1 /******************************************************************************
3 * Copyright (C) 2000-2012 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
19 /*****************************************************************************
23 ** Description: This file contains functions that handle ACL connections.
24 ** This includes operations such as hold and sniff modes,
25 ** supported packet types.
27 ** This module contains both internal and external (API)
28 ** functions. External (API) functions are distinguishable
29 ** by their names beginning with uppercase BTM.
32 ******************************************************************************/
39 #include "stack/bt_types.h"
40 #include "common/bt_target.h"
41 #include "device/controller.h"
42 #include "stack/hcimsgs.h"
43 #include "stack/btu.h"
44 #include "stack/btm_api.h"
47 #include "stack/hcidefs.h"
48 //#include "bt_utils.h"
50 static void btm_read_remote_features (UINT16 handle);
51 static void btm_read_remote_ext_features (UINT16 handle, UINT8 page_number);
52 static void btm_process_remote_ext_features (tACL_CONN *p_acl_cb, UINT8 num_read_pages);
54 #define BTM_DEV_REPLY_TIMEOUT 3 /* 3 second timeout waiting for responses */
56 /*******************************************************************************
58 ** Function btm_acl_init
60 ** Description This function is called at BTM startup to initialize
64 *******************************************************************************/
65 void btm_acl_init (void)
67 BTM_TRACE_DEBUG ("btm_acl_init\n");
68 #if 0 /* cleared in btm_init; put back in if called from anywhere else! */
69 memset (&btm_cb.acl_db, 0, sizeof (btm_cb.acl_db));
70 memset (btm_cb.btm_scn, 0, BTM_MAX_SCN); /* Initialize the SCN usage to FALSE */
71 btm_cb.btm_def_link_policy = 0;
72 btm_cb.p_bl_changed_cb = NULL;
75 /* Initialize nonzero defaults */
76 btm_cb.btm_def_link_super_tout = HCI_DEFAULT_INACT_TOUT;
77 btm_cb.acl_disc_reason = 0xff ;
80 /*******************************************************************************
82 ** Function btm_bda_to_acl
84 ** Description This function returns the FIRST acl_db entry for the passed BDA.
86 ** Parameters bda : BD address of the remote device
87 ** transport : Physical transport used for ACL connection (BR/EDR or LE)
89 ** Returns Returns pointer to the ACL DB for the requested BDA if found.
92 *******************************************************************************/
93 tACL_CONN *btm_bda_to_acl (BD_ADDR bda, tBT_TRANSPORT transport)
95 tACL_CONN *p = &btm_cb.acl_db[0];
98 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
99 if ((p->in_use) && (!memcmp (p->remote_addr, bda, BD_ADDR_LEN))
100 #if BLE_INCLUDED == TRUE
101 && p->transport == transport
104 BTM_TRACE_DEBUG ("btm_bda_to_acl found\n");
110 /* If here, no BD Addr found */
111 return ((tACL_CONN *)NULL);
114 /*******************************************************************************
116 ** Function btm_handle_to_acl_index
118 ** Description This function returns the FIRST acl_db entry for the passed hci_handle.
120 ** Returns index to the acl_db or MAX_L2CAP_LINKS.
122 *******************************************************************************/
123 UINT8 btm_handle_to_acl_index (UINT16 hci_handle)
125 tACL_CONN *p = &btm_cb.acl_db[0];
127 BTM_TRACE_DEBUG ("btm_handle_to_acl_index\n");
128 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
129 if ((p->in_use) && (p->hci_handle == hci_handle)) {
134 /* If here, no BD Addr found */
138 /*******************************************************************************
140 ** Function btm_handle_to_acl
142 ** Description This function returns the FIRST acl_db entry for the passed hci_handle.
144 ** Returns Returns pointer to the ACL DB for the requested BDA if found.
145 ** NULL if not found.
147 *******************************************************************************/
148 tACL_CONN *btm_handle_to_acl (UINT16 hci_handle)
150 tACL_CONN *p = &btm_cb.acl_db[0];
152 BTM_TRACE_DEBUG ("btm_handle_to_acl_index\n");
153 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
154 if ((p->in_use) && (p->hci_handle == hci_handle)) {
159 /* If here, no BD Addr found */
160 return ((tACL_CONN *)NULL);
163 #if BLE_PRIVACY_SPT == TRUE
164 /*******************************************************************************
166 ** Function btm_ble_get_acl_remote_addr
168 ** Description This function reads the active remote address used for the
171 ** Returns success return TRUE, otherwise FALSE.
173 *******************************************************************************/
174 BOOLEAN btm_ble_get_acl_remote_addr(tBTM_SEC_DEV_REC *p_dev_rec, BD_ADDR conn_addr,
175 tBLE_ADDR_TYPE *p_addr_type)
177 #if BLE_INCLUDED == TRUE
180 if (p_dev_rec == NULL) {
181 BTM_TRACE_ERROR("btm_ble_get_acl_remote_addr can not find device with matching address\n");
185 switch (p_dev_rec->ble.active_addr_type) {
186 case BTM_BLE_ADDR_PSEUDO:
187 memcpy(conn_addr, p_dev_rec->bd_addr, BD_ADDR_LEN);
188 * p_addr_type = p_dev_rec->ble.ble_addr_type;
191 case BTM_BLE_ADDR_RRA:
192 memcpy(conn_addr, p_dev_rec->ble.cur_rand_addr, BD_ADDR_LEN);
193 * p_addr_type = BLE_ADDR_RANDOM;
196 case BTM_BLE_ADDR_STATIC:
197 memcpy(conn_addr, p_dev_rec->ble.static_addr, BD_ADDR_LEN);
198 * p_addr_type = p_dev_rec->ble.static_addr_type;
202 BTM_TRACE_ERROR("Unknown active address: %d\n", p_dev_rec->ble.active_addr_type);
216 /*******************************************************************************
218 ** Function btm_acl_created
220 ** Description This function is called by L2CAP when an ACL connection
225 *******************************************************************************/
226 void btm_acl_created (BD_ADDR bda, DEV_CLASS dc, BD_NAME bdn,
227 UINT16 hci_handle, UINT8 link_role, tBT_TRANSPORT transport)
229 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
233 BTM_TRACE_DEBUG ("btm_acl_created hci_handle=%d link_role=%d transport=%d\n",
234 hci_handle, link_role, transport);
235 /* Ensure we don't have duplicates */
236 p = btm_bda_to_acl(bda, transport);
237 if (p != (tACL_CONN *)NULL) {
238 p->hci_handle = hci_handle;
239 p->link_role = link_role;
240 #if BLE_INCLUDED == TRUE
241 p->transport = transport;
243 BTM_TRACE_DEBUG ("Duplicate btm_acl_created: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
244 bda[0], bda[1], bda[2], bda[3], bda[4], bda[5]);
245 BTM_SetLinkPolicy(p->remote_addr, &btm_cb.btm_def_link_policy);
249 /* Allocate acl_db entry */
250 for (xx = 0, p = &btm_cb.acl_db[0]; xx < MAX_L2CAP_LINKS; xx++, p++) {
253 p->hci_handle = hci_handle;
254 p->link_role = link_role;
255 p->link_up_issued = FALSE;
256 memcpy (p->remote_addr, bda, BD_ADDR_LEN);
257 /* Set the default version of the peer device to version4.0 before exchange the version with it.
258 If the peer device act as a master and don't exchange the version with us, then it can only use the
259 legacy connect instead of secure connection in the pairing step. */
260 p->lmp_version = HCI_PROTO_VERSION_4_0;
261 #if BLE_INCLUDED == TRUE
262 p->transport = transport;
263 #if BLE_PRIVACY_SPT == TRUE
264 if (transport == BT_TRANSPORT_LE)
265 btm_ble_refresh_local_resolvable_private_addr(bda,
266 btm_cb.ble_ctr_cb.addr_mgnt_cb.private_addr);
268 p->conn_addr_type = BLE_ADDR_PUBLIC;
269 memcpy(p->conn_addr, &controller_get_interface()->get_address()->address, BD_ADDR_LEN);
270 BTM_TRACE_DEBUG ("conn_addr: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
271 p->conn_addr[0], p->conn_addr[1], p->conn_addr[2], p->conn_addr[3], p->conn_addr[4], p->conn_addr[5]);
274 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
280 memcpy (p->remote_dc, dc, DEV_CLASS_LEN);
284 memcpy (p->remote_name, bdn, BTM_MAX_REM_BD_NAME_LEN);
287 /* if BR/EDR do something more */
288 if (transport == BT_TRANSPORT_BR_EDR) {
289 btsnd_hcic_read_rmt_clk_offset (p->hci_handle);
290 btsnd_hcic_rmt_ver_req (p->hci_handle);
292 p_dev_rec = btm_find_dev_by_handle (hci_handle);
294 #if (BLE_INCLUDED == TRUE)
296 BTM_TRACE_DEBUG ("device_type=0x%x\n", p_dev_rec->device_type);
300 if (p_dev_rec && !(transport == BT_TRANSPORT_LE)) {
301 /* If remote features already known, copy them and continue connection setup */
302 if ((p_dev_rec->num_read_pages) &&
303 (p_dev_rec->num_read_pages <= (HCI_EXT_FEATURES_PAGE_MAX + 1))) {
304 memcpy (p->peer_lmp_features, p_dev_rec->features,
305 (HCI_FEATURE_BYTES_PER_PAGE * p_dev_rec->num_read_pages));
306 p->num_read_pages = p_dev_rec->num_read_pages;
307 #if (CLASSIC_BT_INCLUDED == TRUE)
308 const UINT8 req_pend = (p_dev_rec->sm4 & BTM_SM4_REQ_PEND);
309 #endif ///CLASSIC_BT_INCLUDED == TRUE
310 /* Store the Peer Security Capabilites (in SM4 and rmt_sec_caps) */
311 #if (SMP_INCLUDED == TRUE)
312 btm_sec_set_peer_sec_caps(p, p_dev_rec);
313 #endif ///SMP_INCLUDED == TRUE
314 #if (CLASSIC_BT_INCLUDED == TRUE)
315 BTM_TRACE_API("%s: pend:%d\n", __FUNCTION__, req_pend);
317 /* Request for remaining Security Features (if any) */
318 l2cu_resubmit_pending_sec_req (p_dev_rec->bd_addr);
320 #endif ///CLASSIC_BT_INCLUDED == TRUE
321 btm_establish_continue (p);
326 #if (BLE_INCLUDED == TRUE)
327 /* If here, features are not known yet */
328 if (p_dev_rec && transport == BT_TRANSPORT_LE) {
329 #if BLE_PRIVACY_SPT == TRUE
330 btm_ble_get_acl_remote_addr (p_dev_rec, p->active_remote_addr,
331 &p->active_remote_addr_type);
334 if (link_role == HCI_ROLE_MASTER) {
335 btsnd_hcic_ble_read_remote_feat(p->hci_handle);
336 } else if (HCI_LE_SLAVE_INIT_FEAT_EXC_SUPPORTED(controller_get_interface()->get_features_ble()->as_array)
337 && link_role == HCI_ROLE_SLAVE) {
338 btsnd_hcic_rmt_ver_req (p->hci_handle);
340 btm_establish_continue(p);
345 btm_read_remote_features (p->hci_handle);
348 /* read page 1 - on rmt feature event for buffer reasons */
355 /*******************************************************************************
357 ** Function btm_acl_report_role_change
359 ** Description This function is called when the local device is deemed
360 ** to be down. It notifies L2CAP of the failure.
