_dm_gatt_disc_complete((UINT16)BTA_GATT_INVALID_CONN_ID, (tBTA_GATT_STATUS) BTA_GATT_ERROR); 5730 } 5731 break; 5732 5733 default: 5734 break; 5735 } 5736 } 5737 5738 #endif /* BTA_GATT_INCLUDED */ 5739 5740 #if BLE_VND_INCLUDED == TRUE 5741 /******************************************************************************* 5742 ** 5743 ** Function bta_dm_ctrl_features_rd_cmpl_cback 5744 ** 5745 ** Description callback to handle controller feature read complete 5746 ** 5747 ** Parameters: 5748 ** 5749 *******************************************************************************/ 5750 static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result) 5751 { 5752 APPL_TRACE_DEBUG("%s status = %d ", __FUNCTION__, result); 5753 if (result == BTM_SUCCESS) 5754 { 5755 if(bta_dm_cb.p_sec_cback) 5756 bta_dm_cb.p_sec_cback(BTA_DM_LE_FEATURES_READ, NULL); 5757 } 5758 else 5759 { 5760 APPL_TRACE_ERROR("%s Ctrl BLE feature read failed: status :%d",__FUNCTION__, result); 5761 } 5762 5763 } 5764 #endif /* BLE_VND_INCLUDED */ 5765 5766 #endif /* BLE_INCLUDED */ 5767