blob: 175e3faf2a9610fe1544c151bac147a5266a90cd [file] [log] [blame]
/******************************************************************************
*
* Copyright (C) 2003-2014 Broadcom Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
******************************************************************************/
/******************************************************************************
*
* This file contains the action functions for device manager state
* machine.
*
******************************************************************************/
#define LOG_TAG "bt_bta_dm"
#include <base/bind.h>
#include <base/callback.h>
#include <base/logging.h>
#include <cutils/log.h>
#include <string.h>
#include "bt_common.h"
#include "bt_target.h"
#include "bt_types.h"
#include "bta_api.h"
#include "bta_dm_api.h"
#include "bta_dm_co.h"
#include "bta_dm_int.h"
#include "bta_sys.h"
#include "btm_api.h"
#include "btm_int.h"
#include "btu.h"
#include "gap_api.h" /* For GAP_BleReadPeerPrefConnParams */
#include "l2c_api.h"
#include "osi/include/log.h"
#include "osi/include/osi.h"
#include "sdp_api.h"
#include "utl.h"
#if (GAP_INCLUDED == TRUE)
#include "gap_api.h"
#endif
static void bta_dm_inq_results_cb(tBTM_INQ_RESULTS* p_inq, uint8_t* p_eir,
uint16_t eir_len);
static void bta_dm_inq_cmpl_cb(void* p_result);
static void bta_dm_service_search_remname_cback(const RawAddress& bd_addr,
DEV_CLASS dc, BD_NAME bd_name);
static void bta_dm_remname_cback(tBTM_REMOTE_DEV_NAME* p_remote_name);
static void bta_dm_find_services(const RawAddress& bd_addr);
static void bta_dm_discover_next_device(void);
static void bta_dm_sdp_callback(uint16_t sdp_status);
static uint8_t bta_dm_authorize_cback(const RawAddress& bd_addr,
DEV_CLASS dev_class, BD_NAME bd_name,
uint8_t* service_name, uint8_t service_id,
bool is_originator);
static uint8_t bta_dm_pin_cback(const RawAddress& bd_addr, DEV_CLASS dev_class,
BD_NAME bd_name, bool min_16_digit);
static uint8_t bta_dm_new_link_key_cback(const RawAddress& bd_addr,
DEV_CLASS dev_class, BD_NAME bd_name,
LINK_KEY key, uint8_t key_type);
static uint8_t bta_dm_authentication_complete_cback(const RawAddress& bd_addr,
DEV_CLASS dev_class,
BD_NAME bd_name,
int result);
static void bta_dm_local_name_cback(const RawAddress& bd_addr);
static bool bta_dm_check_av(uint16_t event);
static void bta_dm_bl_change_cback(tBTM_BL_EVENT_DATA* p_data);
static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, uint8_t id,
uint8_t app_id, const RawAddress* peer_addr);
/* Extended Inquiry Response */
#if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
static uint8_t bta_dm_sp_cback(tBTM_SP_EVT event, tBTM_SP_EVT_DATA* p_data);
#endif
static void bta_dm_set_eir(char* local_name);
static void bta_dm_eir_search_services(tBTM_INQ_RESULTS* p_result,
tBTA_SERVICE_MASK* p_services_to_search,
tBTA_SERVICE_MASK* p_services_found);
static void bta_dm_search_timer_cback(void* data);
static void bta_dm_disable_conn_down_timer_cback(void* data);
static void bta_dm_rm_cback(tBTA_SYS_CONN_STATUS status, uint8_t id,
uint8_t app_id, const RawAddress* peer_addr);
static void bta_dm_adjust_roles(bool delay_role_switch);
static char* bta_dm_get_remname(void);
static void bta_dm_bond_cancel_complete_cback(tBTM_STATUS result);
static bool bta_dm_read_remote_device_name(const RawAddress& bd_addr,
tBT_TRANSPORT transport);
static void bta_dm_discover_device(const RawAddress& remote_bd_addr);
static void bta_dm_sys_hw_cback(tBTA_SYS_HW_EVT status);
static void bta_dm_disable_search_and_disc(void);
static uint8_t bta_dm_ble_smp_cback(tBTM_LE_EVT event, const RawAddress& bda,
tBTM_LE_EVT_DATA* p_data);
static void bta_dm_ble_id_key_cback(uint8_t key_type,
tBTM_BLE_LOCAL_KEYS* p_key);
static void bta_dm_gattc_register(void);
static void btm_dm_start_gatt_discovery(const RawAddress& bd_addr);
static void bta_dm_cancel_gatt_discovery(const RawAddress& bd_addr);
static void bta_dm_gattc_callback(tBTA_GATTC_EVT event, tBTA_GATTC* p_data);
extern tBTA_DM_CONTRL_STATE bta_dm_pm_obtain_controller_state(void);
#if (BLE_VND_INCLUDED == TRUE)
static void bta_dm_ctrl_features_rd_cmpl_cback(tBTM_STATUS result);
#endif
#ifndef BTA_DM_BLE_ADV_CHNL_MAP
#define BTA_DM_BLE_ADV_CHNL_MAP \
(BTM_BLE_ADV_CHNL_37 | BTM_BLE_ADV_CHNL_38 | BTM_BLE_ADV_CHNL_39)
#endif
/* Disable timer interval (in milliseconds) */
#ifndef BTA_DM_DISABLE_TIMER_MS
#define BTA_DM_DISABLE_TIMER_MS 5000
#endif
/* Disable timer retrial interval (in milliseconds) */
#ifndef BTA_DM_DISABLE_TIMER_RETRIAL_MS
#define BTA_DM_DISABLE_TIMER_RETRIAL_MS 1500
#endif
/* Disable connection down timer (in milliseconds) */
#ifndef BTA_DM_DISABLE_CONN_DOWN_TIMER_MS
#define BTA_DM_DISABLE_CONN_DOWN_TIMER_MS 1000
#endif
/* Switch delay timer (in milliseconds) */
#ifndef BTA_DM_SWITCH_DELAY_TIMER_MS
#define BTA_DM_SWITCH_DELAY_TIMER_MS 500
#endif
#define BTA_MAX_SERVICES 32
static void bta_dm_reset_sec_dev_pending(const RawAddress& remote_bd_addr);
static void bta_dm_remove_sec_dev_entry(const RawAddress& remote_bd_addr);
static void bta_dm_observe_results_cb(tBTM_INQ_RESULTS* p_inq, uint8_t* p_eir,
uint16_t eir_len);
static void bta_dm_observe_cmpl_cb(void* p_result);
static void bta_dm_delay_role_switch_cback(void* data);
static void bta_dm_disable_timer_cback(void* data);
const uint16_t bta_service_id_to_uuid_lkup_tbl[BTA_MAX_SERVICE_ID] = {
UUID_SERVCLASS_PNP_INFORMATION, /* Reserved */
UUID_SERVCLASS_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
UUID_SERVCLASS_DIALUP_NETWORKING, /* BTA_DUN_SERVICE_ID */
UUID_SERVCLASS_AUDIO_SOURCE, /* BTA_A2DP_SOURCE_SERVICE_ID */
UUID_SERVCLASS_LAN_ACCESS_USING_PPP, /* BTA_LAP_SERVICE_ID */
UUID_SERVCLASS_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
UUID_SERVCLASS_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
UUID_SERVCLASS_OBEX_OBJECT_PUSH, /* BTA_OPP_SERVICE_ID */
UUID_SERVCLASS_OBEX_FILE_TRANSFER, /* BTA_FTP_SERVICE_ID */
UUID_SERVCLASS_CORDLESS_TELEPHONY, /* BTA_CTP_SERVICE_ID */
UUID_SERVCLASS_INTERCOM, /* BTA_ICP_SERVICE_ID */
UUID_SERVCLASS_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
UUID_SERVCLASS_DIRECT_PRINTING, /* BTA_BPP_SERVICE_ID */
UUID_SERVCLASS_IMAGING_RESPONDER, /* BTA_BIP_SERVICE_ID */
UUID_SERVCLASS_PANU, /* BTA_PANU_SERVICE_ID */
UUID_SERVCLASS_NAP, /* BTA_NAP_SERVICE_ID */
UUID_SERVCLASS_GN, /* BTA_GN_SERVICE_ID */
UUID_SERVCLASS_SAP, /* BTA_SAP_SERVICE_ID */
UUID_SERVCLASS_AUDIO_SINK, /* BTA_A2DP_SERVICE_ID */
UUID_SERVCLASS_AV_REMOTE_CONTROL, /* BTA_AVRCP_SERVICE_ID */
UUID_SERVCLASS_HUMAN_INTERFACE, /* BTA_HID_SERVICE_ID */
UUID_SERVCLASS_VIDEO_SINK, /* BTA_VDP_SERVICE_ID */
UUID_SERVCLASS_PBAP_PSE, /* BTA_PBAP_SERVICE_ID */
UUID_SERVCLASS_HEADSET_AUDIO_GATEWAY, /* BTA_HSP_SERVICE_ID */
UUID_SERVCLASS_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
UUID_SERVCLASS_MESSAGE_ACCESS, /* BTA_MAP_SERVICE_ID */
UUID_SERVCLASS_MESSAGE_NOTIFICATION, /* BTA_MN_SERVICE_ID */
UUID_SERVCLASS_HDP_PROFILE, /* BTA_HDP_SERVICE_ID */
UUID_SERVCLASS_PBAP_PCE, /* BTA_PCE_SERVICE_ID */
UUID_PROTOCOL_ATT /* BTA_GATT_SERVICE_ID */
};
/*
* NOTE : The number of element in bta_service_id_to_btm_srv_id_lkup_tbl should
* be matching with
* the value BTA_MAX_SERVICE_ID in bta_api.h
*
* i.e., If you add new Service ID for BTA, the correct security ID of
* the new service
* from Security service definitions (btm_api.h) should be added to
* this lookup table.
*/
const uint32_t bta_service_id_to_btm_srv_id_lkup_tbl[BTA_MAX_SERVICE_ID] = {
0, /* Reserved */
BTM_SEC_SERVICE_SERIAL_PORT, /* BTA_SPP_SERVICE_ID */
BTM_SEC_SERVICE_DUN, /* BTA_DUN_SERVICE_ID */
BTM_SEC_SERVICE_AVDTP, /* BTA_AUDIO_SOURCE_SERVICE_ID */
BTM_SEC_SERVICE_LAN_ACCESS, /* BTA_LAP_SERVICE_ID */
BTM_SEC_SERVICE_HEADSET_AG, /* BTA_HSP_SERVICE_ID */
BTM_SEC_SERVICE_AG_HANDSFREE, /* BTA_HFP_SERVICE_ID */
BTM_SEC_SERVICE_OBEX, /* BTA_OPP_SERVICE_ID */
BTM_SEC_SERVICE_OBEX_FTP, /* BTA_FTP_SERVICE_ID */
BTM_SEC_SERVICE_CORDLESS, /* BTA_CTP_SERVICE_ID */
BTM_SEC_SERVICE_INTERCOM, /* BTA_ICP_SERVICE_ID */
BTM_SEC_SERVICE_IRMC_SYNC, /* BTA_SYNC_SERVICE_ID */
BTM_SEC_SERVICE_BPP_JOB, /* BTA_BPP_SERVICE_ID */
BTM_SEC_SERVICE_BIP, /* BTA_BIP_SERVICE_ID */
BTM_SEC_SERVICE_BNEP_PANU, /* BTA_PANU_SERVICE_ID */
BTM_SEC_SERVICE_BNEP_NAP, /* BTA_NAP_SERVICE_ID */
BTM_SEC_SERVICE_BNEP_GN, /* BTA_GN_SERVICE_ID */
BTM_SEC_SERVICE_SAP, /* BTA_SAP_SERVICE_ID */
BTM_SEC_SERVICE_AVDTP, /* BTA_A2DP_SERVICE_ID */
BTM_SEC_SERVICE_AVCTP, /* BTA_AVRCP_SERVICE_ID */
BTM_SEC_SERVICE_HIDH_SEC_CTRL, /* BTA_HID_SERVICE_ID */
BTM_SEC_SERVICE_AVDTP, /* BTA_VDP_SERVICE_ID */
BTM_SEC_SERVICE_PBAP, /* BTA_PBAP_SERVICE_ID */
BTM_SEC_SERVICE_HEADSET, /* BTA_HSP_HS_SERVICE_ID */
BTM_SEC_SERVICE_HF_HANDSFREE, /* BTA_HFP_HS_SERVICE_ID */
BTM_SEC_SERVICE_MAP, /* BTA_MAP_SERVICE_ID */
BTM_SEC_SERVICE_MAP, /* BTA_MN_SERVICE_ID */
BTM_SEC_SERVICE_HDP_SNK, /* BTA_HDP_SERVICE_ID */
BTM_SEC_SERVICE_PBAP, /* BTA_PCE_SERVICE_ID */
BTM_SEC_SERVICE_ATT /* BTA_GATT_SERVICE_ID */
};
/* bta security callback */
const tBTM_APPL_INFO bta_security = {&bta_dm_authorize_cback,
&bta_dm_pin_cback,
&bta_dm_new_link_key_cback,
&bta_dm_authentication_complete_cback,
&bta_dm_bond_cancel_complete_cback,
#if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
&bta_dm_sp_cback,
#else
NULL,
#endif
&bta_dm_ble_smp_cback,
&bta_dm_ble_id_key_cback};
#define MAX_DISC_RAW_DATA_BUF (4096)
uint8_t g_disc_raw_data_buf[MAX_DISC_RAW_DATA_BUF];
extern DEV_CLASS local_device_default_class;
/*******************************************************************************
*
* Function bta_dm_enable
*
* Description Initialises the BT device manager
*
*
* Returns void
*
******************************************************************************/
void bta_dm_enable(tBTA_DM_MSG* p_data) {
tBTA_DM_ENABLE enable_event;
/* if already in use, return an error */
if (bta_dm_cb.is_bta_dm_active == true) {
APPL_TRACE_WARNING("%s Device already started by another application",
__func__);
memset(&enable_event, 0, sizeof(tBTA_DM_ENABLE));
enable_event.status = BTA_FAILURE;
if (p_data->enable.p_sec_cback != NULL)
p_data->enable.p_sec_cback(BTA_DM_ENABLE_EVT,
(tBTA_DM_SEC*)&enable_event);
return;
}
/* first, register our callback to SYS HW manager */
bta_sys_hw_register(BTA_SYS_HW_BLUETOOTH, bta_dm_sys_hw_cback);
/* make sure security callback is saved - if no callback, do not erase the
previous one,
it could be an error recovery mechanism */
if (p_data->enable.p_sec_cback != NULL)
bta_dm_cb.p_sec_cback = p_data->enable.p_sec_cback;
/* notify BTA DM is now active */
bta_dm_cb.is_bta_dm_active = true;
/* send a message to BTA SYS */
tBTA_SYS_HW_MSG* sys_enable_event =
(tBTA_SYS_HW_MSG*)osi_malloc(sizeof(tBTA_SYS_HW_MSG));
sys_enable_event->hdr.event = BTA_SYS_API_ENABLE_EVT;
sys_enable_event->hw_module = BTA_SYS_HW_BLUETOOTH;
bta_sys_sendmsg(sys_enable_event);
}
/*******************************************************************************
*
* Function bta_dm_init_cb
*
* Description Initializes the bta_dm_cb control block
*
*
* Returns void
*
******************************************************************************/
void bta_dm_init_cb(void) {
memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
bta_dm_cb.disable_timer = alarm_new("bta_dm.disable_timer");
bta_dm_cb.switch_delay_timer = alarm_new("bta_dm.switch_delay_timer");
for (size_t i = 0; i < BTA_DM_NUM_PM_TIMER; i++) {
for (size_t j = 0; j < BTA_DM_PM_MODE_TIMER_MAX; j++) {
bta_dm_cb.pm_timer[i].timer[j] = alarm_new("bta_dm.pm_timer");
}
}
}
/*******************************************************************************
*
* Function bta_dm_deinit_cb
*
* Description De-initializes the bta_dm_cb control block
*
*
* Returns void
*
******************************************************************************/
void bta_dm_deinit_cb(void) {
/*
* TODO: Should alarm_free() the bta_dm_cb timers during graceful
* shutdown.