364 *******************************************************************************/
365 void btm_acl_report_role_change (UINT8 hci_status, BD_ADDR bda)
367 tBTM_ROLE_SWITCH_CMPL ref_data;
368 BTM_TRACE_DEBUG ("btm_acl_report_role_change\n");
369 if (btm_cb.devcb.p_switch_role_cb
370 && (bda && (0 == memcmp(btm_cb.devcb.switch_role_ref_data.remote_bd_addr, bda, BD_ADDR_LEN)))) {
371 memcpy (&ref_data, &btm_cb.devcb.switch_role_ref_data, sizeof(tBTM_ROLE_SWITCH_CMPL));
372 ref_data.hci_status = hci_status;
373 (*btm_cb.devcb.p_switch_role_cb)(&ref_data);
374 memset (&btm_cb.devcb.switch_role_ref_data, 0, sizeof(tBTM_ROLE_SWITCH_CMPL));
375 btm_cb.devcb.p_switch_role_cb = NULL;
379 /*******************************************************************************
381 ** Function btm_acl_removed
383 ** Description This function is called by L2CAP when an ACL connection
384 ** is removed. Since only L2CAP creates ACL links, we use
385 ** the L2CAP link index as our index into the control blocks.
389 *******************************************************************************/
390 void btm_acl_removed (BD_ADDR bda, tBT_TRANSPORT transport)
393 tBTM_BL_EVENT_DATA evt_data;
394 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
395 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
397 BTM_TRACE_DEBUG ("btm_acl_removed\n");
398 p = btm_bda_to_acl(bda, transport);
399 if (p != (tACL_CONN *)NULL) {
402 /* if the disconnected channel has a pending role switch, clear it now */
403 btm_acl_report_role_change(HCI_ERR_NO_CONNECTION, bda);
405 /* Only notify if link up has had a chance to be issued */
406 if (p->link_up_issued) {
407 p->link_up_issued = FALSE;
409 /* If anyone cares, tell him database changed */
410 if (btm_cb.p_bl_changed_cb) {
411 evt_data.event = BTM_BL_DISCN_EVT;
412 evt_data.discn.p_bda = bda;
413 #if BLE_INCLUDED == TRUE
414 evt_data.discn.handle = p->hci_handle;
415 evt_data.discn.transport = p->transport;
417 (*btm_cb.p_bl_changed_cb)(&evt_data);
420 btm_acl_update_busy_level (BTM_BLI_ACL_DOWN_EVT);
423 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
425 BTM_TRACE_DEBUG ("acl hci_handle=%d transport=%d connectable_mode=0x%0x link_role=%d\n",
428 btm_cb.ble_ctr_cb.inq_var.connectable_mode,
431 p_dev_rec = btm_find_dev(bda);
433 BTM_TRACE_DEBUG("before update p_dev_rec->sec_flags=0x%x\n", p_dev_rec->sec_flags);
434 if (p->transport == BT_TRANSPORT_LE) {
435 BTM_TRACE_DEBUG("LE link down\n");
436 p_dev_rec->sec_flags &= ~(BTM_SEC_LE_ENCRYPTED | BTM_SEC_ROLE_SWITCHED);
437 if ( (p_dev_rec->sec_flags & BTM_SEC_LE_LINK_KEY_KNOWN) == 0) {
438 BTM_TRACE_DEBUG("Not Bonded\n");
439 p_dev_rec->sec_flags &= ~(BTM_SEC_LE_LINK_KEY_AUTHED | BTM_SEC_LE_AUTHENTICATED);
441 BTM_TRACE_DEBUG("Bonded\n");
444 BTM_TRACE_DEBUG("Bletooth link down\n");
445 p_dev_rec->sec_flags &= ~(BTM_SEC_AUTHORIZED | BTM_SEC_AUTHENTICATED
446 | BTM_SEC_ENCRYPTED | BTM_SEC_ROLE_SWITCHED);
448 BTM_TRACE_DEBUG("after update p_dev_rec->sec_flags=0x%x\n", p_dev_rec->sec_flags);
450 BTM_TRACE_ERROR("Device not found\n");
455 /* Clear the ACL connection data */
456 memset(p, 0, sizeof(tACL_CONN));
461 /*******************************************************************************
463 ** Function btm_acl_device_down
465 ** Description This function is called when the local device is deemed
466 ** to be down. It notifies L2CAP of the failure.
470 *******************************************************************************/
471 void btm_acl_device_down (void)
473 tACL_CONN *p = &btm_cb.acl_db[0];
475 BTM_TRACE_DEBUG ("btm_acl_device_down\n");
476 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
478 BTM_TRACE_DEBUG ("hci_handle=%d HCI_ERR_HW_FAILURE \n", p->hci_handle );
479 l2c_link_hci_disc_comp (p->hci_handle, HCI_ERR_HW_FAILURE);
484 /*******************************************************************************
486 ** Function btm_acl_update_busy_level
488 ** Description This function is called to update the busy level of the system
493 *******************************************************************************/
494 void btm_acl_update_busy_level (tBTM_BLI_EVENT event)
496 tBTM_BL_UPDATE_DATA evt;
498 BTM_TRACE_DEBUG ("btm_acl_update_busy_level\n");
499 BOOLEAN old_inquiry_state = btm_cb.is_inquiry;
501 case BTM_BLI_ACL_UP_EVT:
502 BTM_TRACE_DEBUG ("BTM_BLI_ACL_UP_EVT\n");
504 case BTM_BLI_ACL_DOWN_EVT:
505 BTM_TRACE_DEBUG ("BTM_BLI_ACL_DOWN_EVT\n");
507 case BTM_BLI_PAGE_EVT:
508 BTM_TRACE_DEBUG ("BTM_BLI_PAGE_EVT\n");
509 btm_cb.is_paging = TRUE;
510 evt.busy_level_flags = BTM_BL_PAGING_STARTED;
512 case BTM_BLI_PAGE_DONE_EVT:
513 BTM_TRACE_DEBUG ("BTM_BLI_PAGE_DONE_EVT\n");
514 btm_cb.is_paging = FALSE;
515 evt.busy_level_flags = BTM_BL_PAGING_COMPLETE;
517 case BTM_BLI_INQ_EVT:
518 BTM_TRACE_DEBUG ("BTM_BLI_INQ_EVT\n");
519 btm_cb.is_inquiry = TRUE;
520 evt.busy_level_flags = BTM_BL_INQUIRY_STARTED;
522 case BTM_BLI_INQ_CANCEL_EVT:
523 BTM_TRACE_DEBUG ("BTM_BLI_INQ_CANCEL_EVT\n");
524 btm_cb.is_inquiry = FALSE;
525 evt.busy_level_flags = BTM_BL_INQUIRY_CANCELLED;
527 case BTM_BLI_INQ_DONE_EVT:
528 BTM_TRACE_DEBUG ("BTM_BLI_INQ_DONE_EVT\n");
529 btm_cb.is_inquiry = FALSE;
530 evt.busy_level_flags = BTM_BL_INQUIRY_COMPLETE;
534 if (btm_cb.is_paging || btm_cb.is_inquiry) {
537 busy_level = BTM_GetNumAclLinks();
540 if ((busy_level != btm_cb.busy_level) || (old_inquiry_state != btm_cb.is_inquiry)) {
541 evt.event = BTM_BL_UPDATE_EVT;
542 evt.busy_level = busy_level;
543 btm_cb.busy_level = busy_level;
544 if (btm_cb.p_bl_changed_cb && (btm_cb.bl_evt_mask & BTM_BL_UPDATE_MASK)) {
545 (*btm_cb.p_bl_changed_cb)((tBTM_BL_EVENT_DATA *)&evt);
550 /*******************************************************************************
552 ** Function BTM_GetRole
554 ** Description This function is called to get the role of the local device
555 ** for the ACL connection with the specified remote device
557 ** Returns BTM_SUCCESS if connection exists.
558 ** BTM_UNKNOWN_ADDR if no active link with bd addr specified
560 *******************************************************************************/
561 tBTM_STATUS BTM_GetRole (BD_ADDR remote_bd_addr, UINT8 *p_role)
564 BTM_TRACE_DEBUG ("BTM_GetRole\n");
565 if ((p = btm_bda_to_acl(remote_bd_addr, BT_TRANSPORT_BR_EDR)) == NULL) {
566 *p_role = BTM_ROLE_UNDEFINED;
567 return (BTM_UNKNOWN_ADDR);
570 /* Get the current role */
571 *p_role = p->link_role;
572 return (BTM_SUCCESS);
576 /*******************************************************************************
578 ** Function BTM_SwitchRole
580 ** Description This function is called to switch role between master and
581 ** slave. If role is already set it will do nothing. If the
582 ** command was initiated, the callback function is called upon
585 ** Returns BTM_SUCCESS if already in specified role.
586 ** BTM_CMD_STARTED if command issued to controller.
587 ** BTM_NO_RESOURCES if couldn't allocate memory to issue command
588 ** BTM_UNKNOWN_ADDR if no active link with bd addr specified
589 ** BTM_MODE_UNSUPPORTED if local device does not support role switching
590 ** BTM_BUSY if the previous command is not completed
592 *******************************************************************************/
593 tBTM_STATUS BTM_SwitchRole (BD_ADDR remote_bd_addr, UINT8 new_role, tBTM_CMPL_CB *p_cb)
596 tBTM_SEC_DEV_REC *p_dev_rec = NULL;
597 #if BTM_SCO_INCLUDED == TRUE
598 BOOLEAN is_sco_active;
601 tBTM_PM_MODE pwr_mode;
602 tBTM_PM_PWR_MD settings;
603 #if (BT_USE_TRACES == TRUE)
606 BTM_TRACE_API ("BTM_SwitchRole BDA: %02x-%02x-%02x-%02x-%02x-%02x\n",
607 remote_bd_addr[0], remote_bd_addr[1], remote_bd_addr[2],
608 remote_bd_addr[3], remote_bd_addr[4], remote_bd_addr[5]);
610 /* Make sure the local device supports switching */
611 if (!controller_get_interface()->supports_master_slave_role_switch()) {
612 return (BTM_MODE_UNSUPPORTED);
615 if (btm_cb.devcb.p_switch_role_cb && p_cb) {
616 #if (BT_USE_TRACES == TRUE)
617 p_bda = btm_cb.devcb.switch_role_ref_data.remote_bd_addr;
618 BTM_TRACE_DEBUG ("Role switch on other device is in progress 0x%02x%02x%02x%02x%02x%02x\n",
619 p_bda[0], p_bda[1], p_bda[2],
620 p_bda[3], p_bda[4], p_bda[5]);
625 if ((p = btm_bda_to_acl(remote_bd_addr, BT_TRANSPORT_BR_EDR)) == NULL) {
626 return (BTM_UNKNOWN_ADDR);
629 /* Finished if already in desired role */
630 if (p->link_role == new_role) {
631 return (BTM_SUCCESS);
634 #if BTM_SCO_INCLUDED == TRUE
635 /* Check if there is any SCO Active on this BD Address */
636 is_sco_active = btm_is_sco_active_by_bdaddr(remote_bd_addr);
638 if (is_sco_active == TRUE) {
639 return (BTM_NO_RESOURCES);
643 /* Ignore role switch request if the previous request was not completed */
644 if (p->switch_role_state != BTM_ACL_SWKEY_STATE_IDLE) {
645 BTM_TRACE_DEBUG ("BTM_SwitchRole busy: %d\n",
646 p->switch_role_state);
650 if ((status = BTM_ReadPowerMode(p->remote_addr, &pwr_mode)) != BTM_SUCCESS) {
654 /* Wake up the link if in sniff or park before attempting switch */
655 if (pwr_mode == BTM_PM_MD_PARK || pwr_mode == BTM_PM_MD_SNIFF) {
656 memset( (void *)&settings, 0, sizeof(settings));
657 settings.mode = BTM_PM_MD_ACTIVE;
658 status = BTM_SetPowerMode (BTM_PM_SET_ONLY_ID, p->remote_addr, &settings);
659 if (status != BTM_CMD_STARTED) {
660 return (BTM_WRONG_MODE);
663 p->switch_role_state = BTM_ACL_SWKEY_STATE_MODE_CHANGE;
665 /* some devices do not support switch while encryption is on */
667 p_dev_rec = btm_find_dev (remote_bd_addr);
668 if ((p_dev_rec != NULL)
669 && ((p_dev_rec->sec_flags & BTM_SEC_ENCRYPTED) != 0)
670 && !BTM_EPR_AVAILABLE(p)) {
671 /* bypass turning off encryption if change link key is already doing it */
672 if (p->encrypt_state != BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF) {
673 if (!btsnd_hcic_set_conn_encrypt (p->hci_handle, FALSE)) {
674 return (BTM_NO_RESOURCES);
676 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF;
680 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF;
682 if (!btsnd_hcic_switch_role (remote_bd_addr, new_role)) {
683 return (BTM_NO_RESOURCES);
686 p->switch_role_state = BTM_ACL_SWKEY_STATE_IN_PROGRESS;
688 #if BTM_DISC_DURING_RS == TRUE
690 p_dev_rec->rs_disc_pending = BTM_SEC_RS_PENDING;
696 /* Initialize return structure in case request fails */
698 memcpy (btm_cb.devcb.switch_role_ref_data.remote_bd_addr, remote_bd_addr,
700 btm_cb.devcb.switch_role_ref_data.role = new_role;
701 /* initialized to an error code */
702 btm_cb.devcb.switch_role_ref_data.hci_status = HCI_ERR_UNSUPPORTED_VALUE;
703 btm_cb.devcb.p_switch_role_cb = p_cb;
705 return (BTM_CMD_STARTED);
708 /*******************************************************************************
710 ** Function btm_acl_encrypt_change
712 ** Description This function is when encryption of the connection is
713 ** completed by the LM. Checks to see if a role switch or
714 ** change of link key was active and initiates or continues
715 ** process if needed.
719 *******************************************************************************/
720 void btm_acl_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
724 tBTM_SEC_DEV_REC *p_dev_rec;
725 tBTM_BL_ROLE_CHG_DATA evt;
727 BTM_TRACE_DEBUG ("btm_acl_encrypt_change handle=%d status=%d encr_enabl=%d\n",
728 handle, status, encr_enable);
729 xx = btm_handle_to_acl_index(handle);
730 /* don't assume that we can never get a bad hci_handle */
731 if (xx < MAX_L2CAP_LINKS) {
732 p = &btm_cb.acl_db[xx];
737 /* Process Role Switch if active */
738 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF) {
739 /* if encryption turn off failed we still will try to switch role */
741 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
742 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
744 p->switch_role_state = BTM_ACL_SWKEY_STATE_SWITCHING;
745 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_TEMP_FUNC;
748 if (!btsnd_hcic_switch_role (p->remote_addr, (UINT8)!p->link_role)) {
749 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
750 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
751 btm_acl_report_role_change(btm_cb.devcb.switch_role_ref_data.hci_status, p->remote_addr);
753 #if BTM_DISC_DURING_RS == TRUE
755 if ((p_dev_rec = btm_find_dev (p->remote_addr)) != NULL) {
756 p_dev_rec->rs_disc_pending = BTM_SEC_RS_PENDING;
762 /* Finished enabling Encryption after role switch */
763 else if (p->switch_role_state == BTM_ACL_SWKEY_STATE_ENCRYPTION_ON) {
764 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
765 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
766 btm_acl_report_role_change(btm_cb.devcb.switch_role_ref_data.hci_status, p->remote_addr);
768 /* if role change event is registered, report it now */
769 if (btm_cb.p_bl_changed_cb && (btm_cb.bl_evt_mask & BTM_BL_ROLE_CHG_MASK)) {
770 evt.event = BTM_BL_ROLE_CHG_EVT;
771 evt.new_role = btm_cb.devcb.switch_role_ref_data.role;
772 evt.p_bda = btm_cb.devcb.switch_role_ref_data.remote_bd_addr;
773 evt.hci_status = btm_cb.devcb.switch_role_ref_data.hci_status;
774 (*btm_cb.p_bl_changed_cb)((tBTM_BL_EVENT_DATA *)&evt);
776 BTM_TRACE_DEBUG("Role Switch Event: new_role 0x%02x, HCI Status 0x%02x, rs_st:%d\n",
777 evt.new_role, evt.hci_status, p->switch_role_state);
780 #if BTM_DISC_DURING_RS == TRUE
781 /* If a disconnect is pending, issue it now that role switch has completed */
782 if ((p_dev_rec = btm_find_dev (p->remote_addr)) != NULL) {
783 if (p_dev_rec->rs_disc_pending == BTM_SEC_DISC_PENDING) {
784 BTM_TRACE_WARNING("btm_acl_encrypt_change -> Issuing delayed HCI_Disconnect!!!\n");
785 btsnd_hcic_disconnect(p_dev_rec->hci_handle, HCI_ERR_PEER_USER);
787 BTM_TRACE_ERROR("btm_acl_encrypt_change: tBTM_SEC_DEV:0x%x rs_disc_pending=%d\n",
788 (UINT32)p_dev_rec, p_dev_rec->rs_disc_pending);
789 p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
794 /*******************************************************************************
796 ** Function BTM_SetLinkPolicy
798 ** Description Create and send HCI "Write Policy Set" command
800 ** Returns status of the operation
802 *******************************************************************************/
803 tBTM_STATUS BTM_SetLinkPolicy (BD_ADDR remote_bda, UINT16 *settings)
806 UINT8 *localFeatures = BTM_ReadLocalFeatures();
807 BTM_TRACE_DEBUG ("BTM_SetLinkPolicy\n");
808 /* BTM_TRACE_API ("BTM_SetLinkPolicy: requested settings: 0x%04x", *settings ); */
810 /* First, check if hold mode is supported */
811 if (*settings != HCI_DISABLE_ALL_LM_MODES) {
812 if ( (*settings & HCI_ENABLE_MASTER_SLAVE_SWITCH) && (!HCI_SWITCH_SUPPORTED(localFeatures)) ) {
813 *settings &= (~HCI_ENABLE_MASTER_SLAVE_SWITCH);
814 BTM_TRACE_API ("BTM_SetLinkPolicy switch not supported (settings: 0x%04x)\n", *settings );
816 if ( (*settings & HCI_ENABLE_HOLD_MODE) && (!HCI_HOLD_MODE_SUPPORTED(localFeatures)) ) {
817 *settings &= (~HCI_ENABLE_HOLD_MODE);
818 BTM_TRACE_API ("BTM_SetLinkPolicy hold not supported (settings: 0x%04x)\n", *settings );
820 if ( (*settings & HCI_ENABLE_SNIFF_MODE) && (!HCI_SNIFF_MODE_SUPPORTED(localFeatures)) ) {
821 *settings &= (~HCI_ENABLE_SNIFF_MODE);
822 BTM_TRACE_API ("BTM_SetLinkPolicy sniff not supported (settings: 0x%04x)\n", *settings );
824 if ( (*settings & HCI_ENABLE_PARK_MODE) && (!HCI_PARK_MODE_SUPPORTED(localFeatures)) ) {
825 *settings &= (~HCI_ENABLE_PARK_MODE);
826 BTM_TRACE_API ("BTM_SetLinkPolicy park not supported (settings: 0x%04x)\n", *settings );
830 if ((p = btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR)) != NULL) {
831 return (btsnd_hcic_write_policy_set (p->hci_handle, *settings) ? BTM_CMD_STARTED : BTM_NO_RESOURCES);
834 /* If here, no BD Addr found */
835 return (BTM_UNKNOWN_ADDR);
838 /*******************************************************************************
840 ** Function BTM_SetDefaultLinkPolicy
842 ** Description Set the default value for HCI "Write Policy Set" command
843 ** to use when an ACL link is created.
847 *******************************************************************************/
848 void BTM_SetDefaultLinkPolicy (UINT16 settings)
850 UINT8 *localFeatures = BTM_ReadLocalFeatures();
852 BTM_TRACE_DEBUG("BTM_SetDefaultLinkPolicy setting:0x%04x\n", settings);
854 if ((settings & HCI_ENABLE_MASTER_SLAVE_SWITCH) && (!HCI_SWITCH_SUPPORTED(localFeatures))) {
855 settings &= ~HCI_ENABLE_MASTER_SLAVE_SWITCH;
856 BTM_TRACE_DEBUG("BTM_SetDefaultLinkPolicy switch not supported (settings: 0x%04x)\n", settings);
858 if ((settings & HCI_ENABLE_HOLD_MODE) && (!HCI_HOLD_MODE_SUPPORTED(localFeatures))) {
859 settings &= ~HCI_ENABLE_HOLD_MODE;
860 BTM_TRACE_DEBUG("BTM_SetDefaultLinkPolicy hold not supported (settings: 0x%04x)\n", settings);
862 if ((settings & HCI_ENABLE_SNIFF_MODE) && (!HCI_SNIFF_MODE_SUPPORTED(localFeatures))) {
863 settings &= ~HCI_ENABLE_SNIFF_MODE;
864 BTM_TRACE_DEBUG("BTM_SetDefaultLinkPolicy sniff not supported (settings: 0x%04x)\n", settings);
866 if ((settings & HCI_ENABLE_PARK_MODE) && (!HCI_PARK_MODE_SUPPORTED(localFeatures))) {
867 settings &= ~HCI_ENABLE_PARK_MODE;
868 BTM_TRACE_DEBUG("BTM_SetDefaultLinkPolicy park not supported (settings: 0x%04x)\n", settings);
870 BTM_TRACE_DEBUG("Set DefaultLinkPolicy:0x%04x\n", settings);
872 btm_cb.btm_def_link_policy = settings;
874 /* Set the default Link Policy of the controller */
875 btsnd_hcic_write_def_policy_set(settings);
878 /*******************************************************************************
880 ** Function btm_read_remote_version_complete
882 ** Description This function is called when the command complete message
883 ** is received from the HCI for the remote version info.