*/
alarm_free(bta_dm_cb.disable_timer);
alarm_free(bta_dm_cb.switch_delay_timer);
for (size_t i = 0; i < BTA_DM_NUM_PM_TIMER; i++) {
for (size_t j = 0; j < BTA_DM_PM_MODE_TIMER_MAX; j++) {
alarm_free(bta_dm_cb.pm_timer[i].timer[j]);
}
}
memset(&bta_dm_cb, 0, sizeof(bta_dm_cb));
}
/*******************************************************************************
*
* Function bta_dm_sys_hw_cback
*
* Description callback register to SYS to get HW status updates
*
*
* Returns void
*
******************************************************************************/
static void bta_dm_sys_hw_cback(tBTA_SYS_HW_EVT status) {
DEV_CLASS dev_class;
tBTA_DM_SEC_CBACK* temp_cback;
uint8_t key_mask = 0;
BT_OCTET16 er;
tBTA_BLE_LOCAL_ID_KEYS id_key;
APPL_TRACE_DEBUG("%s with event: %i", __func__, status);
/* On H/W error evt, report to the registered DM application callback */
if (status == BTA_SYS_HW_ERROR_EVT) {
if (bta_dm_cb.p_sec_cback != NULL)
bta_dm_cb.p_sec_cback(BTA_DM_HW_ERROR_EVT, NULL);
return;
}
if (status == BTA_SYS_HW_OFF_EVT) {
if (bta_dm_cb.p_sec_cback != NULL)
bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
/* reinitialize the control block */
bta_dm_deinit_cb();
/* hw is ready, go on with BTA DM initialization */
alarm_free(bta_dm_search_cb.search_timer);
alarm_free(bta_dm_search_cb.gatt_close_timer);
memset(&bta_dm_search_cb, 0, sizeof(bta_dm_search_cb));
/* unregister from SYS */
bta_sys_hw_unregister(BTA_SYS_HW_BLUETOOTH);
/* notify BTA DM is now unactive */
bta_dm_cb.is_bta_dm_active = false;
} else if (status == BTA_SYS_HW_ON_EVT) {
/* FIXME: We should not unregister as the SYS shall invoke this callback on
* a H/W error.
* We need to revisit when this platform has more than one BLuetooth H/W
* chip
*/
// bta_sys_hw_unregister( BTA_SYS_HW_BLUETOOTH);
/* save security callback */
temp_cback = bta_dm_cb.p_sec_cback;
/* make sure the control block is properly initialized */
bta_dm_init_cb();
/* and retrieve the callback */
bta_dm_cb.p_sec_cback = temp_cback;
bta_dm_cb.is_bta_dm_active = true;
/* hw is ready, go on with BTA DM initialization */
alarm_free(bta_dm_search_cb.search_timer);
alarm_free(bta_dm_search_cb.gatt_close_timer);
memset(&bta_dm_search_cb, 0, sizeof(bta_dm_search_cb));
/*
* TODO: Should alarm_free() the bta_dm_search_cb timers during
* graceful shutdown.
*/
bta_dm_search_cb.search_timer = alarm_new("bta_dm_search.search_timer");
bta_dm_search_cb.gatt_close_timer =
alarm_new("bta_dm_search.gatt_close_timer");
memset(&bta_dm_conn_srvcs, 0, sizeof(bta_dm_conn_srvcs));
memset(&bta_dm_di_cb, 0, sizeof(tBTA_DM_DI_CB));
memcpy(dev_class, p_bta_dm_cfg->dev_class, sizeof(dev_class));
BTM_SetDeviceClass(dev_class);
/* load BLE local information: ID keys, ER if available */
bta_dm_co_ble_load_local_keys(&key_mask, er, &id_key);
if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ER) {
BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ER,
(tBTM_BLE_LOCAL_KEYS*)&er);
}
if (key_mask & BTA_BLE_LOCAL_KEY_TYPE_ID) {
BTM_BleLoadLocalKeys(BTA_BLE_LOCAL_KEY_TYPE_ID,
(tBTM_BLE_LOCAL_KEYS*)&id_key);
}
bta_dm_search_cb.conn_id = BTA_GATT_INVALID_CONN_ID;
BTM_SecRegister((tBTM_APPL_INFO*)&bta_security);
BTM_SetDefaultLinkSuperTout(p_bta_dm_cfg->link_timeout);
BTM_WritePageTimeout(p_bta_dm_cfg->page_timeout);
bta_dm_cb.cur_policy = p_bta_dm_cfg->policy_settings;
BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
BTM_RegBusyLevelNotif(bta_dm_bl_change_cback, NULL,
BTM_BL_UPDATE_MASK | BTM_BL_ROLE_CHG_MASK);
#if (BLE_VND_INCLUDED == TRUE)
BTM_BleReadControllerFeatures(bta_dm_ctrl_features_rd_cmpl_cback);
#else
/* If VSC multi adv commands are available, advertising will be initialized
* when capabilities are read. If they are not avaliable, initialize
* advertising here */
btm_ble_adv_init();
#endif
/* Earlier, we used to invoke BTM_ReadLocalAddr which was just copying the
bd_addr
from the control block and invoking the callback which was sending the
DM_ENABLE_EVT.
But then we have a few HCI commands being invoked above which were still
in progress
when the ENABLE_EVT was sent. So modified this to fetch the local name
which forces
the DM_ENABLE_EVT to be sent only after all the init steps are complete
*/
BTM_ReadLocalDeviceNameFromController(
(tBTM_CMPL_CB*)bta_dm_local_name_cback);
bta_sys_rm_register((tBTA_SYS_CONN_CBACK*)bta_dm_rm_cback);
/* initialize bluetooth low power manager */
bta_dm_init_pm();
bta_sys_policy_register((tBTA_SYS_CONN_CBACK*)bta_dm_policy_cback);
bta_dm_gattc_register();
} else
APPL_TRACE_DEBUG(" --- ignored event");
}
/*******************************************************************************
*
* Function bta_dm_disable
*
* Description Disables the BT device manager
*
*
* Returns void
*
******************************************************************************/
void bta_dm_disable(UNUSED_ATTR tBTA_DM_MSG* p_data) {
/* Set l2cap idle timeout to 0 (so BTE immediately disconnects ACL link after
* last channel is closed) */
L2CA_SetIdleTimeoutByBdAddr(RawAddress::kAny, 0, BT_TRANSPORT_BR_EDR);
L2CA_SetIdleTimeoutByBdAddr(RawAddress::kAny, 0, BT_TRANSPORT_LE);
/* disable all active subsystems */
bta_sys_disable(BTA_SYS_HW_BLUETOOTH);
BTM_SetDiscoverability(BTM_NON_DISCOVERABLE, 0, 0);
BTM_SetConnectability(BTM_NON_CONNECTABLE, 0, 0);
bta_dm_disable_pm();
bta_dm_disable_search_and_disc();
bta_dm_cb.disabling = true;
BTM_BleClearBgConnDev();
if (BTM_GetNumAclLinks() == 0) {
#if (BTA_DISABLE_DELAY > 0)
/* If BTA_DISABLE_DELAY is defined and greater than zero, then delay the
* shutdown by
* BTA_DISABLE_DELAY milliseconds
*/
APPL_TRACE_WARNING("%s BTA_DISABLE_DELAY set to %d ms", __func__,
BTA_DISABLE_DELAY);
alarm_set_on_mloop(bta_dm_cb.disable_timer, BTA_DISABLE_DELAY,
bta_dm_disable_conn_down_timer_cback, NULL);
#else
bta_dm_disable_conn_down_timer_cback(NULL);
#endif
} else {
alarm_set_on_mloop(bta_dm_cb.disable_timer, BTA_DM_DISABLE_TIMER_MS,
bta_dm_disable_timer_cback, UINT_TO_PTR(0));
}
}
/*******************************************************************************
*
* Function bta_dm_disable_timer_cback
*
* Description Called if the disable timer expires
* Used to close ACL connections which are still active
*
*
*
* Returns void
*
******************************************************************************/
static void bta_dm_disable_timer_cback(void* data) {
uint8_t i;
tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
bool trigger_disc = false;
uint32_t param = PTR_TO_UINT(data);
APPL_TRACE_EVENT("%s trial %u", __func__, param);
if (BTM_GetNumAclLinks() && (param == 0)) {
for (i = 0; i < bta_dm_cb.device_list.count; i++) {
transport = bta_dm_cb.device_list.peer_device[i].transport;
btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr,
transport);
trigger_disc = true;
}
/* Retrigger disable timer in case ACL disconnect failed, DISABLE_EVT still
need
to be sent out to avoid jave layer disable timeout */
if (trigger_disc) {
alarm_set_on_mloop(bta_dm_cb.disable_timer,
BTA_DM_DISABLE_TIMER_RETRIAL_MS,
bta_dm_disable_timer_cback, UINT_TO_PTR(1));
}
} else {
bta_dm_cb.disabling = false;
bta_sys_remove_uuid(UUID_SERVCLASS_PNP_INFORMATION);
bta_dm_cb.p_sec_cback(BTA_DM_DISABLE_EVT, NULL);
}
}
/*******************************************************************************
*
* Function bta_dm_set_dev_name
*
* Description Sets local device name
*
*
* Returns void
*
******************************************************************************/
void bta_dm_set_dev_name(tBTA_DM_MSG* p_data) {
BTM_SetLocalDeviceName((char*)p_data->set_name.name);
bta_dm_set_eir((char*)p_data->set_name.name);
}
/*******************************************************************************
*
* Function bta_dm_set_visibility
*
* Description Sets discoverability, connectability and pairability
*
*
* Returns void
*
******************************************************************************/
void bta_dm_set_visibility(tBTA_DM_MSG* p_data) {
uint16_t window, interval;
uint16_t le_disc_mode = BTM_BleReadDiscoverability();
uint16_t le_conn_mode = BTM_BleReadConnectability();
uint16_t disc_mode = BTM_ReadDiscoverability(&window, &interval);
uint16_t conn_mode = BTM_ReadConnectability(&window, &interval);
/* set modes for Discoverability and connectability if not ignore */
if (p_data->set_visibility.disc_mode != (BTA_DM_IGNORE | BTA_DM_LE_IGNORE)) {
if ((p_data->set_visibility.disc_mode & BTA_DM_LE_IGNORE) ==
BTA_DM_LE_IGNORE)
p_data->set_visibility.disc_mode =
((p_data->set_visibility.disc_mode & ~BTA_DM_LE_IGNORE) |
le_disc_mode);
if ((p_data->set_visibility.disc_mode & BTA_DM_IGNORE) == BTA_DM_IGNORE)
p_data->set_visibility.disc_mode =
((p_data->set_visibility.disc_mode & ~BTA_DM_IGNORE) | disc_mode);
BTM_SetDiscoverability(p_data->set_visibility.disc_mode,
bta_dm_cb.inquiry_scan_window,
bta_dm_cb.inquiry_scan_interval);
}
if (p_data->set_visibility.conn_mode != (BTA_DM_IGNORE | BTA_DM_LE_IGNORE)) {
if ((p_data->set_visibility.conn_mode & BTA_DM_LE_IGNORE) ==
BTA_DM_LE_IGNORE)
p_data->set_visibility.conn_mode =
((p_data->set_visibility.conn_mode & ~BTA_DM_LE_IGNORE) |
le_conn_mode);
if ((p_data->set_visibility.conn_mode & BTA_DM_IGNORE) == BTA_DM_IGNORE)
p_data->set_visibility.conn_mode =
((p_data->set_visibility.conn_mode & ~BTA_DM_IGNORE) | conn_mode);
BTM_SetConnectability(p_data->set_visibility.conn_mode,
bta_dm_cb.page_scan_window,
bta_dm_cb.page_scan_interval);
}
/* Send False or True if not ignore */
if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE) {
if (p_data->set_visibility.pair_mode == BTA_DM_NON_PAIRABLE)
bta_dm_cb.disable_pair_mode = true;
else
bta_dm_cb.disable_pair_mode = false;
}
/* Send False or True if not ignore */
if (p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE) {
if (p_data->set_visibility.conn_paired_only == BTA_DM_CONN_ALL)
bta_dm_cb.conn_paired_only = false;
else
bta_dm_cb.conn_paired_only = true;
}
/* Change mode if either mode is not ignore */
if (p_data->set_visibility.pair_mode != BTA_DM_IGNORE ||
p_data->set_visibility.conn_paired_only != BTA_DM_IGNORE)
BTM_SetPairableMode((bool)(!(bta_dm_cb.disable_pair_mode)),
bta_dm_cb.conn_paired_only);
}
/*******************************************************************************
*
* Function bta_dm_process_remove_device
*
* Description Removes device, Disconnects ACL link if required.