887 *******************************************************************************/
888 void btm_read_remote_version_complete (UINT8 *p)
890 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
894 BTM_TRACE_DEBUG ("btm_read_remote_version_complete\n");
896 STREAM_TO_UINT8 (status, p);
897 STREAM_TO_UINT16 (handle, p);
899 /* Look up the connection by handle and copy features */
900 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++) {
901 if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle)) {
902 if (status == HCI_SUCCESS) {
903 STREAM_TO_UINT8 (p_acl_cb->lmp_version, p);
904 STREAM_TO_UINT16 (p_acl_cb->manufacturer, p);
905 STREAM_TO_UINT16 (p_acl_cb->lmp_subversion, p);
907 #if BLE_INCLUDED == TRUE
908 if (p_acl_cb->transport == BT_TRANSPORT_LE) {
909 if(p_acl_cb->link_role == HCI_ROLE_MASTER) {
910 if (HCI_LE_DATA_LEN_EXT_SUPPORTED(p_acl_cb->peer_le_features)) {
911 uint16_t data_length = controller_get_interface()->get_ble_default_data_packet_length();
912 uint16_t data_txtime = controller_get_interface()->get_ble_default_data_packet_txtime();
913 btsnd_hcic_ble_set_data_length(p_acl_cb->hci_handle, data_length, data_txtime);
915 l2cble_notify_le_connection (p_acl_cb->remote_addr);
917 //slave role, read remote feature
918 btsnd_hcic_ble_read_remote_feat(p_acl_cb->hci_handle);
928 /*******************************************************************************
930 ** Function btm_process_remote_ext_features
932 ** Description Local function called to process all extended features pages
933 ** read from a remote device.
937 *******************************************************************************/
938 void btm_process_remote_ext_features (tACL_CONN *p_acl_cb, UINT8 num_read_pages)
940 UINT16 handle = p_acl_cb->hci_handle;
941 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev_by_handle (handle);
944 BTM_TRACE_DEBUG ("btm_process_remote_ext_features\n");
946 /* Make sure we have the record to save remote features information */
947 if (p_dev_rec == NULL) {
948 /* Get a new device; might be doing dedicated bonding */
949 p_dev_rec = btm_find_or_alloc_dev (p_acl_cb->remote_addr);
952 p_acl_cb->num_read_pages = num_read_pages;
953 p_dev_rec->num_read_pages = num_read_pages;
955 /* Move the pages to placeholder */
956 for (page_idx = 0; page_idx < num_read_pages; page_idx++) {
957 if (page_idx > HCI_EXT_FEATURES_PAGE_MAX) {
958 BTM_TRACE_ERROR("%s: page=%d unexpected\n", __FUNCTION__, page_idx);
961 memcpy (p_dev_rec->features[page_idx], p_acl_cb->peer_lmp_features[page_idx],
962 HCI_FEATURE_BYTES_PER_PAGE);
965 const UINT8 req_pend = (p_dev_rec->sm4 & BTM_SM4_REQ_PEND);
966 #if (SMP_INCLUDED == TRUE)
967 /* Store the Peer Security Capabilites (in SM4 and rmt_sec_caps) */
968 btm_sec_set_peer_sec_caps(p_acl_cb, p_dev_rec);
969 #endif ///SMP_INCLUDED == TRUE
970 BTM_TRACE_API("%s: pend:%d\n", __FUNCTION__, req_pend);
972 #if (CLASSIC_BT_INCLUDED == TRUE)
973 /* Request for remaining Security Features (if any) */
974 l2cu_resubmit_pending_sec_req (p_dev_rec->bd_addr);
975 #endif ///CLASSIC_BT_INCLUDED == TRUE
980 /*******************************************************************************
982 ** Function btm_read_remote_features
984 ** Description Local function called to send a read remote supported features/
985 ** remote extended features page[0].
989 *******************************************************************************/
990 void btm_read_remote_features (UINT16 handle)
995 BTM_TRACE_DEBUG("btm_read_remote_features() handle: %d\n", handle);
997 if ((acl_idx = btm_handle_to_acl_index(handle)) >= MAX_L2CAP_LINKS) {
998 BTM_TRACE_ERROR("btm_read_remote_features handle=%d invalid\n", handle);
1002 p_acl_cb = &btm_cb.acl_db[acl_idx];
1003 p_acl_cb->num_read_pages = 0;
1004 memset (p_acl_cb->peer_lmp_features, 0, sizeof(p_acl_cb->peer_lmp_features));
1006 /* first send read remote supported features HCI command */
1007 /* because we don't know whether the remote support extended feature command */
1008 btsnd_hcic_rmt_features_req (handle);
1012 /*******************************************************************************
1014 ** Function btm_read_remote_ext_features
1016 ** Description Local function called to send a read remote extended features
1020 *******************************************************************************/
1021 void btm_read_remote_ext_features (UINT16 handle, UINT8 page_number)
1023 BTM_TRACE_DEBUG("btm_read_remote_ext_features() handle: %d page: %d\n", handle, page_number);
1025 btsnd_hcic_rmt_ext_features(handle, page_number);
1029 /*******************************************************************************
1031 ** Function btm_read_remote_features_complete
1033 ** Description This function is called when the remote supported features
1034 ** complete event is received from the HCI.
1038 *******************************************************************************/
1039 void btm_read_remote_features_complete (UINT8 *p)
1041 tACL_CONN *p_acl_cb;
1046 BTM_TRACE_DEBUG ("btm_read_remote_features_complete\n");
1047 STREAM_TO_UINT8 (status, p);
1049 if (status != HCI_SUCCESS) {
1050 BTM_TRACE_ERROR ("btm_read_remote_features_complete failed (status 0x%02x)\n", status);
1054 STREAM_TO_UINT16 (handle, p);
1056 if ((acl_idx = btm_handle_to_acl_index(handle)) >= MAX_L2CAP_LINKS) {
1057 BTM_TRACE_ERROR("btm_read_remote_features_complete handle=%d invalid\n", handle);
1061 p_acl_cb = &btm_cb.acl_db[acl_idx];
1063 /* Copy the received features page */
1064 STREAM_TO_ARRAY(p_acl_cb->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0], p,
1065 HCI_FEATURE_BYTES_PER_PAGE);
1067 if ((HCI_LMP_EXTENDED_SUPPORTED(p_acl_cb->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0])) &&
1068 (controller_get_interface()->supports_reading_remote_extended_features())) {
1069 /* if the remote controller has extended features and local controller supports
1070 ** HCI_Read_Remote_Extended_Features command then start reading these feature starting
1071 ** with extended features page 1 */
1072 BTM_TRACE_DEBUG ("Start reading remote extended features\n");
1073 btm_read_remote_ext_features(handle, HCI_EXT_FEATURES_PAGE_1);
1077 /* Remote controller has no extended features. Process remote controller supported features
1078 (features page HCI_EXT_FEATURES_PAGE_0). */
1079 btm_process_remote_ext_features (p_acl_cb, 1);
1081 /* Continue with HCI connection establishment */
1082 btm_establish_continue (p_acl_cb);
1085 /*******************************************************************************
1087 ** Function btm_read_remote_ext_features_complete
1089 ** Description This function is called when the remote extended features
1090 ** complete event is received from the HCI.
1094 *******************************************************************************/
1095 void btm_read_remote_ext_features_complete (UINT8 *p)
1097 tACL_CONN *p_acl_cb;
1098 UINT8 page_num, max_page;
1102 BTM_TRACE_DEBUG ("btm_read_remote_ext_features_complete\n");
1105 STREAM_TO_UINT16 (handle, p);
1106 STREAM_TO_UINT8 (page_num, p);
1107 STREAM_TO_UINT8 (max_page, p);
1109 /* Validate parameters */
1110 if ((acl_idx = btm_handle_to_acl_index(handle)) >= MAX_L2CAP_LINKS) {
1111 BTM_TRACE_ERROR("btm_read_remote_ext_features_complete handle=%d invalid\n", handle);
1115 if (max_page > HCI_EXT_FEATURES_PAGE_MAX) {
1116 BTM_TRACE_ERROR("btm_read_remote_ext_features_complete page=%d unknown", max_page);
1120 p_acl_cb = &btm_cb.acl_db[acl_idx];
1122 /* Copy the received features page */
1123 STREAM_TO_ARRAY(p_acl_cb->peer_lmp_features[page_num], p, HCI_FEATURE_BYTES_PER_PAGE);
1125 /* If there is the next remote features page and
1126 * we have space to keep this page data - read this page */
1127 if ((page_num < max_page) && (page_num < HCI_EXT_FEATURES_PAGE_MAX)) {
1129 BTM_TRACE_DEBUG("BTM reads next remote extended features page (%d)\n", page_num);
1130 btm_read_remote_ext_features (handle, page_num);
1134 /* Reading of remote feature pages is complete */
1135 BTM_TRACE_DEBUG("BTM reached last remote extended features page (%d)\n", page_num);
1137 /* Process the pages */
1138 btm_process_remote_ext_features (p_acl_cb, (UINT8) (page_num + 1));
1140 /* Continue with HCI connection establishment */
1141 btm_establish_continue (p_acl_cb);
1144 /*******************************************************************************
1146 ** Function btm_read_remote_ext_features_failed
1148 ** Description This function is called when the remote extended features
1149 ** complete event returns a failed status.
1153 *******************************************************************************/
1154 void btm_read_remote_ext_features_failed (UINT8 status, UINT16 handle)
1156 tACL_CONN *p_acl_cb;
1159 BTM_TRACE_WARNING ("btm_read_remote_ext_features_failed (status 0x%02x) for handle %d\n",
1162 if ((acl_idx = btm_handle_to_acl_index(handle)) >= MAX_L2CAP_LINKS) {
1163 BTM_TRACE_ERROR("btm_read_remote_ext_features_failed handle=%d invalid\n", handle);
1167 p_acl_cb = &btm_cb.acl_db[acl_idx];
1169 /* Process supported features only */
1170 btm_process_remote_ext_features (p_acl_cb, 1);
1172 /* Continue HCI connection establishment */
1173 btm_establish_continue (p_acl_cb);
1176 /*******************************************************************************
1178 ** Function btm_establish_continue
1180 ** Description This function is called when the command complete message
1181 ** is received from the HCI for the read local link policy request.
1185 *******************************************************************************/
1186 void btm_establish_continue (tACL_CONN *p_acl_cb)
1188 tBTM_BL_EVENT_DATA evt_data;
1189 BTM_TRACE_DEBUG ("btm_establish_continue\n");
1190 #if (!defined(BTM_BYPASS_EXTRA_ACL_SETUP) || BTM_BYPASS_EXTRA_ACL_SETUP == FALSE)
1191 #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE)
1192 if (p_acl_cb->transport == BT_TRANSPORT_BR_EDR)
1195 /* For now there are a some devices that do not like sending */
1196 /* commands events and data at the same time. */
1197 /* Set the packet types to the default allowed by the device */
1198 btm_set_packet_types (p_acl_cb, btm_cb.btm_acl_pkt_types_supported);
1200 if (btm_cb.btm_def_link_policy) {
1201 BTM_SetLinkPolicy (p_acl_cb->remote_addr, &btm_cb.btm_def_link_policy);
1205 p_acl_cb->link_up_issued = TRUE;
1207 /* If anyone cares, tell him database changed */
1208 if (btm_cb.p_bl_changed_cb) {
1209 evt_data.event = BTM_BL_CONN_EVT;
1210 evt_data.conn.p_bda = p_acl_cb->remote_addr;
1211 evt_data.conn.p_bdn = p_acl_cb->remote_name;
1212 evt_data.conn.p_dc = p_acl_cb->remote_dc;
1213 evt_data.conn.p_features = p_acl_cb->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0];
1214 #if BLE_INCLUDED == TRUE
1215 evt_data.conn.handle = p_acl_cb->hci_handle;
1216 evt_data.conn.transport = p_acl_cb->transport;
1219 (*btm_cb.p_bl_changed_cb)(&evt_data);
1221 btm_acl_update_busy_level (BTM_BLI_ACL_UP_EVT);
1225 /*******************************************************************************
1227 ** Function BTM_SetDefaultLinkSuperTout
1229 ** Description Set the default value for HCI "Write Link Supervision Timeout"
1230 ** command to use when an ACL link is created.
1234 *******************************************************************************/
1235 void BTM_SetDefaultLinkSuperTout (UINT16 timeout)
1237 BTM_TRACE_DEBUG ("BTM_SetDefaultLinkSuperTout\n");
1238 btm_cb.btm_def_link_super_tout = timeout;
1241 /*******************************************************************************
1243 ** Function BTM_GetLinkSuperTout
1245 ** Description Read the link supervision timeout value of the connection
1247 ** Returns status of the operation
1249 *******************************************************************************/
1250 tBTM_STATUS BTM_GetLinkSuperTout (BD_ADDR remote_bda, UINT16 *p_timeout)
1252 tACL_CONN *p = btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1254 BTM_TRACE_DEBUG ("BTM_GetLinkSuperTout\n");
1255 if (p != (tACL_CONN *)NULL) {
1256 *p_timeout = p->link_super_tout;
1257 return (BTM_SUCCESS);
1259 /* If here, no BD Addr found */
1260 return (BTM_UNKNOWN_ADDR);
1264 /*******************************************************************************
1266 ** Function BTM_SetLinkSuperTout
1268 ** Description Create and send HCI "Write Link Supervision Timeout" command
1270 ** Returns status of the operation
1272 *******************************************************************************/
1273 tBTM_STATUS BTM_SetLinkSuperTout (BD_ADDR remote_bda, UINT16 timeout)
1275 tACL_CONN *p = btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1277 BTM_TRACE_DEBUG ("BTM_SetLinkSuperTout\n");
1278 if (p != (tACL_CONN *)NULL) {
1279 p->link_super_tout = timeout;
1281 /* Only send if current role is Master; 2.0 spec requires this */
1282 if (p->link_role == BTM_ROLE_MASTER) {
1283 if (!btsnd_hcic_write_link_super_tout (LOCAL_BR_EDR_CONTROLLER_ID,
1284 p->hci_handle, timeout)) {
1285 return (BTM_NO_RESOURCES);
1288 return (BTM_CMD_STARTED);
1290 return (BTM_SUCCESS);
1294 /* If here, no BD Addr found */
1295 return (BTM_UNKNOWN_ADDR);
1298 /*******************************************************************************
1300 ** Function BTM_IsAclConnectionUp
1302 ** Description This function is called to check if an ACL connection exists
1303 ** to a specific remote BD Address.
1305 ** Returns TRUE if connection is up, else FALSE.
1307 *******************************************************************************/
1308 BOOLEAN BTM_IsAclConnectionUp (BD_ADDR remote_bda, tBT_TRANSPORT transport)
1312 BTM_TRACE_API ("BTM_IsAclConnectionUp: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
1313 remote_bda[0], remote_bda[1], remote_bda[2],
1314 remote_bda[3], remote_bda[4], remote_bda[5]);
1316 p = btm_bda_to_acl(remote_bda, transport);
1317 if (p != (tACL_CONN *)NULL) {
1321 /* If here, no BD Addr found */
1325 /*******************************************************************************
1327 ** Function BTM_GetNumAclLinks
1329 ** Description This function is called to count the number of
1330 ** ACL links that are active.
1332 ** Returns UINT16 Number of active ACL links
1334 *******************************************************************************/
1335 UINT16 BTM_GetNumAclLinks (void)
1337 uint16_t num_acl = 0;
1339 for (uint16_t i = 0; i < MAX_L2CAP_LINKS; ++i) {
1340 if (btm_cb.acl_db[i].in_use) {
1348 /*******************************************************************************
1350 ** Function btm_get_acl_disc_reason_code
1352 ** Description This function is called to get the disconnection reason code
1353 ** returned by the HCI at disconnection complete event.
1355 ** Returns TRUE if connection is up, else FALSE.
1357 *******************************************************************************/
1358 UINT16 btm_get_acl_disc_reason_code (void)
1360 UINT8 res = btm_cb.acl_disc_reason;
1361 BTM_TRACE_DEBUG ("btm_get_acl_disc_reason_code\n");
1366 /*******************************************************************************
1368 ** Function BTM_GetHCIConnHandle
1370 ** Description This function is called to get the handle for an ACL connection
1371 ** to a specific remote BD Address.
1373 ** Returns the handle of the connection, or 0xFFFF if none.
1375 *******************************************************************************/
1376 UINT16 BTM_GetHCIConnHandle (BD_ADDR remote_bda, tBT_TRANSPORT transport)
1379 BTM_TRACE_DEBUG ("BTM_GetHCIConnHandle\n");
1380 p = btm_bda_to_acl(remote_bda, transport);
1381 if (p != (tACL_CONN *)NULL) {
1382 return (p->hci_handle);
1385 /* If here, no BD Addr found */
1389 /*******************************************************************************
1391 ** Function btm_process_clk_off_comp_evt
1393 ** Description This function is called when clock offset command completes.
1395 ** Input Parms hci_handle - connection handle associated with the change
1400 *******************************************************************************/
1401 void btm_process_clk_off_comp_evt (UINT16 hci_handle, UINT16 clock_offset)
1404 BTM_TRACE_DEBUG ("btm_process_clk_off_comp_evt\n");
1405 /* Look up the connection by handle and set the current mode */
1406 if ((xx = btm_handle_to_acl_index(hci_handle)) < MAX_L2CAP_LINKS) {
1407 btm_cb.acl_db[xx].clock_offset = clock_offset;
1411 /*******************************************************************************
1413 ** Function btm_acl_role_changed
1415 ** Description This function is called whan a link's master/slave role change
1416 ** event or command status event (with error) is received.
1417 ** It updates the link control block, and calls
1418 ** the registered callback with status and role (if registered).
1422 *******************************************************************************/
1423 void btm_acl_role_changed (UINT8 hci_status, BD_ADDR bd_addr, UINT8 new_role)
1425 UINT8 *p_bda = (bd_addr) ? bd_addr :
1426 btm_cb.devcb.switch_role_ref_data.remote_bd_addr;
1427 tACL_CONN *p = btm_bda_to_acl(p_bda, BT_TRANSPORT_BR_EDR);
1428 tBTM_ROLE_SWITCH_CMPL *p_data = &btm_cb.devcb.switch_role_ref_data;
1429 tBTM_SEC_DEV_REC *p_dev_rec;
1430 tBTM_BL_ROLE_CHG_DATA evt;
1432 BTM_TRACE_DEBUG ("btm_acl_role_changed\n");
1433 /* Ignore any stray events */
1435 /* it could be a failure */
1436 if (hci_status != HCI_SUCCESS) {
1437 btm_acl_report_role_change(hci_status, bd_addr);
1442 p_data->hci_status = hci_status;
1444 if (hci_status == HCI_SUCCESS) {
1445 p_data->role = new_role;
1446 memcpy(p_data->remote_bd_addr, p_bda, BD_ADDR_LEN);
1448 /* Update cached value */
1449 p->link_role = new_role;
1451 /* Reload LSTO: link supervision timeout is reset in the LM after a role switch */
1452 if (new_role == BTM_ROLE_MASTER) {
1453 BTM_SetLinkSuperTout (p->remote_addr, p->link_super_tout);
1456 /* so the BTM_BL_ROLE_CHG_EVT uses the old role */
1457 new_role = p->link_role;
1460 /* Check if any SCO req is pending for role change */
1461 btm_sco_chk_pend_rolechange (p->hci_handle);
1463 /* if switching state is switching we need to turn encryption on */
1464 /* if idle, we did not change encryption */
1465 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_SWITCHING) {
1466 if (btsnd_hcic_set_conn_encrypt (p->hci_handle, TRUE)) {
1467 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_ON;
1468 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_ON;
1473 /* Set the switch_role_state to IDLE since the reply received from HCI */
1474 /* regardless of its result either success or failed. */
1475 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_IN_PROGRESS) {
1476 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
1477 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_IDLE;
1480 /* if role switch complete is needed, report it now */
1481 btm_acl_report_role_change(hci_status, bd_addr);
1483 /* if role change event is registered, report it now */
1484 if (btm_cb.p_bl_changed_cb && (btm_cb.bl_evt_mask & BTM_BL_ROLE_CHG_MASK)) {
1485 evt.event = BTM_BL_ROLE_CHG_EVT;
1486 evt.new_role = new_role;
1488 evt.hci_status = hci_status;
1489 (*btm_cb.p_bl_changed_cb)((tBTM_BL_EVENT_DATA *)&evt);
1492 BTM_TRACE_DEBUG("Role Switch Event: new_role 0x%02x, HCI Status 0x%02x, rs_st:%d\n",
1493 p_data->role, p_data->hci_status, p->switch_role_state);
1495 #if BTM_DISC_DURING_RS == TRUE
1496 /* If a disconnect is pending, issue it now that role switch has completed */
1497 if ((p_dev_rec = btm_find_dev (p_bda)) != NULL) {
1498 if (p_dev_rec->rs_disc_pending == BTM_SEC_DISC_PENDING) {
1499 BTM_TRACE_WARNING("btm_acl_role_changed -> Issuing delayed HCI_Disconnect!!!\n");
1500 btsnd_hcic_disconnect(p_dev_rec->hci_handle, HCI_ERR_PEER_USER);
1502 BTM_TRACE_ERROR("tBTM_SEC_DEV:0x%x rs_disc_pending=%d\n",
1503 (UINT32)p_dev_rec, p_dev_rec->rs_disc_pending);
1504 p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
1511 /*******************************************************************************
1513 ** Function BTM_AllocateSCN
1515 ** Description Look through the Server Channel Numbers for a free one.