***
******************************************************************************/
void bta_dm_process_remove_device(const RawAddress& bd_addr) {
/* need to remove all pending background connection before unpair */
BTA_GATTC_CancelOpen(0, bd_addr, false);
BTM_SecDeleteDevice(bd_addr);
/* remove all cached GATT information */
BTA_GATTC_Refresh(bd_addr);
if (bta_dm_cb.p_sec_cback) {
tBTA_DM_SEC sec_event;
sec_event.link_down.bd_addr = bd_addr;
;
/* No connection, set status to success (acl disc code not valid) */
sec_event.link_down.status = HCI_SUCCESS;
bta_dm_cb.p_sec_cback(BTA_DM_DEV_UNPAIRED_EVT, &sec_event);
}
}
/*******************************************************************************
*
* Function bta_dm_remove_device
*
* Description Removes device, disconnects ACL link if required.
***
******************************************************************************/
void bta_dm_remove_device(tBTA_DM_MSG* p_data) {
tBTA_DM_API_REMOVE_DEVICE* p_dev = &p_data->remove_dev;
bool continue_delete_other_dev = false;
if (p_dev == NULL) return;
RawAddress other_address = p_dev->bd_addr;
/* If ACL exists for the device in the remove_bond message*/
bool continue_delete_dev = false;
uint8_t other_transport = BT_TRANSPORT_INVALID;
if (BTM_IsAclConnectionUp(p_dev->bd_addr, BT_TRANSPORT_LE) ||
BTM_IsAclConnectionUp(p_dev->bd_addr, BT_TRANSPORT_BR_EDR)) {
APPL_TRACE_DEBUG("%s: ACL Up count %d", __func__,
bta_dm_cb.device_list.count);
continue_delete_dev = false;
/* Take the link down first, and mark the device for removal when
* disconnected */
for (int i = 0; i < bta_dm_cb.device_list.count; i++) {
if (bta_dm_cb.device_list.peer_device[i].peer_bdaddr == p_dev->bd_addr) {
uint8_t transport = BT_TRANSPORT_BR_EDR;
transport = bta_dm_cb.device_list.peer_device[i].transport;
bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
btm_remove_acl(p_dev->bd_addr, transport);
APPL_TRACE_DEBUG("%s:transport = %d", __func__,
bta_dm_cb.device_list.peer_device[i].transport);
/* save the other transport to check if device is connected on
* other_transport */
if (bta_dm_cb.device_list.peer_device[i].transport == BT_TRANSPORT_LE)
other_transport = BT_TRANSPORT_BR_EDR;
else
other_transport = BT_TRANSPORT_LE;
break;
}
}
} else {
continue_delete_dev = true;
}
// If it is DUMO device and device is paired as different address, unpair that
// device
// if different address
if ((other_transport &&
(BTM_ReadConnectedTransportAddress(&other_address, other_transport))) ||
(!other_transport &&
(BTM_ReadConnectedTransportAddress(&other_address,
BT_TRANSPORT_BR_EDR) ||
BTM_ReadConnectedTransportAddress(&other_address, BT_TRANSPORT_LE)))) {
continue_delete_other_dev = false;
/* Take the link down first, and mark the device for removal when
* disconnected */
for (int i = 0; i < bta_dm_cb.device_list.count; i++) {
if (bta_dm_cb.device_list.peer_device[i].peer_bdaddr == other_address) {
bta_dm_cb.device_list.peer_device[i].conn_state = BTA_DM_UNPAIRING;
btm_remove_acl(other_address,
bta_dm_cb.device_list.peer_device[i].transport);
break;
}
}
} else {
APPL_TRACE_DEBUG("%s: continue to delete the other dev ", __func__);
continue_delete_other_dev = true;
}
/* Delete the device mentioned in the msg */
if (continue_delete_dev) bta_dm_process_remove_device(p_dev->bd_addr);
/* Delete the other paired device too */
if (continue_delete_other_dev && !other_address.IsEmpty())
bta_dm_process_remove_device(other_address);
}
/*******************************************************************************
*
* Function bta_dm_add_device
*
* Description This function adds a Link Key to an security database entry.
* It is normally called during host startup to restore all
* required information stored in the NVRAM.
***
******************************************************************************/
void bta_dm_add_device(tBTA_DM_MSG* p_data) {
tBTA_DM_API_ADD_DEVICE* p_dev = &p_data->add_dev;
uint8_t* p_dc = NULL;
uint8_t* p_lc = NULL;
uint32_t trusted_services_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
uint8_t index = 0;
uint8_t btm_mask_index = 0;
memset(trusted_services_mask, 0, sizeof(trusted_services_mask));
/* If not all zeros, the device class has been specified */
if (p_dev->dc_known) p_dc = (uint8_t*)p_dev->dc;
if (p_dev->link_key_known) p_lc = (uint8_t*)p_dev->link_key;
if (p_dev->is_trusted) {
/* covert BTA service mask to BTM mask */
while (p_dev->tm && (index < BTA_MAX_SERVICE_ID)) {
if (p_dev->tm & (uint32_t)(1 << index)) {
btm_mask_index =
bta_service_id_to_btm_srv_id_lkup_tbl[index] / BTM_SEC_ARRAY_BITS;
trusted_services_mask[btm_mask_index] |=
(uint32_t)(1 << (bta_service_id_to_btm_srv_id_lkup_tbl[index] -
(uint32_t)(btm_mask_index * 32)));
p_dev->tm &= (uint32_t)(~(1 << index));
}
index++;
}
}
if (!BTM_SecAddDevice(p_dev->bd_addr, p_dc, p_dev->bd_name, p_dev->features,
trusted_services_mask, p_lc, p_dev->key_type,
p_dev->io_cap, p_dev->pin_length)) {
LOG(ERROR) << "BTA_DM: Error adding device " << p_dev->bd_addr;
}
}
/*******************************************************************************
*
* Function bta_dm_close_acl
*
* Description This function forces to close the connection to a remote
* device and optionaly remove the device from security
* database if required.
***
******************************************************************************/
void bta_dm_close_acl(tBTA_DM_MSG* p_data) {
tBTA_DM_API_REMOVE_ACL* p_remove_acl = &p_data->remove_acl;
uint8_t index;
APPL_TRACE_DEBUG("bta_dm_close_acl");
if (BTM_IsAclConnectionUp(p_remove_acl->bd_addr, p_remove_acl->transport)) {
for (index = 0; index < bta_dm_cb.device_list.count; index++) {
if (bta_dm_cb.device_list.peer_device[index].peer_bdaddr ==
p_remove_acl->bd_addr)
break;
}
if (index != bta_dm_cb.device_list.count) {
if (p_remove_acl->remove_dev)
bta_dm_cb.device_list.peer_device[index].remove_dev_pending = true;
} else {
APPL_TRACE_ERROR("unknown device, remove ACL failed");
}
/* Disconnect the ACL link */
btm_remove_acl(p_remove_acl->bd_addr, p_remove_acl->transport);
}
/* if to remove the device from security database ? do it now */
else if (p_remove_acl->remove_dev) {
if (!BTM_SecDeleteDevice(p_remove_acl->bd_addr)) {
APPL_TRACE_ERROR("delete device from security database failed.");
}
/* need to remove all pending background connection if any */
BTA_GATTC_CancelOpen(0, p_remove_acl->bd_addr, false);
/* remove all cached GATT information */
BTA_GATTC_Refresh(p_remove_acl->bd_addr);
}
/* otherwise, no action needed */
}
/*******************************************************************************
*
* Function bta_dm_remove_all_acl
*
* Description This function forces to close all the ACL links specified by
* link type
***
******************************************************************************/
void bta_dm_remove_all_acl(tBTA_DM_MSG* p_data) {
const tBTA_DM_LINK_TYPE link_type = p_data->remove_all_acl.link_type;
tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
APPL_TRACE_DEBUG("%s link type = %d", __func__, link_type);
for (uint8_t i = 0; i < bta_dm_cb.device_list.count; i++) {
transport = bta_dm_cb.device_list.peer_device[i].transport;
if ((link_type == BTA_DM_LINK_TYPE_ALL) ||
((link_type == BTA_DM_LINK_TYPE_LE) &&
(transport == BT_TRANSPORT_LE)) ||
((link_type == BTA_DM_LINK_TYPE_BR_EDR) &&
(transport == BT_TRANSPORT_BR_EDR))) {
/* Disconnect the ACL link */
btm_remove_acl(bta_dm_cb.device_list.peer_device[i].peer_bdaddr,
transport);
}
}
}
/*******************************************************************************
*
* Function bta_dm_bond
*
* Description Bonds with peer device
*
*
* Returns void
*
******************************************************************************/
void bta_dm_bond(tBTA_DM_MSG* p_data) {
tBTM_STATUS status;
tBTA_DM_SEC sec_event;
char* p_name;
if (p_data->bond.transport == BTA_TRANSPORT_UNKNOWN)
status = BTM_SecBond(p_data->bond.bd_addr, 0, NULL, 0);
else
status = BTM_SecBondByTransport(p_data->bond.bd_addr,
p_data->bond.transport, 0, NULL, 0);
if (bta_dm_cb.p_sec_cback && (status != BTM_CMD_STARTED)) {
memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
sec_event.auth_cmpl.bd_addr = p_data->bond.bd_addr;
p_name = BTM_SecReadDevName(p_data->bond.bd_addr);
if (p_name != NULL) {
memcpy(sec_event.auth_cmpl.bd_name, p_name, (BD_NAME_LEN - 1));
sec_event.auth_cmpl.bd_name[BD_NAME_LEN - 1] = 0;
}
/* taken care of by memset [above]
sec_event.auth_cmpl.key_present = false;
sec_event.auth_cmpl.success = false;
*/
sec_event.auth_cmpl.fail_reason = HCI_ERR_ILLEGAL_COMMAND;
if (status == BTM_SUCCESS) {
sec_event.auth_cmpl.success = true;
} else {
/* delete this device entry from Sec Dev DB */
bta_dm_remove_sec_dev_entry(p_data->bond.bd_addr);
}
bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
}
}
/*******************************************************************************
*
* Function bta_dm_bond_cancel
*
* Description Cancels bonding with a peer device
*
*
* Returns void
*
******************************************************************************/
void bta_dm_bond_cancel(tBTA_DM_MSG* p_data) {
tBTM_STATUS status;
tBTA_DM_SEC sec_event;
APPL_TRACE_EVENT(" bta_dm_bond_cancel ");
status = BTM_SecBondCancel(p_data->bond_cancel.bd_addr);
if (bta_dm_cb.p_sec_cback &&
(status != BTM_CMD_STARTED && status != BTM_SUCCESS)) {
sec_event.bond_cancel_cmpl.result = BTA_FAILURE;
bta_dm_cb.p_sec_cback(BTA_DM_BOND_CANCEL_CMPL_EVT, &sec_event);
}
}
/*******************************************************************************
*
* Function bta_dm_pin_reply
*
* Description Send the pin_reply to a request from BTM
*
*
* Returns void
*
******************************************************************************/
void bta_dm_pin_reply(tBTA_DM_MSG* p_data) {
uint32_t trusted_mask[BTM_SEC_SERVICE_ARRAY_SIZE];
uint32_t* current_trusted_mask;
current_trusted_mask = BTM_ReadTrustedMask(p_data->pin_reply.bd_addr);
if (current_trusted_mask) {
memcpy(trusted_mask, current_trusted_mask, sizeof(trusted_mask));
} else {
memset(trusted_mask, 0, sizeof(trusted_mask));
}
if (p_data->pin_reply.accept) {
BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_SUCCESS,
p_data->pin_reply.pin_len, p_data->pin_reply.p_pin,
trusted_mask);
} else {
BTM_PINCodeReply(p_data->pin_reply.bd_addr, BTM_NOT_AUTHORIZED, 0, NULL,
trusted_mask);
}
}
/*******************************************************************************
*
* Function bta_dm_policy_cback
*
* Description process the link policy changes
*
* Returns void
*
******************************************************************************/
static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, uint8_t id,
uint8_t app_id, const RawAddress* peer_addr) {
tBTA_DM_PEER_DEVICE* p_dev = NULL;
uint16_t policy = app_id;
uint32_t mask = (uint32_t)(1 << id);
if (peer_addr) p_dev = bta_dm_find_peer_device(*peer_addr);
APPL_TRACE_DEBUG(" bta_dm_policy_cback cmd:%d, policy:0x%x", status, policy);
switch (status) {
case BTA_SYS_PLCY_SET:
if (!p_dev) return;
/* restore the default link policy */
p_dev->link_policy |= policy;
BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
break;
case BTA_SYS_PLCY_CLR:
if (!p_dev) return;
/* clear the policy from the default link policy */
p_dev->link_policy &= (~policy);
BTM_SetLinkPolicy(p_dev->peer_bdaddr, &(p_dev->link_policy));
if (policy & (HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_PARK_MODE)) {
/* if clearing sniff/park, wake the link */
bta_dm_pm_active(p_dev->peer_bdaddr);
}
break;
case BTA_SYS_PLCY_DEF_SET:
/* want to restore/set the role switch policy */
bta_dm_cb.role_policy_mask &= ~mask;
if (0 == bta_dm_cb.role_policy_mask) {
/* if nobody wants to insist on the role */
bta_dm_cb.cur_policy |= HCI_ENABLE_MASTER_SLAVE_SWITCH;
BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
}
break;
case BTA_SYS_PLCY_DEF_CLR:
/* want to remove the role switch policy */
bta_dm_cb.role_policy_mask |= mask;
bta_dm_cb.cur_policy &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH;
BTM_SetDefaultLinkPolicy(bta_dm_cb.cur_policy);
break;
}
}
/*******************************************************************************
*
* Function bta_dm_confirm
*
* Description Send the user confirm request reply in response to a
* request from BTM
*
* Returns void
*
******************************************************************************/
void bta_dm_confirm(tBTA_DM_MSG* p_data) {
tBTM_STATUS res = BTM_NOT_AUTHORIZED;
if (p_data->confirm.accept == true) res = BTM_SUCCESS;
BTM_ConfirmReqReply(res, p_data->confirm.bd_addr);
}
/*******************************************************************************
*
* Function bta_dm_loc_oob
*
* Description Retrieve the OOB data from the local LM
*
* Returns void
*
******************************************************************************/
void bta_dm_loc_oob(UNUSED_ATTR tBTA_DM_MSG* p_data) { BTM_ReadLocalOobData(); }
/*******************************************************************************
*
* Function bta_dm_ci_io_req_act
*
* Description respond to the IO capabilities request from BTM
*
* Returns void
*
******************************************************************************/
void bta_dm_ci_io_req_act(tBTA_DM_MSG* p_data) {
tBTM_AUTH_REQ auth_req = BTM_AUTH_AP_NO;
if (p_data->ci_io_req.auth_req) auth_req = BTM_AUTH_AP_YES;
BTM_IoCapRsp(p_data->ci_io_req.bd_addr, p_data->ci_io_req.io_cap,
p_data->ci_io_req.oob_data, auth_req);
}
/*******************************************************************************
*
* Function bta_dm_ci_rmt_oob_act
*
* Description respond to the OOB data request for the remote device from
* BTM
*
*
* Returns void
*
******************************************************************************/
void bta_dm_ci_rmt_oob_act(tBTA_DM_MSG* p_data) {
tBTM_STATUS res = BTM_NOT_AUTHORIZED;
if (p_data->ci_rmt_oob.accept == true) res = BTM_SUCCESS;
BTM_RemoteOobDataReply(res, p_data->ci_rmt_oob.bd_addr, p_data->ci_rmt_oob.c,
p_data->ci_rmt_oob.r);
}
/*******************************************************************************
*
* Function bta_dm_search_start
*
* Description Starts an inquiry
*
*
* Returns void
*
******************************************************************************/
void bta_dm_search_start(tBTA_DM_MSG* p_data) {
tBTM_INQUIRY_CMPL result;
size_t len = sizeof(tBT_UUID) * p_data->search.num_uuid;
bta_dm_gattc_register();
APPL_TRACE_DEBUG("%s avoid_scatter=%d", __func__,
p_bta_dm_cfg->avoid_scatter);
if (p_bta_dm_cfg->avoid_scatter &&
(p_data->search.rs_res == BTA_DM_RS_NONE) &&
bta_dm_check_av(BTA_DM_API_SEARCH_EVT)) {
memcpy(&bta_dm_cb.search_msg, &p_data->search, sizeof(tBTA_DM_API_SEARCH));
return;
}
BTM_ClearInqDb(NULL);
/* save search params */
bta_dm_search_cb.p_search_cback = p_data->search.p_cback;
bta_dm_search_cb.services = p_data->search.services;
osi_free_and_reset((void**)&bta_dm_search_cb.p_srvc_uuid);
if ((bta_dm_search_cb.num_uuid = p_data->search.num_uuid) != 0 &&
p_data->search.p_uuid != NULL) {
bta_dm_search_cb.p_srvc_uuid = (tBT_UUID*)osi_malloc(len);
memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->search.p_uuid, len);
}
result.status = BTM_StartInquiry((tBTM_INQ_PARMS*)&p_data->search.inq_params,
bta_dm_inq_results_cb,
(tBTM_CMPL_CB*)bta_dm_inq_cmpl_cb);
APPL_TRACE_EVENT("%s status=%d", __func__, result.status);
if (result.status != BTM_CMD_STARTED) {
result.num_resp = 0;
bta_dm_inq_cmpl_cb((void*)&result);
}
}
/*******************************************************************************
*
* Function bta_dm_search_cancel
*
* Description Cancels an ongoing search for devices
*
*
* Returns void
*
******************************************************************************/
void bta_dm_search_cancel(UNUSED_ATTR tBTA_DM_MSG* p_data) {
tBTA_DM_MSG* p_msg;
if (BTM_IsInquiryActive()) {
if (BTM_CancelInquiry() == BTM_SUCCESS) {
bta_dm_search_cancel_notify(NULL);
p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
bta_sys_sendmsg(p_msg);
} else {
/* flag a search cancel is pending */
bta_dm_search_cb.cancel_pending = true;
}
}
/* If no Service Search going on then issue cancel remote name in case it is
active */
else if (!bta_dm_search_cb.name_discover_done) {
BTM_CancelRemoteDeviceName();
p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
bta_sys_sendmsg(p_msg);
} else {
p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
bta_sys_sendmsg(p_msg);
}
if (bta_dm_search_cb.gatt_disc_active) {
bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
}
}
/*******************************************************************************
*
* Function bta_dm_discover
*
* Description Discovers services on a remote device
*
*
* Returns void
*
******************************************************************************/
void bta_dm_discover(tBTA_DM_MSG* p_data) {
size_t len = sizeof(tBT_UUID) * p_data->discover.num_uuid;
APPL_TRACE_EVENT("%s services_to_search=0x%04X, sdp_search=%d", __func__,
p_data->discover.services, p_data->discover.sdp_search);
/* save the search condition */
bta_dm_search_cb.services = p_data->discover.services;
bta_dm_gattc_register();
osi_free_and_reset((void**)&bta_dm_search_cb.p_srvc_uuid);
if ((bta_dm_search_cb.num_uuid = p_data->discover.num_uuid) != 0 &&
p_data->discover.p_uuid != NULL) {
bta_dm_search_cb.p_srvc_uuid = (tBT_UUID*)osi_malloc(len);
memcpy(bta_dm_search_cb.p_srvc_uuid, p_data->discover.p_uuid, len);
}
bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
bta_dm_search_cb.p_search_cback = p_data->discover.p_cback;
bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
bta_dm_search_cb.service_index = 0;
bta_dm_search_cb.services_found = 0;
bta_dm_search_cb.peer_name[0] = 0;
bta_dm_search_cb.sdp_search = p_data->discover.sdp_search;
bta_dm_search_cb.p_btm_inq_info = BTM_InqDbRead(p_data->discover.bd_addr);
bta_dm_search_cb.transport = p_data->discover.transport;
bta_dm_search_cb.name_discover_done = false;
memcpy(&bta_dm_search_cb.uuid, &p_data->discover.uuid, sizeof(tSDP_UUID));
bta_dm_discover_device(p_data->discover.bd_addr);
}
/*******************************************************************************
*
* Function bta_dm_di_disc_cmpl
*
* Description Sends event to application when DI discovery complete
*
* Returns void
*
******************************************************************************/
void bta_dm_di_disc_cmpl(tBTA_DM_MSG* p_data) {
tBTA_DM_DI_DISC_CMPL di_disc;
memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
di_disc.bd_addr = bta_dm_search_cb.peer_bdaddr;
if ((p_data->hdr.offset == SDP_SUCCESS) ||
(p_data->hdr.offset == SDP_DB_FULL)) {
di_disc.num_record = SDP_GetNumDiRecords(bta_dm_di_cb.p_di_db);
} else
di_disc.result = BTA_FAILURE;
bta_dm_di_cb.p_di_db = NULL;
bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT,
(tBTA_DM_SEARCH*)&di_disc);
}
/*******************************************************************************
*
* Function bta_dm_di_disc_callback
*
* Description This function queries a remote device for DI information.
*
*
* Returns void
*
******************************************************************************/
static void bta_dm_di_disc_callback(uint16_t result) {
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
p_msg->hdr.offset = result;
bta_sys_sendmsg(p_msg);
}
/*******************************************************************************
*
* Function bta_dm_disable_search_and_disc
*
* Description Cancels an ongoing search or discovery for devices in case
* of a Bluetooth disable
*
*
* Returns void
*
******************************************************************************/
static void bta_dm_disable_search_and_disc(void) {
tBTA_DM_DI_DISC_CMPL di_disc;
if (bta_dm_search_cb.state != BTA_DM_SEARCH_IDLE) bta_dm_search_cancel(NULL);
if (bta_dm_di_cb.p_di_db != NULL) {
memset(&di_disc, 0, sizeof(tBTA_DM_DI_DISC_CMPL));
di_disc.bd_addr = bta_dm_search_cb.peer_bdaddr;
di_disc.result = BTA_FAILURE;
bta_dm_di_cb.p_di_db = NULL;
bta_dm_search_cb.p_search_cback(BTA_DM_DI_DISC_CMPL_EVT, NULL);
}
}
/*******************************************************************************
*
* Function bta_dm_di_disc
*
* Description This function queries a remote device for DI information.