1517 ** Returns Allocated SCN number or 0 if none.
1519 *******************************************************************************/
1520 #if (CLASSIC_BT_INCLUDED == TRUE)
1521 UINT8 BTM_AllocateSCN(void)
1524 BTM_TRACE_DEBUG ("BTM_AllocateSCN\n");
1525 // stack reserves scn 1 for HFP, HSP we still do the correct way
1526 for (x = 1; x < BTM_MAX_SCN; x++) {
1527 if (!btm_cb.btm_scn[x]) {
1528 btm_cb.btm_scn[x] = TRUE;
1532 return (0); /* No free ports */
1534 #endif ///CLASSIC_BT_INCLUDED == TRUE
1536 /*******************************************************************************
1538 ** Function BTM_TryAllocateSCN
1540 ** Description Try to allocate a fixed server channel
1542 ** Returns Returns TRUE if server channel was available
1544 *******************************************************************************/
1545 #if (CLASSIC_BT_INCLUDED == TRUE)
1546 BOOLEAN BTM_TryAllocateSCN(UINT8 scn)
1548 /* Make sure we don't exceed max port range.
1549 * Stack reserves scn 1 for HFP, HSP we still do the correct way.
1551 if ( (scn >= BTM_MAX_SCN) || (scn == 1) ) {
1555 /* check if this port is available */
1556 if (!btm_cb.btm_scn[scn - 1]) {
1557 btm_cb.btm_scn[scn - 1] = TRUE;
1561 return (FALSE); /* Port was busy */
1565 /*******************************************************************************
1567 ** Function BTM_FreeSCN
1569 ** Description Free the specified SCN.
1571 ** Returns TRUE or FALSE
1573 *******************************************************************************/
1574 BOOLEAN BTM_FreeSCN(UINT8 scn)
1576 BTM_TRACE_DEBUG ("BTM_FreeSCN \n");
1577 if (scn <= BTM_MAX_SCN) {
1578 btm_cb.btm_scn[scn - 1] = FALSE;
1581 return (FALSE); /* Illegal SCN passed in */
1585 #endif ///CLASSIC_BT_INCLUDED == TRUE
1587 /*******************************************************************************
1589 ** Function btm_set_packet_types
1591 ** Description This function sets the packet types used for a specific
1592 ** ACL connection. It is called internally by btm_acl_created
1593 ** or by an application/profile by BTM_SetPacketTypes.
1595 ** Returns status of the operation
1597 *******************************************************************************/
1598 tBTM_STATUS btm_set_packet_types (tACL_CONN *p, UINT16 pkt_types)
1600 UINT16 temp_pkt_types;
1601 BTM_TRACE_DEBUG ("btm_set_packet_types\n");
1602 /* Save in the ACL control blocks, types that we support */
1603 temp_pkt_types = (pkt_types & BTM_ACL_SUPPORTED_PKTS_MASK &
1604 btm_cb.btm_acl_pkt_types_supported);
1606 /* OR in any exception packet types if at least 2.0 version of spec */
1607 temp_pkt_types |= ((pkt_types & BTM_ACL_EXCEPTION_PKTS_MASK) |
1608 (btm_cb.btm_acl_pkt_types_supported & BTM_ACL_EXCEPTION_PKTS_MASK));
1610 /* Exclude packet types not supported by the peer */
1611 btm_acl_chk_peer_pkt_type_support (p, &temp_pkt_types);
1613 BTM_TRACE_DEBUG ("SetPacketType Mask -> 0x%04x\n", temp_pkt_types);
1615 if (!btsnd_hcic_change_conn_type (p->hci_handle, temp_pkt_types)) {
1616 return (BTM_NO_RESOURCES);
1619 p->pkt_types_mask = temp_pkt_types;
1621 return (BTM_CMD_STARTED);
1624 /*******************************************************************************
1626 ** Function btm_get_max_packet_size
1628 ** Returns Returns maximum packet size that can be used for current
1629 ** connection, 0 if connection is not established
1631 *******************************************************************************/
1632 UINT16 btm_get_max_packet_size (BD_ADDR addr)
1634 tACL_CONN *p = btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1635 UINT16 pkt_types = 0;
1636 UINT16 pkt_size = 0;
1637 BTM_TRACE_DEBUG ("btm_get_max_packet_size\n");
1639 pkt_types = p->pkt_types_mask;
1641 /* Special case for when info for the local device is requested */
1642 if (memcmp (controller_get_interface()->get_address(), addr, BD_ADDR_LEN) == 0) {
1643 pkt_types = btm_cb.btm_acl_pkt_types_supported;
1648 if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_3_DH5)) {
1649 pkt_size = HCI_EDR3_DH5_PACKET_SIZE;
1650 } else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_2_DH5)) {
1651 pkt_size = HCI_EDR2_DH5_PACKET_SIZE;
1652 } else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_3_DH3)) {
1653 pkt_size = HCI_EDR3_DH3_PACKET_SIZE;
1654 } else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DH5) {
1655 pkt_size = HCI_DH5_PACKET_SIZE;
1656 } else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_2_DH3)) {
1657 pkt_size = HCI_EDR2_DH3_PACKET_SIZE;
1658 } else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DM5) {
1659 pkt_size = HCI_DM5_PACKET_SIZE;
1660 } else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DH3) {
1661 pkt_size = HCI_DH3_PACKET_SIZE;
1662 } else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DM3) {
1663 pkt_size = HCI_DM3_PACKET_SIZE;
1664 } else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_3_DH1)) {
1665 pkt_size = HCI_EDR3_DH1_PACKET_SIZE;
1666 } else if (!(pkt_types & BTM_ACL_PKT_TYPES_MASK_NO_2_DH1)) {
1667 pkt_size = HCI_EDR2_DH1_PACKET_SIZE;
1668 } else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DH1) {
1669 pkt_size = HCI_DH1_PACKET_SIZE;
1670 } else if (pkt_types & BTM_ACL_PKT_TYPES_MASK_DM1) {
1671 pkt_size = HCI_DM1_PACKET_SIZE;
1678 /*******************************************************************************
1680 ** Function BTM_ReadRemoteVersion
1682 ** Returns If connected report peer device info
1684 *******************************************************************************/
1685 tBTM_STATUS BTM_ReadRemoteVersion (BD_ADDR addr, UINT8 *lmp_version,
1686 UINT16 *manufacturer, UINT16 *lmp_sub_version)
1688 tACL_CONN *p = btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1689 BTM_TRACE_DEBUG ("BTM_ReadRemoteVersion\n");
1691 return (BTM_UNKNOWN_ADDR);
1695 *lmp_version = p->lmp_version;
1699 *manufacturer = p->manufacturer;
1702 if (lmp_sub_version) {
1703 *lmp_sub_version = p->lmp_subversion;
1706 return (BTM_SUCCESS);
1709 /*******************************************************************************
1711 ** Function BTM_ReadRemoteFeatures
1713 ** Returns pointer to the remote supported features mask (8 bytes)
1715 *******************************************************************************/
1716 UINT8 *BTM_ReadRemoteFeatures (BD_ADDR addr)
1718 tACL_CONN *p = btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1719 BTM_TRACE_DEBUG ("BTM_ReadRemoteFeatures\n");
1724 return (p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0]);
1727 /*******************************************************************************
1729 ** Function BTM_ReadRemoteExtendedFeatures
1731 ** Returns pointer to the remote extended features mask (8 bytes)
1732 ** or NULL if bad page
1734 *******************************************************************************/
1735 UINT8 *BTM_ReadRemoteExtendedFeatures (BD_ADDR addr, UINT8 page_number)
1737 tACL_CONN *p = btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1738 BTM_TRACE_DEBUG ("BTM_ReadRemoteExtendedFeatures\n");
1743 if (page_number > HCI_EXT_FEATURES_PAGE_MAX) {
1744 BTM_TRACE_ERROR("Warning: BTM_ReadRemoteExtendedFeatures page %d unknown\n", page_number);
1748 return (p->peer_lmp_features[page_number]);
1751 /*******************************************************************************
1753 ** Function BTM_ReadNumberRemoteFeaturesPages
1755 ** Returns number of features pages read from the remote device.
1757 *******************************************************************************/
1758 UINT8 BTM_ReadNumberRemoteFeaturesPages (BD_ADDR addr)
1760 tACL_CONN *p = btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1761 BTM_TRACE_DEBUG ("BTM_ReadNumberRemoteFeaturesPages\n");
1766 return (p->num_read_pages);
1769 /*******************************************************************************
1771 ** Function BTM_ReadAllRemoteFeatures
1773 ** Returns pointer to all features of the remote (24 bytes).
1775 *******************************************************************************/
1776 UINT8 *BTM_ReadAllRemoteFeatures (BD_ADDR addr)
1778 tACL_CONN *p = btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1779 BTM_TRACE_DEBUG ("BTM_ReadAllRemoteFeatures\n");
1784 return (p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0]);
1787 /*******************************************************************************
1789 ** Function BTM_RegBusyLevelNotif
1791 ** Description This function is called to register a callback to receive
1792 ** busy level change events.
1794 ** Returns BTM_SUCCESS if successfully registered, otherwise error
1796 *******************************************************************************/
1797 tBTM_STATUS BTM_RegBusyLevelNotif (tBTM_BL_CHANGE_CB *p_cb, UINT8 *p_level,
1798 tBTM_BL_EVENT_MASK evt_mask)
1800 BTM_TRACE_DEBUG ("BTM_RegBusyLevelNotif\n");
1802 *p_level = btm_cb.busy_level;
1805 btm_cb.bl_evt_mask = evt_mask;
1808 btm_cb.p_bl_changed_cb = NULL;
1809 } else if (btm_cb.p_bl_changed_cb) {
1812 btm_cb.p_bl_changed_cb = p_cb;
1815 return (BTM_SUCCESS);
1818 /*******************************************************************************
1820 ** Function BTM_SetQoS
1822 ** Description This function is called to setup QoS
1824 ** Returns status of the operation
1826 *******************************************************************************/
1827 tBTM_STATUS BTM_SetQoS (BD_ADDR bd, FLOW_SPEC *p_flow, tBTM_CMPL_CB *p_cb)
1829 tACL_CONN *p = &btm_cb.acl_db[0];
1831 BTM_TRACE_API ("BTM_SetQoS: BdAddr: %02x%02x%02x%02x%02x%02x\n",
1832 bd[0], bd[1], bd[2],
1833 bd[3], bd[4], bd[5]);
1835 /* If someone already waiting on the version, do not allow another */
1836 if (btm_cb.devcb.p_qossu_cmpl_cb) {
1840 if ( (p = btm_bda_to_acl(bd, BT_TRANSPORT_BR_EDR)) != NULL) {
1841 btu_start_timer (&btm_cb.devcb.qossu_timer, BTU_TTYPE_BTM_ACL, BTM_DEV_REPLY_TIMEOUT);
1842 btm_cb.devcb.p_qossu_cmpl_cb = p_cb;
1844 if (!btsnd_hcic_qos_setup (p->hci_handle, p_flow->qos_flags, p_flow->service_type,
1845 p_flow->token_rate, p_flow->peak_bandwidth,
1846 p_flow->latency, p_flow->delay_variation)) {
1847 btm_cb.devcb.p_qossu_cmpl_cb = NULL;
1848 btu_stop_timer(&btm_cb.devcb.qossu_timer);
1849 return (BTM_NO_RESOURCES);
1851 return (BTM_CMD_STARTED);
1855 /* If here, no BD Addr found */
1856 return (BTM_UNKNOWN_ADDR);
1859 /*******************************************************************************
1861 ** Function btm_qos_setup_complete
1863 ** Description This function is called when the command complete message
1864 ** is received from the HCI for the qos setup request.
1868 *******************************************************************************/
1869 void btm_qos_setup_complete (UINT8 status, UINT16 handle, FLOW_SPEC *p_flow)
1871 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_qossu_cmpl_cb;
1872 tBTM_QOS_SETUP_CMPL qossu;
1873 BTM_TRACE_DEBUG ("btm_qos_setup_complete\n");
1874 btu_stop_timer (&btm_cb.devcb.qossu_timer);
1876 btm_cb.devcb.p_qossu_cmpl_cb = NULL;
1879 memset(&qossu, 0, sizeof(tBTM_QOS_SETUP_CMPL));
1880 qossu.status = status;
1881 qossu.handle = handle;
1882 if (p_flow != NULL) {
1883 qossu.flow.qos_flags = p_flow->qos_flags;
1884 qossu.flow.service_type = p_flow->service_type;
1885 qossu.flow.token_rate = p_flow->token_rate;
1886 qossu.flow.peak_bandwidth = p_flow->peak_bandwidth;
1887 qossu.flow.latency = p_flow->latency;
1888 qossu.flow.delay_variation = p_flow->delay_variation;
1890 BTM_TRACE_DEBUG ("BTM: p_flow->delay_variation: 0x%02x\n",
1891 qossu.flow.delay_variation);
1897 /*******************************************************************************
1899 ** Function BTM_ReadRSSI
1901 ** Description This function is called to read the link policy settings.
1902 ** The address of link policy results are returned in the callback.
1903 ** (tBTM_RSSI_RESULTS)
1905 ** Returns BTM_CMD_STARTED if successfully initiated or error code
1907 *******************************************************************************/
1908 tBTM_STATUS BTM_ReadRSSI (BD_ADDR remote_bda, tBT_TRANSPORT transport, tBTM_CMPL_CB *p_cb)
1912 BTM_TRACE_API ("BTM_ReadRSSI: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
1913 remote_bda[0], remote_bda[1], remote_bda[2],
1914 remote_bda[3], remote_bda[4], remote_bda[5]);
1915 tBTM_RSSI_RESULTS result;
1916 /* If someone already waiting on the version, do not allow another */
1917 if (btm_cb.devcb.p_rssi_cmpl_cb) {
1918 result.status = BTM_BUSY;
1923 p = btm_bda_to_acl(remote_bda, transport);
1924 if (p != (tACL_CONN *)NULL) {
1925 btu_start_timer (&btm_cb.devcb.rssi_timer, BTU_TTYPE_BTM_ACL,
1926 BTM_DEV_REPLY_TIMEOUT);
1928 btm_cb.devcb.p_rssi_cmpl_cb = p_cb;
1930 if (!btsnd_hcic_read_rssi (p->hci_handle)) {
1931 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
1932 btu_stop_timer (&btm_cb.devcb.rssi_timer);
1933 result.status = BTM_NO_RESOURCES;
1935 return (BTM_NO_RESOURCES);
1937 return (BTM_CMD_STARTED);
1941 /* If here, no BD Addr found */
1942 return (BTM_UNKNOWN_ADDR);
1945 /*******************************************************************************
1947 ** Function BTM_ReadLinkQuality
1949 ** Description This function is called to read the link qulaity.
1950 ** The value of the link quality is returned in the callback.
1951 ** (tBTM_LINK_QUALITY_RESULTS)
1953 ** Returns BTM_CMD_STARTED if successfully initiated or error code
1955 *******************************************************************************/
1956 tBTM_STATUS BTM_ReadLinkQuality (BD_ADDR remote_bda, tBTM_CMPL_CB *p_cb)
1960 BTM_TRACE_API ("BTM_ReadLinkQuality: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
1961 remote_bda[0], remote_bda[1], remote_bda[2],
1962 remote_bda[3], remote_bda[4], remote_bda[5]);
1964 /* If someone already waiting on the version, do not allow another */
1965 if (btm_cb.devcb.p_lnk_qual_cmpl_cb) {
1969 p = btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1970 if (p != (tACL_CONN *)NULL) {
1971 btu_start_timer (&btm_cb.devcb.lnk_quality_timer, BTU_TTYPE_BTM_ACL,
1972 BTM_DEV_REPLY_TIMEOUT);
1973 btm_cb.devcb.p_lnk_qual_cmpl_cb = p_cb;
1975 if (!btsnd_hcic_get_link_quality (p->hci_handle)) {
1976 btu_stop_timer (&btm_cb.devcb.lnk_quality_timer);
1977 btm_cb.devcb.p_lnk_qual_cmpl_cb = NULL;
1978 return (BTM_NO_RESOURCES);
1980 return (BTM_CMD_STARTED);
1984 /* If here, no BD Addr found */
1985 return (BTM_UNKNOWN_ADDR);
1988 /*******************************************************************************
1990 ** Function BTM_ReadTxPower
1992 ** Description This function is called to read the current
1993 ** TX power of the connection. The tx power level results
1994 ** are returned in the callback.
1995 ** (tBTM_RSSI_RESULTS)
1997 ** Returns BTM_CMD_STARTED if successfully initiated or error code
1999 *******************************************************************************/
2000 tBTM_STATUS BTM_ReadTxPower (BD_ADDR remote_bda, tBT_TRANSPORT transport, tBTM_CMPL_CB *p_cb)
2004 #define BTM_READ_RSSI_TYPE_CUR 0x00
2005 #define BTM_READ_RSSI_TYPE_MAX 0X01
2007 BTM_TRACE_API ("BTM_ReadTxPower: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
2008 remote_bda[0], remote_bda[1], remote_bda[2],
2009 remote_bda[3], remote_bda[4], remote_bda[5]);
2011 /* If someone already waiting on the version, do not allow another */
2012 if (btm_cb.devcb.p_tx_power_cmpl_cb) {
2016 p = btm_bda_to_acl(remote_bda, transport);
2017 if (p != (tACL_CONN *)NULL) {
2018 btu_start_timer (&btm_cb.devcb.tx_power_timer, BTU_TTYPE_BTM_ACL,
2019 BTM_DEV_REPLY_TIMEOUT);
2021 btm_cb.devcb.p_tx_power_cmpl_cb = p_cb;
2023 #if BLE_INCLUDED == TRUE
2024 if (p->transport == BT_TRANSPORT_LE) {
2025 memcpy(btm_cb.devcb.read_tx_pwr_addr, remote_bda, BD_ADDR_LEN);
2026 ret = btsnd_hcic_ble_read_adv_chnl_tx_power();
2030 ret = btsnd_hcic_read_tx_power (p->hci_handle, BTM_READ_RSSI_TYPE_CUR);
2033 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
2034 btu_stop_timer (&btm_cb.devcb.tx_power_timer);
2035 return (BTM_NO_RESOURCES);
2037 return (BTM_CMD_STARTED);
2041 /* If here, no BD Addr found */
2042 return (BTM_UNKNOWN_ADDR);
2044 tBTM_STATUS BTM_BleReadAdvTxPower(tBTM_CMPL_CB *p_cb)
2047 tBTM_TX_POWER_RESULTS result;
2048 /* If someone already waiting on the version, do not allow another */
2049 if (btm_cb.devcb.p_tx_power_cmpl_cb) {
2050 result.status = BTM_BUSY;
2055 btm_cb.devcb.p_tx_power_cmpl_cb = p_cb;
2056 btu_start_timer (&btm_cb.devcb.tx_power_timer, BTU_TTYPE_BTM_ACL,
2057 BTM_DEV_REPLY_TIMEOUT);
2058 ret = btsnd_hcic_ble_read_adv_chnl_tx_power();
2061 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
2062 btu_stop_timer (&btm_cb.devcb.tx_power_timer);
2063 result.status = BTM_NO_RESOURCES;
2065 return (BTM_NO_RESOURCES);
2067 return BTM_CMD_STARTED;
2071 void BTM_BleGetWhiteListSize(uint16_t *length)
2073 tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb;
2074 if (p_cb->white_list_avail_size == 0) {
2075 BTM_TRACE_DEBUG("%s Whitelist full.", __func__);
2077 *length = p_cb->white_list_avail_size;
2081 /*******************************************************************************
2083 ** Function btm_read_tx_power_complete
2085 ** Description This function is called when the command complete message
2086 ** is received from the HCI for the read tx power request.
2090 *******************************************************************************/
2091 void btm_read_tx_power_complete (UINT8 *p, BOOLEAN is_ble)
2093 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_tx_power_cmpl_cb;
2094 tBTM_TX_POWER_RESULTS results;
2096 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
2098 BTM_TRACE_DEBUG ("btm_read_tx_power_complete\n");
2099 btu_stop_timer (&btm_cb.devcb.tx_power_timer);
2101 /* If there was a callback registered for read rssi, call it */
2102 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
2105 STREAM_TO_UINT8 (results.hci_status, p);
2107 if (results.hci_status == HCI_SUCCESS) {
2108 results.status = BTM_SUCCESS;
2111 STREAM_TO_UINT16 (handle, p);
2112 STREAM_TO_UINT8 (results.tx_power, p);
2114 /* Search through the list of active channels for the correct BD Addr */
2115 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++) {
2116 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle)) {
2117 memcpy (results.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
2122 #if BLE_INCLUDED == TRUE
2124 STREAM_TO_UINT8 (results.tx_power, p);
2125 memcpy(results.rem_bda, btm_cb.devcb.read_tx_pwr_addr, BD_ADDR_LEN);
2128 BTM_TRACE_DEBUG ("BTM TX power Complete: tx_power %d, hci status 0x%02x\n",
2129 results.tx_power, results.hci_status);
2131 results.status = BTM_ERR_PROCESSING;
2138 /*******************************************************************************
2140 ** Function btm_read_rssi_complete
2142 ** Description This function is called when the command complete message
2143 ** is received from the HCI for the read rssi request.