*
*
* Returns void
*
******************************************************************************/
void bta_dm_di_disc(tBTA_DM_MSG* p_data) {
uint16_t result = BTA_FAILURE;
bta_dm_search_cb.p_search_cback = p_data->di_disc.p_cback;
bta_dm_search_cb.peer_bdaddr = p_data->di_disc.bd_addr;
bta_dm_di_cb.p_di_db = p_data->di_disc.p_sdp_db;
bta_dm_search_cb.p_sdp_db =
(tSDP_DISCOVERY_DB*)osi_malloc(BTA_DM_SDP_DB_SIZE);
if (SDP_DiDiscover(bta_dm_search_cb.peer_bdaddr, p_data->di_disc.p_sdp_db,
p_data->di_disc.len,
bta_dm_di_disc_callback) == SDP_SUCCESS) {
result = BTA_SUCCESS;
}
if (result == BTA_FAILURE) {
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DI_DISCOVER_EVT;
p_data->hdr.offset = result;
bta_sys_sendmsg(p_msg);
}
}
/*******************************************************************************
*
* Function bta_dm_read_remote_device_name
*
* Description Initiate to get remote device name
*
* Returns true if started to get remote name
*
******************************************************************************/
static bool bta_dm_read_remote_device_name(const RawAddress& bd_addr,
tBT_TRANSPORT transport) {
tBTM_STATUS btm_status;
APPL_TRACE_DEBUG("%s", __func__);
bta_dm_search_cb.peer_bdaddr = bd_addr;
bta_dm_search_cb.peer_name[0] = 0;
btm_status =
BTM_ReadRemoteDeviceName(bta_dm_search_cb.peer_bdaddr,
(tBTM_CMPL_CB*)bta_dm_remname_cback, transport);
if (btm_status == BTM_CMD_STARTED) {
APPL_TRACE_DEBUG("%s: BTM_ReadRemoteDeviceName is started", __func__);
return (true);
} else if (btm_status == BTM_BUSY) {
APPL_TRACE_DEBUG("%s: BTM_ReadRemoteDeviceName is busy", __func__);
/* Remote name discovery is on going now so BTM cannot notify through
* "bta_dm_remname_cback" */
/* adding callback to get notified that current reading remore name done */
BTM_SecAddRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
return (true);
} else {
APPL_TRACE_WARNING("%s: BTM_ReadRemoteDeviceName returns 0x%02X", __func__,
btm_status);
return (false);
}
}
/*******************************************************************************
*
* Function bta_dm_inq_cmpl
*
* Description Process the inquiry complete event from BTM
*
* Returns void
*
******************************************************************************/
void bta_dm_inq_cmpl(tBTA_DM_MSG* p_data) {
tBTA_DM_SEARCH data;
APPL_TRACE_DEBUG("bta_dm_inq_cmpl");
data.inq_cmpl.num_resps = p_data->inq_cmpl.num;
bta_dm_search_cb.p_search_cback(BTA_DM_INQ_CMPL_EVT, &data);
bta_dm_search_cb.p_btm_inq_info = BTM_InqDbFirst();
if (bta_dm_search_cb.p_btm_inq_info != NULL) {
/* start name and service discovery from the first device on inquiry result
*/
bta_dm_search_cb.name_discover_done = false;
bta_dm_search_cb.peer_name[0] = 0;
bta_dm_discover_device(
bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
} else {
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
/* no devices, search complete */
bta_dm_search_cb.services = 0;
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
bta_sys_sendmsg(p_msg);
}
}
/*******************************************************************************
*
* Function bta_dm_rmt_name
*
* Description Process the remote name result from BTM
*
* Returns void
*
******************************************************************************/
void bta_dm_rmt_name(tBTA_DM_MSG* p_data) {
APPL_TRACE_DEBUG("bta_dm_rmt_name");
if (p_data->rem_name.result.disc_res.bd_name[0] &&
bta_dm_search_cb.p_btm_inq_info) {
bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name = true;
}
bta_dm_discover_device(bta_dm_search_cb.peer_bdaddr);
}
/*******************************************************************************
*
* Function bta_dm_disc_rmt_name
*
* Description Process the remote name result from BTM when application
* wants to find the name for a bdaddr
*
* Returns void
*
******************************************************************************/
void bta_dm_disc_rmt_name(tBTA_DM_MSG* p_data) {
tBTM_INQ_INFO* p_btm_inq_info;
APPL_TRACE_DEBUG("bta_dm_disc_rmt_name");
p_btm_inq_info = BTM_InqDbRead(p_data->rem_name.result.disc_res.bd_addr);
if (p_btm_inq_info) {
if (p_data->rem_name.result.disc_res.bd_name[0]) {
p_btm_inq_info->appl_knows_rem_name = true;
}
}
bta_dm_discover_device(p_data->rem_name.result.disc_res.bd_addr);
}
/*******************************************************************************
*
* Function bta_dm_sdp_result
*
* Description Process the discovery result from sdp
*
* Returns void
*
******************************************************************************/
void bta_dm_sdp_result(tBTA_DM_MSG* p_data) {
tSDP_DISC_REC* p_sdp_rec = NULL;
tBTA_DM_MSG* p_msg;
bool scn_found = false;
uint16_t service = 0xFFFF;
tSDP_PROTOCOL_ELEM pe;
tBT_UUID* p_uuid = bta_dm_search_cb.p_srvc_uuid;
tBTA_DM_SEARCH result;
tBT_UUID service_uuid;
uint32_t num_uuids = 0;
uint8_t uuid_list[BTA_MAX_SERVICES][MAX_UUID_SIZE]; // assuming a max of 32 services
if ((p_data->sdp_event.sdp_result == SDP_SUCCESS) ||
(p_data->sdp_event.sdp_result == SDP_NO_RECS_MATCH) ||
(p_data->sdp_event.sdp_result == SDP_DB_FULL)) {
APPL_TRACE_DEBUG("sdp_result::0x%x", p_data->sdp_event.sdp_result);
do {
p_sdp_rec = NULL;
if (bta_dm_search_cb.service_index == (BTA_USER_SERVICE_ID + 1)) {
p_sdp_rec = SDP_FindServiceUUIDInDb(bta_dm_search_cb.p_sdp_db,
&bta_dm_search_cb.uuid, p_sdp_rec);
if (p_sdp_rec && SDP_FindProtocolListElemInRec(
p_sdp_rec, UUID_PROTOCOL_RFCOMM, &pe)) {
bta_dm_search_cb.peer_scn = (uint8_t)pe.params[0];
scn_found = true;
}
} else {
service =
bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index - 1];
p_sdp_rec =
SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, service, p_sdp_rec);
}
/* finished with BR/EDR services, now we check the result for GATT based
* service UUID */
if (bta_dm_search_cb.service_index == BTA_MAX_SERVICE_ID) {
if (bta_dm_search_cb.uuid_to_search != 0 && p_uuid != NULL) {
p_uuid +=
(bta_dm_search_cb.num_uuid - bta_dm_search_cb.uuid_to_search);
/* only support 16 bits UUID for now */
service = p_uuid->uu.uuid16;
}
/* all GATT based services */
do {
/* find a service record, report it */
p_sdp_rec =
SDP_FindServiceInDb(bta_dm_search_cb.p_sdp_db, 0, p_sdp_rec);
if (p_sdp_rec) {
if (SDP_FindServiceUUIDInRec(p_sdp_rec, &service_uuid)) {
/* send result back to app now, one by one */
result.disc_ble_res.bd_addr = bta_dm_search_cb.peer_bdaddr;
strlcpy((char*)result.disc_ble_res.bd_name, bta_dm_get_remname(),
BD_NAME_LEN);
result.disc_ble_res.service.len = service_uuid.len;
result.disc_ble_res.service.uu.uuid16 = service_uuid.uu.uuid16;
bta_dm_search_cb.p_search_cback(BTA_DM_DISC_BLE_RES_EVT, &result);
}
}
if (bta_dm_search_cb.uuid_to_search > 0) break;
} while (p_sdp_rec);
} else {
/* SDP_DB_FULL means some records with the
required attributes were received */
if (((p_data->sdp_event.sdp_result == SDP_DB_FULL) &&
bta_dm_search_cb.services != BTA_ALL_SERVICE_MASK) ||
(p_sdp_rec != NULL)) {
if (service != UUID_SERVCLASS_PNP_INFORMATION) {
uint16_t tmp_svc = 0xFFFF;
bta_dm_search_cb.services_found |=
(tBTA_SERVICE_MASK)(BTA_SERVICE_ID_TO_SERVICE_MASK(
bta_dm_search_cb.service_index - 1));
tmp_svc =
bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index -
1];
/* Add to the list of UUIDs */
if (num_uuids < BTA_MAX_SERVICES) {
sdpu_uuid16_to_uuid128(tmp_svc, uuid_list[num_uuids]);
num_uuids++;
} else {
android_errorWriteLog(0x534e4554, "74016921");
}
}
}
}
if (bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK &&
bta_dm_search_cb.services_to_search == 0) {
if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
bta_dm_search_cb.uuid_to_search > 0)
bta_dm_search_cb.uuid_to_search--;
if (bta_dm_search_cb.uuid_to_search == 0 ||
bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
bta_dm_search_cb.service_index++;
} else /* regular one service per search or PNP search */
break;
} while (bta_dm_search_cb.service_index <= BTA_MAX_SERVICE_ID);
APPL_TRACE_DEBUG("%s services_found = %04x", __func__,
bta_dm_search_cb.services_found);
/* Collect the 128-bit services here and put them into the list */
if (bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK) {
p_sdp_rec = NULL;
do {
tBT_UUID temp_uuid;
/* find a service record, report it */
p_sdp_rec =
SDP_FindServiceInDb_128bit(bta_dm_search_cb.p_sdp_db, p_sdp_rec);
if (p_sdp_rec) {
if (SDP_FindServiceUUIDInRec_128bit(p_sdp_rec, &temp_uuid)) {
if (num_uuids < BTA_MAX_SERVICES) {
memcpy(uuid_list[num_uuids], temp_uuid.uu.uuid128, MAX_UUID_SIZE);
num_uuids++;
} else {
android_errorWriteLog(0x534e4554, "74016921");
}
}
}
} while (p_sdp_rec);
}
/* if there are more services to search for */
if (bta_dm_search_cb.services_to_search) {
/* Free up the p_sdp_db before checking the next one */
bta_dm_free_sdp_db(NULL);
bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
} else {
/* callbacks */
/* start next bd_addr if necessary */
BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
p_msg->disc_result.result.disc_res.p_raw_data = NULL;
p_msg->disc_result.result.disc_res.raw_data_size = 0;
p_msg->disc_result.result.disc_res.num_uuids = num_uuids;
p_msg->disc_result.result.disc_res.p_uuid_list = NULL;
if (num_uuids > 0) {
p_msg->disc_result.result.disc_res.p_uuid_list =
(uint8_t*)osi_malloc(num_uuids * MAX_UUID_SIZE);
memcpy(p_msg->disc_result.result.disc_res.p_uuid_list, uuid_list,
num_uuids * MAX_UUID_SIZE);
}
// Copy the raw_data to the discovery result structure
if (bta_dm_search_cb.p_sdp_db != NULL &&
bta_dm_search_cb.p_sdp_db->raw_used != 0 &&
bta_dm_search_cb.p_sdp_db->raw_data != NULL) {
APPL_TRACE_DEBUG("%s raw_data used = 0x%x raw_data_ptr = 0x%x",
__func__, bta_dm_search_cb.p_sdp_db->raw_used,
bta_dm_search_cb.p_sdp_db->raw_data);
p_msg->disc_result.result.disc_res.p_raw_data =
(uint8_t*)osi_malloc(bta_dm_search_cb.p_sdp_db->raw_used);
memcpy(p_msg->disc_result.result.disc_res.p_raw_data,
bta_dm_search_cb.p_sdp_db->raw_data,
bta_dm_search_cb.p_sdp_db->raw_used);
p_msg->disc_result.result.disc_res.raw_data_size =
bta_dm_search_cb.p_sdp_db->raw_used;
bta_dm_search_cb.p_sdp_db->raw_data =
NULL; // no need to free this - it is a global assigned.
bta_dm_search_cb.p_sdp_db->raw_used = 0;
bta_dm_search_cb.p_sdp_db->raw_size = 0;
} else {
APPL_TRACE_DEBUG("%s raw data size is 0 or raw_data is null!!",
__func__);
}
/* Done with p_sdp_db. Free it */
bta_dm_free_sdp_db(NULL);
p_msg->disc_result.result.disc_res.services =
bta_dm_search_cb.services_found;
// Piggy back the SCN over result field
if (scn_found) {
p_msg->disc_result.result.disc_res.result =
(3 + bta_dm_search_cb.peer_scn);
p_msg->disc_result.result.disc_res.services |= BTA_USER_SERVICE_MASK;
APPL_TRACE_EVENT(" Piggy back the SCN over result field SCN=%d",
bta_dm_search_cb.peer_scn);
}
p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr;
strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name,
bta_dm_get_remname(), BD_NAME_LEN);
bta_sys_sendmsg(p_msg);
}
} else {
/* conn failed. No need for timer */
if (p_data->sdp_event.sdp_result == SDP_CONN_FAILED ||
p_data->sdp_event.sdp_result == SDP_CONN_REJECTED ||
p_data->sdp_event.sdp_result == SDP_SECURITY_ERR)
bta_dm_search_cb.wait_disc = false;
/* not able to connect go to next device */
if (bta_dm_search_cb.p_sdp_db)
osi_free_and_reset((void**)&bta_dm_search_cb.p_sdp_db);
BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
p_msg->disc_result.result.disc_res.result = BTA_FAILURE;
p_msg->disc_result.result.disc_res.services =
bta_dm_search_cb.services_found;
p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr;
strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name,
bta_dm_get_remname(), BD_NAME_LEN);
bta_sys_sendmsg(p_msg);
}
}
/*******************************************************************************
*
* Function bta_dm_search_cmpl
*
* Description Sends event to application
*
* Returns void
*
******************************************************************************/
void bta_dm_search_cmpl(tBTA_DM_MSG* p_data) {
APPL_TRACE_EVENT("%s", __func__);
osi_free_and_reset((void**)&bta_dm_search_cb.p_srvc_uuid);
if (p_data->hdr.layer_specific == BTA_DM_API_DI_DISCOVER_EVT)
bta_dm_di_disc_cmpl(p_data);
else
bta_dm_search_cb.p_search_cback(BTA_DM_DISC_CMPL_EVT, NULL);
}
/*******************************************************************************
*
* Function bta_dm_disc_result
*
* Description Service discovery result when discovering services on a
* device
*
* Returns void
*
******************************************************************************/
void bta_dm_disc_result(tBTA_DM_MSG* p_data) {
APPL_TRACE_EVENT("%s", __func__);
/* if any BR/EDR service discovery has been done, report the event */
if ((bta_dm_search_cb.services &
((BTA_ALL_SERVICE_MASK | BTA_USER_SERVICE_MASK) &
~BTA_BLE_SERVICE_MASK)))
bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT,
&p_data->disc_result.result);
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
/* send a message to change state */
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
bta_sys_sendmsg(p_msg);
}
/*******************************************************************************
*
* Function bta_dm_search_result
*
* Description Service discovery result while searching for devices
*
* Returns void
*
******************************************************************************/
void bta_dm_search_result(tBTA_DM_MSG* p_data) {
APPL_TRACE_DEBUG("%s searching:0x%04x, result:0x%04x", __func__,
bta_dm_search_cb.services,
p_data->disc_result.result.disc_res.services);
/* call back if application wants name discovery or found services that
* application is searching */
if ((!bta_dm_search_cb.services) ||
((bta_dm_search_cb.services) &&
(p_data->disc_result.result.disc_res.services))) {
bta_dm_search_cb.p_search_cback(BTA_DM_DISC_RES_EVT,
&p_data->disc_result.result);
}
/* if searching did not initiate to create link */
if (!bta_dm_search_cb.wait_disc) {
/* if service searching is done with EIR, don't search next device */
if (bta_dm_search_cb.p_btm_inq_info) bta_dm_discover_next_device();
} else {
/* wait until link is disconnected or timeout */
bta_dm_search_cb.sdp_results = true;
alarm_set_on_mloop(bta_dm_search_cb.search_timer,
1000 * (L2CAP_LINK_INACTIVITY_TOUT + 1),
bta_dm_search_timer_cback, NULL);
}
}
/*******************************************************************************
*
* Function bta_dm_search_timer_cback
*
* Description Called when ACL disconnect time is over
*
*
* Returns void
*
******************************************************************************/
static void bta_dm_search_timer_cback(UNUSED_ATTR void* data) {
APPL_TRACE_EVENT("%s", __func__);
bta_dm_search_cb.wait_disc = false;
/* proceed with next device */
bta_dm_discover_next_device();
}
/*******************************************************************************
*
* Function bta_dm_free_sdp_db
*
* Description Frees SDP data base
*
* Returns void
*
******************************************************************************/
void bta_dm_free_sdp_db(UNUSED_ATTR tBTA_DM_MSG* p_data) {
osi_free_and_reset((void**)&bta_dm_search_cb.p_sdp_db);
}
/*******************************************************************************
*
* Function bta_dm_queue_search
*
* Description Queues search command while search is being cancelled
*
* Returns void
*
******************************************************************************/
void bta_dm_queue_search(tBTA_DM_MSG* p_data) {
osi_free(bta_dm_search_cb.p_search_queue);
bta_dm_search_cb.p_search_queue =
(tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_API_SEARCH));
memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_SEARCH));
}
/*******************************************************************************
*
* Function bta_dm_queue_disc
*
* Description Queues discovery command while search is being cancelled
*
* Returns void
*
******************************************************************************/
void bta_dm_queue_disc(tBTA_DM_MSG* p_data) {
osi_free(bta_dm_search_cb.p_search_queue);
bta_dm_search_cb.p_search_queue =
(tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_API_DISCOVER));
memcpy(bta_dm_search_cb.p_search_queue, p_data, sizeof(tBTA_DM_API_DISCOVER));
}
/*******************************************************************************
*
* Function bta_dm_search_clear_queue
*
* Description Clears the queue if API search cancel is called
*
* Returns void
*
******************************************************************************/
void bta_dm_search_clear_queue(UNUSED_ATTR tBTA_DM_MSG* p_data) {
osi_free_and_reset((void**)&bta_dm_search_cb.p_search_queue);
}
/*******************************************************************************
*
* Function bta_dm_search_cancel_cmpl
*
* Description Search cancel is complete
*
* Returns void
*
******************************************************************************/
void bta_dm_search_cancel_cmpl(UNUSED_ATTR tBTA_DM_MSG* p_data) {
if (bta_dm_search_cb.p_search_queue) {
bta_sys_sendmsg(bta_dm_search_cb.p_search_queue);
bta_dm_search_cb.p_search_queue = NULL;
}
}
/*******************************************************************************
*
* Function bta_dm_search_cancel_transac_cmpl
*
* Description Current Service Discovery or remote name procedure is
* completed after search cancellation
*
* Returns void
*
******************************************************************************/
void bta_dm_search_cancel_transac_cmpl(UNUSED_ATTR tBTA_DM_MSG* p_data) {
osi_free_and_reset((void**)&bta_dm_search_cb.p_sdp_db);
bta_dm_search_cancel_notify(NULL);
}
/*******************************************************************************
*
* Function bta_dm_search_cancel_notify
*
* Description Notify application that search has been cancelled
*
* Returns void
*
******************************************************************************/
void bta_dm_search_cancel_notify(UNUSED_ATTR tBTA_DM_MSG* p_data) {
if (bta_dm_search_cb.p_search_cback) {
bta_dm_search_cb.p_search_cback(BTA_DM_SEARCH_CANCEL_CMPL_EVT, NULL);
}
if (!bta_dm_search_cb.name_discover_done) {
BTM_CancelRemoteDeviceName();
}
if (bta_dm_search_cb.gatt_disc_active) {
bta_dm_cancel_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
}
}
/*******************************************************************************
*
* Function bta_dm_find_services
*
* Description Starts discovery on a device
*
* Returns void
*
******************************************************************************/
static void bta_dm_find_services(const RawAddress& bd_addr) {
tSDP_UUID uuid;
memset(&uuid, 0, sizeof(tSDP_UUID));
while (bta_dm_search_cb.service_index < BTA_MAX_SERVICE_ID) {
if (bta_dm_search_cb.services_to_search &
(tBTA_SERVICE_MASK)(
BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index))) {
bta_dm_search_cb.p_sdp_db =
(tSDP_DISCOVERY_DB*)osi_malloc(BTA_DM_SDP_DB_SIZE);
APPL_TRACE_DEBUG("bta_dm_search_cb.services = %04x***********",
bta_dm_search_cb.services);
/* try to search all services by search based on L2CAP UUID */
if (bta_dm_search_cb.services == BTA_ALL_SERVICE_MASK) {
LOG_INFO(LOG_TAG, "%s services_to_search=%08x", __func__,
bta_dm_search_cb.services_to_search);
if (bta_dm_search_cb.services_to_search & BTA_RES_SERVICE_MASK) {
uuid.uu.uuid16 = bta_service_id_to_uuid_lkup_tbl[0];
bta_dm_search_cb.services_to_search &= ~BTA_RES_SERVICE_MASK;
} else {
uuid.uu.uuid16 = UUID_PROTOCOL_L2CAP;
bta_dm_search_cb.services_to_search = 0;
}
} else {
/* for LE only profile */
if (bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID) {
if (bta_dm_search_cb.uuid_to_search > 0 &&
bta_dm_search_cb.p_srvc_uuid) {
memcpy(&uuid, (const void*)(bta_dm_search_cb.p_srvc_uuid +
bta_dm_search_cb.num_uuid -
bta_dm_search_cb.uuid_to_search),
sizeof(tBT_UUID));
bta_dm_search_cb.uuid_to_search--;
} else {
uuid.uu.uuid16 =
bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
}
/* last one? clear the BLE service bit if all discovery has been done
*/
if (bta_dm_search_cb.uuid_to_search == 0)
bta_dm_search_cb.services_to_search &=
(tBTA_SERVICE_MASK)(~(BTA_SERVICE_ID_TO_SERVICE_MASK(
bta_dm_search_cb.service_index)));
} else {
/* remove the service from services to be searched */
bta_dm_search_cb.services_to_search &= (tBTA_SERVICE_MASK)(~(
BTA_SERVICE_ID_TO_SERVICE_MASK(bta_dm_search_cb.service_index)));
uuid.uu.uuid16 =
bta_service_id_to_uuid_lkup_tbl[bta_dm_search_cb.service_index];
}
}
if (uuid.len == 0) uuid.len = LEN_UUID_16;
if (bta_dm_search_cb.service_index == BTA_USER_SERVICE_ID) {
memcpy(&uuid, &bta_dm_search_cb.uuid, sizeof(tSDP_UUID));
}
LOG_INFO(LOG_TAG, "%s search UUID = %04x", __func__, uuid.uu.uuid16);
SDP_InitDiscoveryDb(bta_dm_search_cb.p_sdp_db, BTA_DM_SDP_DB_SIZE, 1,
&uuid, 0, NULL);
memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
bta_dm_search_cb.p_sdp_db->raw_data = g_disc_raw_data_buf;
bta_dm_search_cb.p_sdp_db->raw_size = MAX_DISC_RAW_DATA_BUF;
if (!SDP_ServiceSearchAttributeRequest(bd_addr, bta_dm_search_cb.p_sdp_db,
&bta_dm_sdp_callback)) {
/*
* If discovery is not successful with this device, then
* proceed with the next one.
*/
osi_free_and_reset((void**)&bta_dm_search_cb.p_sdp_db);
bta_dm_search_cb.service_index = BTA_MAX_SERVICE_ID;
} else {
if ((bta_dm_search_cb.service_index == BTA_BLE_SERVICE_ID &&
bta_dm_search_cb.uuid_to_search == 0) ||
bta_dm_search_cb.service_index != BTA_BLE_SERVICE_ID)
bta_dm_search_cb.service_index++;
return;
}
}
bta_dm_search_cb.service_index++;
}
/* no more services to be discovered */
if (bta_dm_search_cb.service_index >= BTA_MAX_SERVICE_ID) {
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
/* initialize the data structure - includes p_raw_data and raw_data_size */
memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES));
p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
p_msg->disc_result.result.disc_res.services =
bta_dm_search_cb.services_found;
p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr;
strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name,
bta_dm_get_remname(), BD_NAME_LEN);
bta_sys_sendmsg(p_msg);
}
}
/*******************************************************************************
*
* Function bta_dm_discover_next_device
*
* Description Starts discovery on the next device in Inquiry data base
*
* Returns void
*
******************************************************************************/
static void bta_dm_discover_next_device(void) {
APPL_TRACE_DEBUG("bta_dm_discover_next_device");
/* searching next device on inquiry result */
bta_dm_search_cb.p_btm_inq_info =
BTM_InqDbNext(bta_dm_search_cb.p_btm_inq_info);
if (bta_dm_search_cb.p_btm_inq_info != NULL) {
bta_dm_search_cb.name_discover_done = false;
bta_dm_search_cb.peer_name[0] = 0;
bta_dm_discover_device(
bta_dm_search_cb.p_btm_inq_info->results.remote_bd_addr);
} else {
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
/* no devices, search complete */
bta_dm_search_cb.services = 0;
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
bta_sys_sendmsg(p_msg);
}
}
/*******************************************************************************
*
* Function bta_dm_discover_device
*
* Description Starts name and service discovery on the device
*
* Returns void
*
******************************************************************************/
static void bta_dm_discover_device(const RawAddress& remote_bd_addr) {
tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
if (bta_dm_search_cb.transport == BTA_TRANSPORT_UNKNOWN) {
tBT_DEVICE_TYPE dev_type;
tBLE_ADDR_TYPE addr_type;
BTM_ReadDevInfo(remote_bd_addr, &dev_type, &addr_type);
if (dev_type == BT_DEVICE_TYPE_BLE || addr_type == BLE_ADDR_RANDOM)
transport = BT_TRANSPORT_LE;
} else {
transport = bta_dm_search_cb.transport;
}
/* Reset transport state for next discovery */
bta_dm_search_cb.transport = BTA_TRANSPORT_UNKNOWN;
VLOG(1) << __func__ << " BDA: " << remote_bd_addr;
bta_dm_search_cb.peer_bdaddr = remote_bd_addr;
APPL_TRACE_DEBUG(
"%s name_discover_done = %d p_btm_inq_info 0x%x state = %d, transport=%d",
__func__, bta_dm_search_cb.name_discover_done,
bta_dm_search_cb.p_btm_inq_info, bta_dm_search_cb.state, transport);
if (bta_dm_search_cb.p_btm_inq_info) {
APPL_TRACE_DEBUG("%s appl_knows_rem_name %d", __func__,
bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name);
}
if ((bta_dm_search_cb.p_btm_inq_info) &&
(bta_dm_search_cb.p_btm_inq_info->results.device_type ==
BT_DEVICE_TYPE_BLE) &&
(bta_dm_search_cb.state == BTA_DM_SEARCH_ACTIVE)) {
/* Do not perform RNR for LE devices at inquiry complete*/
bta_dm_search_cb.name_discover_done = true;
}
/* if name discovery is not done and application needs remote name */
if ((!bta_dm_search_cb.name_discover_done) &&
((bta_dm_search_cb.p_btm_inq_info == NULL) ||
(bta_dm_search_cb.p_btm_inq_info &&
(!bta_dm_search_cb.p_btm_inq_info->appl_knows_rem_name)))) {
if (bta_dm_read_remote_device_name(bta_dm_search_cb.peer_bdaddr,
transport) == true)
return;
/* starting name discovery failed */
bta_dm_search_cb.name_discover_done = true;
}
/* if application wants to discover service */
if (bta_dm_search_cb.services) {
/* initialize variables */
bta_dm_search_cb.service_index = 0;
bta_dm_search_cb.services_found = 0;
bta_dm_search_cb.services_to_search = bta_dm_search_cb.services;
bta_dm_search_cb.uuid_to_search = bta_dm_search_cb.num_uuid;
if ((bta_dm_search_cb.p_btm_inq_info != NULL) &&
bta_dm_search_cb.services != BTA_USER_SERVICE_MASK &&
(bta_dm_search_cb.sdp_search == false)) {
/* check if EIR provides the information of supported services */
bta_dm_eir_search_services(&bta_dm_search_cb.p_btm_inq_info->results,
&bta_dm_search_cb.services_to_search,
&bta_dm_search_cb.services_found);
}
/* if seaching with EIR is not completed */
if (bta_dm_search_cb.services_to_search) {
/* check whether connection already exists to the device
if connection exists, we don't have to wait for ACL
link to go down to start search on next device */
if (BTM_IsAclConnectionUp(bta_dm_search_cb.peer_bdaddr,
BT_TRANSPORT_BR_EDR))
bta_dm_search_cb.wait_disc = false;
else
bta_dm_search_cb.wait_disc = true;
if (bta_dm_search_cb.p_btm_inq_info) {
APPL_TRACE_DEBUG(
"%s p_btm_inq_info 0x%x results.device_type 0x%x "
"services_to_search 0x%x",
__func__, bta_dm_search_cb.p_btm_inq_info,
bta_dm_search_cb.p_btm_inq_info->results.device_type,
bta_dm_search_cb.services_to_search);
}
if (transport == BT_TRANSPORT_LE) {
if (bta_dm_search_cb.services_to_search & BTA_BLE_SERVICE_MASK) {
// set the raw data buffer here
memset(g_disc_raw_data_buf, 0, sizeof(g_disc_raw_data_buf));
bta_dm_search_cb.p_ble_rawdata = g_disc_raw_data_buf;
bta_dm_search_cb.ble_raw_size = MAX_DISC_RAW_DATA_BUF;
bta_dm_search_cb.ble_raw_used = 0;
/* start GATT for service discovery */
btm_dm_start_gatt_discovery(bta_dm_search_cb.peer_bdaddr);
return;
}
} else {
bta_dm_search_cb.sdp_results = false;
bta_dm_find_services(bta_dm_search_cb.peer_bdaddr);
return;
}
}
}
/* name discovery and service discovery are done for this device */
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
p_msg->hdr.event = BTA_DM_DISCOVERY_RESULT_EVT;
/* initialize the data structure - includes p_raw_data and raw_data_size */
memset(&(p_msg->disc_result.result), 0, sizeof(tBTA_DM_DISC_RES));
p_msg->disc_result.result.disc_res.result = BTA_SUCCESS;
p_msg->disc_result.result.disc_res.services = bta_dm_search_cb.services_found;
p_msg->disc_result.result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr;
strlcpy((char*)p_msg->disc_result.result.disc_res.bd_name,
(char*)bta_dm_search_cb.peer_name, BD_NAME_LEN);
bta_sys_sendmsg(p_msg);
}
/*******************************************************************************
*
* Function bta_dm_sdp_callback
*
* Description Callback from sdp with discovery status
*
* Returns void
*
******************************************************************************/
static void bta_dm_sdp_callback(uint16_t sdp_status) {
tBTA_DM_SDP_RESULT* p_msg =
(tBTA_DM_SDP_RESULT*)osi_malloc(sizeof(tBTA_DM_SDP_RESULT));
p_msg->hdr.event = BTA_DM_SDP_RESULT_EVT;
p_msg->sdp_result = sdp_status;
bta_sys_sendmsg(p_msg);
}
/*******************************************************************************
*
* Function bta_dm_inq_results_cb
*
* Description Inquiry results callback from BTM
*
* Returns void
*
******************************************************************************/
static void bta_dm_inq_results_cb(tBTM_INQ_RESULTS* p_inq, uint8_t* p_eir,
uint16_t eir_len) {
tBTA_DM_SEARCH result;
tBTM_INQ_INFO* p_inq_info;
uint16_t service_class;
result.inq_res.bd_addr = p_inq->remote_bd_addr;
memcpy(result.inq_res.dev_class, p_inq->dev_class, DEV_CLASS_LEN);
BTM_COD_SERVICE_CLASS(service_class, p_inq->dev_class);
result.inq_res.is_limited =
(service_class & BTM_COD_SERVICE_LMTD_DISCOVER) ? true : false;
result.inq_res.rssi = p_inq->rssi;
result.inq_res.ble_addr_type = p_inq->ble_addr_type;
result.inq_res.inq_result_type = p_inq->inq_result_type;
result.inq_res.device_type = p_inq->device_type;
result.inq_res.flag = p_inq->flag;
/* application will parse EIR to find out remote device name */
result.inq_res.p_eir = p_eir;
result.inq_res.eir_len = eir_len;
p_inq_info = BTM_InqDbRead(p_inq->remote_bd_addr);
if (p_inq_info != NULL) {
/* initialize remt_name_not_required to false so that we get the name by
* default */
result.inq_res.remt_name_not_required = false;
}
if (bta_dm_search_cb.p_search_cback)
bta_dm_search_cb.p_search_cback(BTA_DM_INQ_RES_EVT, &result);
if (p_inq_info) {
/* application indicates if it knows the remote name, inside the callback
copy that to the inquiry data base*/
if (result.inq_res.remt_name_not_required)
p_inq_info->appl_knows_rem_name = true;
}
}
/*******************************************************************************
*
* Function bta_dm_inq_cmpl_cb
*
* Description Inquiry complete callback from BTM
*
* Returns void
*
******************************************************************************/
static void bta_dm_inq_cmpl_cb(void* p_result) {
tBTA_DM_MSG* p_msg = (tBTA_DM_MSG*)osi_malloc(sizeof(tBTA_DM_MSG));
APPL_TRACE_DEBUG("%s", __func__);
if (bta_dm_search_cb.cancel_pending == false) {
p_msg->inq_cmpl.hdr.event = BTA_DM_INQUIRY_CMPL_EVT;
p_msg->inq_cmpl.num = ((tBTM_INQUIRY_CMPL*)p_result)->num_resp;
} else {
bta_dm_search_cb.cancel_pending = false;
bta_dm_search_cancel_notify(NULL);
p_msg->hdr.event = BTA_DM_SEARCH_CMPL_EVT;
p_msg->hdr.layer_specific = BTA_DM_API_DISCOVER_EVT;
}
bta_sys_sendmsg(p_msg);
}
/*******************************************************************************
*
* Function bta_dm_service_search_remname_cback
*
* Description Remote name call back from BTM during service discovery
*
* Returns void
*
******************************************************************************/
static void bta_dm_service_search_remname_cback(const RawAddress& bd_addr,
UNUSED_ATTR DEV_CLASS dc,
BD_NAME bd_name) {
tBTM_REMOTE_DEV_NAME rem_name;
tBTM_STATUS btm_status;
APPL_TRACE_DEBUG("%s name=<%s>", __func__, bd_name);
/* if this is what we are looking for */
if (bta_dm_search_cb.peer_bdaddr == bd_addr) {
rem_name.length = strlen((char*)bd_name);
if (rem_name.length > (BD_NAME_LEN - 1)) {
rem_name.length = (BD_NAME_LEN - 1);
rem_name.remote_bd_name[(BD_NAME_LEN - 1)] = 0;
}
strlcpy((char*)rem_name.remote_bd_name, (char*)bd_name, BD_NAME_LEN);
rem_name.status = BTM_SUCCESS;
bta_dm_remname_cback(&rem_name);
} else {
/* get name of device */
btm_status = BTM_ReadRemoteDeviceName(bta_dm_search_cb.peer_bdaddr,
(tBTM_CMPL_CB*)bta_dm_remname_cback,
BT_TRANSPORT_BR_EDR);
if (btm_status == BTM_BUSY) {
/* wait for next chance(notification of remote name discovery done) */
APPL_TRACE_DEBUG("%s: BTM_ReadRemoteDeviceName is busy", __func__);
} else if (btm_status != BTM_CMD_STARTED) {
/* if failed to start getting remote name then continue */
APPL_TRACE_WARNING("%s: BTM_ReadRemoteDeviceName returns 0x%02X",
__func__, btm_status);
rem_name.length = 0;
rem_name.remote_bd_name[0] = 0;
rem_name.status = btm_status;
bta_dm_remname_cback(&rem_name);
}
}
}
/*******************************************************************************
*
* Function bta_dm_remname_cback
*
* Description Remote name complete call back from BTM
*
* Returns void
*
******************************************************************************/
static void bta_dm_remname_cback(tBTM_REMOTE_DEV_NAME* p_remote_name) {
APPL_TRACE_DEBUG("bta_dm_remname_cback len = %d name=<%s>",
p_remote_name->length, p_remote_name->remote_bd_name);
/* remote name discovery is done but it could be failed */
bta_dm_search_cb.name_discover_done = true;
strlcpy((char*)bta_dm_search_cb.peer_name,
(char*)p_remote_name->remote_bd_name, BD_NAME_LEN);
BTM_SecDeleteRmtNameNotifyCallback(&bta_dm_service_search_remname_cback);
if (bta_dm_search_cb.transport == BT_TRANSPORT_LE) {
GAP_BleReadPeerPrefConnParams(bta_dm_search_cb.peer_bdaddr);
}
tBTA_DM_REM_NAME* p_msg =
(tBTA_DM_REM_NAME*)osi_malloc(sizeof(tBTA_DM_REM_NAME));
p_msg->result.disc_res.bd_addr = bta_dm_search_cb.peer_bdaddr;
strlcpy((char*)p_msg->result.disc_res.bd_name,
(char*)p_remote_name->remote_bd_name, BD_NAME_LEN);
p_msg->hdr.event = BTA_DM_REMT_NAME_EVT;
bta_sys_sendmsg(p_msg);
}
/*******************************************************************************
*
* Function bta_dm_authorize_cback
*
* Description cback requesting authorization
*
* Returns void
*
******************************************************************************/
static uint8_t bta_dm_authorize_cback(const RawAddress& bd_addr,
DEV_CLASS dev_class, BD_NAME bd_name,
UNUSED_ATTR uint8_t* service_name,
uint8_t service_id,
UNUSED_ATTR bool is_originator) {
tBTA_DM_SEC sec_event;
uint8_t index = 1;
sec_event.authorize.bd_addr = bd_addr;
memcpy(sec_event.authorize.dev_class, dev_class, DEV_CLASS_LEN);
strlcpy((char*)sec_event.authorize.bd_name, (char*)bd_name, BD_NAME_LEN);
#if (BTA_JV_INCLUDED == TRUE)
sec_event.authorize.service = service_id;
#endif
while (index < BTA_MAX_SERVICE_ID) {
/* get the BTA service id corresponding to BTM id */
if (bta_service_id_to_btm_srv_id_lkup_tbl[index] == service_id) {
sec_event.authorize.service = index;
break;
}
index++;
}
/* if supported service callback otherwise not authorized */
if (bta_dm_cb.p_sec_cback && (index < BTA_MAX_SERVICE_ID
#if (BTA_JV_INCLUDED == TRUE)
/* pass through JV service ID */
|| (service_id >= BTA_FIRST_JV_SERVICE_ID &&
service_id <= BTA_LAST_JV_SERVICE_ID)
#endif
)) {
bta_dm_cb.p_sec_cback(BTA_DM_AUTHORIZE_EVT, &sec_event);
return BTM_CMD_STARTED;
} else {
return BTM_NOT_AUTHORIZED;
}
}
/*******************************************************************************
*
* Function bta_dm_pinname_cback
*
* Description Callback requesting pin_key
*
* Returns void
*
******************************************************************************/
static void bta_dm_pinname_cback(void* p_data) {
tBTM_REMOTE_DEV_NAME* p_result = (tBTM_REMOTE_DEV_NAME*)p_data;
tBTA_DM_SEC sec_event;
uint32_t bytes_to_copy;
tBTA_DM_SEC_EVT event = bta_dm_cb.pin_evt;
if (BTA_DM_SP_CFM_REQ_EVT == event) {
/* Retrieved saved device class and bd_addr */
sec_event.cfm_req.bd_addr = bta_dm_cb.pin_bd_addr;
BTA_COPY_DEVICE_CLASS(sec_event.cfm_req.dev_class, bta_dm_cb.pin_dev_class);
if (p_result && p_result->status == BTM_SUCCESS) {
bytes_to_copy = (p_result->length < (BD_NAME_LEN - 1))
? p_result->length
: (BD_NAME_LEN - 1);
memcpy(sec_event.cfm_req.bd_name, p_result->remote_bd_name,
bytes_to_copy);
sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0;
} else /* No name found */
sec_event.cfm_req.bd_name[0] = 0;
sec_event.key_notif.passkey =
bta_dm_cb.num_val; /* get PIN code numeric number */
/* 1 additional event data fields for this event */
sec_event.cfm_req.just_works = bta_dm_cb.just_works;
} else {
/* Retrieved saved device class and bd_addr */
sec_event.pin_req.bd_addr = bta_dm_cb.pin_bd_addr;
BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, bta_dm_cb.pin_dev_class);
if (p_result && p_result->status == BTM_SUCCESS) {
bytes_to_copy = (p_result->length < (BD_NAME_LEN - 1))
? p_result->length
: (BD_NAME_LEN - 1);
memcpy(sec_event.pin_req.bd_name, p_result->remote_bd_name,
bytes_to_copy);
sec_event.pin_req.bd_name[BD_NAME_LEN - 1] = 0;
} else /* No name found */
sec_event.pin_req.bd_name[0] = 0;
event = bta_dm_cb.pin_evt;
sec_event.key_notif.passkey =
bta_dm_cb.num_val; /* get PIN code numeric number */
}
if (bta_dm_cb.p_sec_cback) bta_dm_cb.p_sec_cback(event, &sec_event);
}
/*******************************************************************************
*
* Function bta_dm_pin_cback
*
* Description Callback requesting pin_key
*
* Returns void
*
******************************************************************************/
static uint8_t bta_dm_pin_cback(const RawAddress& bd_addr, DEV_CLASS dev_class,
BD_NAME bd_name, bool min_16_digit) {
tBTA_DM_SEC sec_event;
if (!bta_dm_cb.p_sec_cback) return BTM_NOT_AUTHORIZED;
/* If the device name is not known, save bdaddr and devclass and initiate a
* name request */
if (bd_name[0] == 0) {
bta_dm_cb.pin_evt = BTA_DM_PIN_REQ_EVT;
bta_dm_cb.pin_bd_addr = bd_addr;
BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class, dev_class);
if ((BTM_ReadRemoteDeviceName(bd_addr, bta_dm_pinname_cback,
BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
return BTM_CMD_STARTED;
APPL_TRACE_WARNING(
" bta_dm_pin_cback() -> Failed to start Remote Name Request ");
}
sec_event.pin_req.bd_addr = bd_addr;
BTA_COPY_DEVICE_CLASS(sec_event.pin_req.dev_class, dev_class);
strlcpy((char*)sec_event.pin_req.bd_name, (char*)bd_name, BD_NAME_LEN);
sec_event.pin_req.min_16_digit = min_16_digit;
bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
return BTM_CMD_STARTED;
}
/*******************************************************************************
*
* Function bta_dm_new_link_key_cback
*
* Description Callback from BTM to notify new link key
*
* Returns void
*
******************************************************************************/
static uint8_t bta_dm_new_link_key_cback(const RawAddress& bd_addr,
UNUSED_ATTR DEV_CLASS dev_class,
BD_NAME bd_name, LINK_KEY key,
uint8_t key_type) {
tBTA_DM_SEC sec_event;
tBTA_DM_AUTH_CMPL* p_auth_cmpl;
uint8_t event;
memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
/* Not AMP Key type */
if (key_type != HCI_LKEY_TYPE_AMP_WIFI && key_type != HCI_LKEY_TYPE_AMP_UWB) {
event = BTA_DM_AUTH_CMPL_EVT;
p_auth_cmpl = &sec_event.auth_cmpl;
p_auth_cmpl->bd_addr = bd_addr;
memcpy(p_auth_cmpl->bd_name, bd_name, (BD_NAME_LEN - 1));
p_auth_cmpl->bd_name[BD_NAME_LEN - 1] = 0;
p_auth_cmpl->key_present = true;
p_auth_cmpl->key_type = key_type;
p_auth_cmpl->success = true;
memcpy(p_auth_cmpl->key, key, LINK_KEY_LEN);
sec_event.auth_cmpl.fail_reason = HCI_SUCCESS;
// Report the BR link key based on the BR/EDR address and type
BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type,
&sec_event.auth_cmpl.addr_type);
if (bta_dm_cb.p_sec_cback) bta_dm_cb.p_sec_cback(event, &sec_event);
// Setting remove_dev_pending flag to false, where it will avoid deleting
// the
// security device record when the ACL connection link goes down in case of
// reconnection.
if (bta_dm_cb.device_list.count)
bta_dm_reset_sec_dev_pending(p_auth_cmpl->bd_addr);
} else {
APPL_TRACE_WARNING("%s() Received AMP Key", __func__);
}
return BTM_CMD_STARTED;
}
/*******************************************************************************
*
* Function bta_dm_authentication_complete_cback
*
* Description Authentication complete callback from BTM
*
* Returns void
*
******************************************************************************/
static uint8_t bta_dm_authentication_complete_cback(
const RawAddress& bd_addr, UNUSED_ATTR DEV_CLASS dev_class, BD_NAME bd_name,
int result) {
tBTA_DM_SEC sec_event;
if (result != BTM_SUCCESS) {
memset(&sec_event, 0, sizeof(tBTA_DM_SEC));
sec_event.auth_cmpl.bd_addr = bd_addr;
memcpy(sec_event.auth_cmpl.bd_name, bd_name, (BD_NAME_LEN - 1));
sec_event.auth_cmpl.bd_name[BD_NAME_LEN - 1] = 0;
// Report the BR link key based on the BR/EDR address and type
BTM_ReadDevInfo(bd_addr, &sec_event.auth_cmpl.dev_type,
&sec_event.auth_cmpl.addr_type);
sec_event.auth_cmpl.fail_reason = (uint8_t)result;
if (bta_dm_cb.p_sec_cback)
bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event);
if (result == HCI_ERR_AUTH_FAILURE || result == HCI_ERR_KEY_MISSING ||
result == HCI_ERR_HOST_REJECT_SECURITY ||
result == HCI_ERR_ENCRY_MODE_NOT_ACCEPTABLE) {
APPL_TRACE_WARNING("%s deleting %s - result: 0x%02x", __func__,
bd_addr.ToString().c_str(), result);
bta_dm_remove_sec_dev_entry(bd_addr);
}
}
return BTM_SUCCESS;
}
#if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE)
/*******************************************************************************
*
* Function bta_dm_sp_cback
*
* Description simple pairing callback from BTM
*
* Returns void
*
******************************************************************************/
static uint8_t bta_dm_sp_cback(tBTM_SP_EVT event, tBTM_SP_EVT_DATA* p_data) {
tBTM_STATUS status = BTM_CMD_STARTED;
tBTA_DM_SEC sec_event;
tBTA_DM_SEC_EVT pin_evt = BTA_DM_SP_KEY_NOTIF_EVT;
APPL_TRACE_EVENT("bta_dm_sp_cback: %d", event);
if (!bta_dm_cb.p_sec_cback) return BTM_NOT_AUTHORIZED;
/* TODO_SP */
switch (event) {
case BTM_SP_IO_REQ_EVT:
/* translate auth_req */
bta_dm_co_io_req(p_data->io_req.bd_addr, &p_data->io_req.io_cap,
&p_data->io_req.oob_data, &p_data->io_req.auth_req,
p_data->io_req.is_orig);
APPL_TRACE_EVENT("io mitm: %d oob_data:%d", p_data->io_req.auth_req,
p_data->io_req.oob_data);
break;
case BTM_SP_IO_RSP_EVT:
bta_dm_co_io_rsp(p_data->io_rsp.bd_addr, p_data->io_rsp.io_cap,
p_data->io_rsp.oob_data, p_data->io_rsp.auth_req);
break;
case BTM_SP_CFM_REQ_EVT:
pin_evt = BTA_DM_SP_CFM_REQ_EVT;
bta_dm_cb.just_works = sec_event.cfm_req.just_works =
p_data->cfm_req.just_works;
sec_event.cfm_req.loc_auth_req = p_data->cfm_req.loc_auth_req;
sec_event.cfm_req.rmt_auth_req = p_data->cfm_req.rmt_auth_req;
sec_event.cfm_req.loc_io_caps = p_data->cfm_req.loc_io_caps;
sec_event.cfm_req.rmt_io_caps = p_data->cfm_req.rmt_io_caps;
/* continue to next case */
/* Passkey entry mode, mobile device with output capability is very
unlikely to receive key request, so skip this event */
/*case BTM_SP_KEY_REQ_EVT: */
case BTM_SP_KEY_NOTIF_EVT:
bta_dm_cb.num_val = sec_event.key_notif.passkey =
p_data->key_notif.passkey;
if (BTM_SP_CFM_REQ_EVT == event) {
/* Due to the switch case falling through below to BTM_SP_KEY_NOTIF_EVT,
call remote name request using values from cfm_req */
if (p_data->cfm_req.bd_name[0] == 0) {
bta_dm_cb.pin_evt = pin_evt;
bta_dm_cb.pin_bd_addr = p_data->cfm_req.bd_addr;
BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class,
p_data->cfm_req.dev_class);
if ((BTM_ReadRemoteDeviceName(
p_data->cfm_req.bd_addr, bta_dm_pinname_cback,
BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
return BTM_CMD_STARTED;
APPL_TRACE_WARNING(
" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
} else {
/* Due to the switch case falling through below to
BTM_SP_KEY_NOTIF_EVT,
copy these values into key_notif from cfm_req */
sec_event.key_notif.bd_addr = p_data->cfm_req.bd_addr;
BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class,
p_data->cfm_req.dev_class);
strlcpy((char*)sec_event.key_notif.bd_name,
(char*)p_data->cfm_req.bd_name, BD_NAME_LEN);
}
}
if (BTM_SP_KEY_NOTIF_EVT == event) {
/* If the device name is not known, save bdaddr and devclass
and initiate a name request with values from key_notif */
if (p_data->key_notif.bd_name[0] == 0) {
bta_dm_cb.pin_evt = pin_evt;
bta_dm_cb.pin_bd_addr = p_data->key_notif.bd_addr;
BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class,
p_data->key_notif.dev_class);
if ((BTM_ReadRemoteDeviceName(
p_data->key_notif.bd_addr, bta_dm_pinname_cback,
BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
return BTM_CMD_STARTED;
APPL_TRACE_WARNING(
" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
} else {
sec_event.key_notif.bd_addr = p_data->key_notif.bd_addr;
BTA_COPY_DEVICE_CLASS(sec_event.key_notif.dev_class,
p_data->key_notif.dev_class);
strlcpy((char*)sec_event.key_notif.bd_name,
(char*)p_data->key_notif.bd_name, BD_NAME_LEN);
sec_event.key_notif.bd_name[BD_NAME_LEN - 1] = 0;
}
}
bta_dm_cb.p_sec_cback(pin_evt, &sec_event);
break;
case BTM_SP_LOC_OOB_EVT:
bta_dm_co_loc_oob((bool)(p_data->loc_oob.status == BTM_SUCCESS),
p_data->loc_oob.c, p_data->loc_oob.r);
break;
case BTM_SP_RMT_OOB_EVT:
/* If the device name is not known, save bdaddr and devclass and initiate
* a name request */
if (p_data->rmt_oob.bd_name[0] == 0) {
bta_dm_cb.pin_evt = BTA_DM_SP_RMT_OOB_EVT;
bta_dm_cb.pin_bd_addr = p_data->rmt_oob.bd_addr;
BTA_COPY_DEVICE_CLASS(bta_dm_cb.pin_dev_class,
p_data->rmt_oob.dev_class);
if ((BTM_ReadRemoteDeviceName(p_data->rmt_oob.bd_addr,
bta_dm_pinname_cback,
BT_TRANSPORT_BR_EDR)) == BTM_CMD_STARTED)
return BTM_CMD_STARTED;
APPL_TRACE_WARNING(
" bta_dm_sp_cback() -> Failed to start Remote Name Request ");
}
sec_event.rmt_oob.bd_addr = p_data->rmt_oob.bd_addr;
BTA_COPY_DEVICE_CLASS(sec_event.rmt_oob.dev_class,
p_data->rmt_oob.dev_class);
strlcpy((char*)sec_event.rmt_oob.bd_name, (char*)p_data->rmt_oob.bd_name,
BD_NAME_LEN);
bta_dm_cb.p_sec_cback(BTA_DM_SP_RMT_OOB_EVT, &sec_event);
bta_dm_co_rmt_oob(p_data->rmt_oob.bd_addr);
break;
case BTM_SP_COMPLT_EVT:
/* do not report this event - handled by link_key_callback or
* auth_complete_callback */
break;
case BTM_SP_KEYPRESS_EVT:
memcpy(&sec_event.key_press, &p_data->key_press,
sizeof(tBTM_SP_KEYPRESS));
bta_dm_cb.p_sec_cback(BTA_DM_SP_KEYPRESS_EVT, &sec_event);
break;
case BTM_SP_UPGRADE_EVT:
bta_dm_co_lk_upgrade(p_data->upgrade.bd_addr, &p_data->upgrade.upgrade);
break;
default:
status = BTM_NOT_AUTHORIZED;
break;
}
APPL_TRACE_EVENT("dm status: %d", status);
return status;
}
#endif
/*******************************************************************************
*
* Function bta_dm_local_name_cback
*
* Description Callback from btm after local name is read
*
*
* Returns void
*
******************************************************************************/
static void bta_dm_local_name_cback(UNUSED_ATTR const RawAddress& p_name) {
tBTA_DM_SEC sec_event;