2147 *******************************************************************************/
2148 void btm_read_rssi_complete (UINT8 *p)
2150 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
2151 tBTM_RSSI_RESULTS results;
2153 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
2155 BTM_TRACE_DEBUG ("btm_read_rssi_complete\n");
2156 btu_stop_timer (&btm_cb.devcb.rssi_timer);
2158 /* If there was a callback registered for read rssi, call it */
2159 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
2162 STREAM_TO_UINT8 (results.hci_status, p);
2164 if (results.hci_status == HCI_SUCCESS) {
2165 results.status = BTM_SUCCESS;
2167 STREAM_TO_UINT16 (handle, p);
2169 STREAM_TO_UINT8 (results.rssi, p);
2170 BTM_TRACE_DEBUG ("BTM RSSI Complete: rssi %d, hci status 0x%02x\n",
2171 results.rssi, results.hci_status);
2173 /* Search through the list of active channels for the correct BD Addr */
2174 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++) {
2175 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle)) {
2176 memcpy (results.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
2181 results.status = BTM_ERR_PROCESSING;
2188 /*******************************************************************************
2190 ** Function btm_read_link_quality_complete
2192 ** Description This function is called when the command complete message
2193 ** is received from the HCI for the read link quality.
2197 *******************************************************************************/
2198 void btm_read_link_quality_complete (UINT8 *p)
2200 tBTM_CMPL_CB *p_cb = btm_cb.devcb.p_lnk_qual_cmpl_cb;
2201 tBTM_LINK_QUALITY_RESULTS results;
2203 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
2205 BTM_TRACE_DEBUG ("btm_read_link_quality_complete\n");
2206 btu_stop_timer (&btm_cb.devcb.lnk_quality_timer);
2208 /* If there was a callback registered for read rssi, call it */
2209 btm_cb.devcb.p_lnk_qual_cmpl_cb = NULL;
2212 STREAM_TO_UINT8 (results.hci_status, p);
2214 if (results.hci_status == HCI_SUCCESS) {
2215 results.status = BTM_SUCCESS;
2217 STREAM_TO_UINT16 (handle, p);
2219 STREAM_TO_UINT8 (results.link_quality, p);
2220 BTM_TRACE_DEBUG ("BTM Link Quality Complete: Link Quality %d, hci status 0x%02x\n",
2221 results.link_quality, results.hci_status);
2223 /* Search through the list of active channels for the correct BD Addr */
2224 for (index = 0; index < MAX_L2CAP_LINKS; index++, p_acl_cb++) {
2225 if ((p_acl_cb->in_use) && (handle == p_acl_cb->hci_handle)) {
2226 memcpy (results.rem_bda, p_acl_cb->remote_addr, BD_ADDR_LEN);
2231 results.status = BTM_ERR_PROCESSING;
2238 /*******************************************************************************
2240 ** Function btm_remove_acl
2242 ** Description This function is called to disconnect an ACL connection
2244 ** Returns BTM_SUCCESS if successfully initiated, otherwise BTM_NO_RESOURCES.
2246 *******************************************************************************/
2247 tBTM_STATUS btm_remove_acl (BD_ADDR bd_addr, tBT_TRANSPORT transport)
2249 UINT16 hci_handle = BTM_GetHCIConnHandle(bd_addr, transport);
2250 tBTM_STATUS status = BTM_SUCCESS;
2252 BTM_TRACE_DEBUG ("btm_remove_acl\n");
2253 #if BTM_DISC_DURING_RS == TRUE
2254 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bd_addr);
2256 /* Role Switch is pending, postpone until completed */
2257 if (p_dev_rec && (p_dev_rec->rs_disc_pending == BTM_SEC_RS_PENDING)) {
2258 p_dev_rec->rs_disc_pending = BTM_SEC_DISC_PENDING;
2259 } else /* otherwise can disconnect right away */
2262 if (hci_handle != 0xFFFF && p_dev_rec &&
2263 p_dev_rec->sec_state != BTM_SEC_STATE_DISCONNECTING) {
2264 if (!btsnd_hcic_disconnect (hci_handle, HCI_ERR_PEER_USER)) {
2265 status = BTM_NO_RESOURCES;
2268 status = BTM_UNKNOWN_ADDR;
2276 /*******************************************************************************
2278 ** Function BTM_SetTraceLevel
2280 ** Description This function sets the trace level for BTM. If called with
2281 ** a value of 0xFF, it simply returns the current trace level.
2283 ** Returns The new or current trace level
2285 *******************************************************************************/
2286 UINT8 BTM_SetTraceLevel (UINT8 new_level)
2288 BTM_TRACE_DEBUG ("BTM_SetTraceLevel\n");
2289 if (new_level != 0xFF) {
2290 btm_cb.trace_level = new_level;
2293 return (btm_cb.trace_level);
2296 /*******************************************************************************
2298 ** Function btm_cont_rswitch
2300 ** Description This function is called to continue processing an active
2301 ** role switch. It first disables encryption if enabled and
2302 ** EPR is not supported
2306 *******************************************************************************/
2307 void btm_cont_rswitch (tACL_CONN *p, tBTM_SEC_DEV_REC *p_dev_rec,
2310 BOOLEAN sw_ok = TRUE;
2311 BTM_TRACE_DEBUG ("btm_cont_rswitch\n");
2312 /* Check to see if encryption needs to be turned off if pending
2313 change of link key or role switch */
2314 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE) {
2315 /* Must turn off Encryption first if necessary */
2316 /* Some devices do not support switch or change of link key while encryption is on */
2317 if (p_dev_rec != NULL && ((p_dev_rec->sec_flags & BTM_SEC_ENCRYPTED) != 0)
2318 && !BTM_EPR_AVAILABLE(p)) {
2319 if (btsnd_hcic_set_conn_encrypt (p->hci_handle, FALSE)) {
2320 p->encrypt_state = BTM_ACL_ENCRYPT_STATE_ENCRYPT_OFF;
2321 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE) {
2322 p->switch_role_state = BTM_ACL_SWKEY_STATE_ENCRYPTION_OFF;
2325 /* Error occurred; set states back to Idle */
2326 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE) {
2330 } else /* Encryption not used or EPR supported, continue with switch
2331 and/or change of link key */
2333 if (p->switch_role_state == BTM_ACL_SWKEY_STATE_MODE_CHANGE) {
2334 p->switch_role_state = BTM_ACL_SWKEY_STATE_IN_PROGRESS;
2335 #if BTM_DISC_DURING_RS == TRUE
2337 p_dev_rec->rs_disc_pending = BTM_SEC_RS_PENDING;
2340 sw_ok = btsnd_hcic_switch_role (p->remote_addr, (UINT8)!p->link_role);
2345 p->switch_role_state = BTM_ACL_SWKEY_STATE_IDLE;
2346 btm_acl_report_role_change(hci_status, p->remote_addr);
2351 /*******************************************************************************
2353 ** Function btm_acl_resubmit_page
2355 ** Description send pending page request
2357 *******************************************************************************/
2358 void btm_acl_resubmit_page (void)
2360 #if (SMP_INCLUDED == TRUE)
2361 tBTM_SEC_DEV_REC *p_dev_rec;
2365 BTM_TRACE_DEBUG ("btm_acl_resubmit_page\n");
2366 /* If there were other page request schedule can start the next one */
2367 if ((p_buf = (BT_HDR *)fixed_queue_try_dequeue(btm_cb.page_queue)) != NULL) {
2368 /* skip 3 (2 bytes opcode and 1 byte len) to get to the bd_addr
2369 * for both create_conn and rmt_name */
2370 pp = (UINT8 *)(p_buf + 1) + p_buf->offset + 3;
2372 STREAM_TO_BDADDR (bda, pp);
2374 p_dev_rec = btm_find_or_alloc_dev (bda);
2376 memcpy (btm_cb.connecting_bda, p_dev_rec->bd_addr, BD_ADDR_LEN);
2377 memcpy (btm_cb.connecting_dc, p_dev_rec->dev_class, DEV_CLASS_LEN);
2379 btu_hcif_send_cmd (LOCAL_BR_EDR_CONTROLLER_ID, p_buf);
2381 btm_cb.paging = FALSE;
2383 #endif ///SMP_INCLUDED == TRUE
2386 /*******************************************************************************
2388 ** Function btm_acl_reset_paging
2390 ** Description set paging to FALSE and free the page queue - called at hci_reset
2392 *******************************************************************************/
2393 void btm_acl_reset_paging (void)
2396 BTM_TRACE_DEBUG ("btm_acl_reset_paging\n");
2397 /* If we sent reset we are definitely not paging any more */
2398 while ((p = (BT_HDR *)fixed_queue_try_dequeue(btm_cb.page_queue)) != NULL) {
2402 btm_cb.paging = FALSE;
2405 /*******************************************************************************
2407 ** Function btm_acl_paging
2409 ** Description send a paging command or queue it in btm_cb
2411 *******************************************************************************/
2412 #if (SMP_INCLUDED == TRUE && CLASSIC_BT_INCLUDED == TRUE)
2413 void btm_acl_paging (BT_HDR *p, BD_ADDR bda)
2415 tBTM_SEC_DEV_REC *p_dev_rec;
2417 BTM_TRACE_DEBUG ("btm_acl_paging discing:%d, paging:%d BDA: %06x%06x\n",
2418 btm_cb.discing, btm_cb.paging,
2419 (bda[0] << 16) + (bda[1] << 8) + bda[2], (bda[3] << 16) + (bda[4] << 8) + bda[5]);
2420 if (btm_cb.discing) {
2421 btm_cb.paging = TRUE;
2422 fixed_queue_enqueue(btm_cb.page_queue, p);
2424 if (!BTM_ACL_IS_CONNECTED (bda)) {
2425 BTM_TRACE_DEBUG ("connecting_bda: %06x%06x\n",
2426 (btm_cb.connecting_bda[0] << 16) + (btm_cb.connecting_bda[1] << 8) +
2427 btm_cb.connecting_bda[2],
2428 (btm_cb.connecting_bda[3] << 16) + (btm_cb.connecting_bda[4] << 8) +
2429 btm_cb.connecting_bda[5]);
2430 if (btm_cb.paging &&
2431 memcmp (bda, btm_cb.connecting_bda, BD_ADDR_LEN) != 0) {
2432 fixed_queue_enqueue(btm_cb.page_queue, p);
2434 p_dev_rec = btm_find_or_alloc_dev (bda);
2435 memcpy (btm_cb.connecting_bda, p_dev_rec->bd_addr, BD_ADDR_LEN);
2436 memcpy (btm_cb.connecting_dc, p_dev_rec->dev_class, DEV_CLASS_LEN);
2438 btu_hcif_send_cmd (LOCAL_BR_EDR_CONTROLLER_ID, p);
2441 btm_cb.paging = TRUE;
2442 } else { /* ACL is already up */
2443 btu_hcif_send_cmd (LOCAL_BR_EDR_CONTROLLER_ID, p);
2447 #endif ///SMP_INCLUDED == TRUE
2449 /*******************************************************************************
2451 ** Function btm_acl_notif_conn_collision
2453 ** Description Send connection collision event to upper layer if registered
2455 ** Returns TRUE if sent out to upper layer,
2456 ** FALSE if no one needs the notification.
2458 *******************************************************************************/
2459 BOOLEAN btm_acl_notif_conn_collision (BD_ADDR bda)
2461 tBTM_BL_EVENT_DATA evt_data;
2463 /* Report possible collision to the upper layer. */
2464 if (btm_cb.p_bl_changed_cb) {
2465 BTM_TRACE_DEBUG ("btm_acl_notif_conn_collision: RemBdAddr: %02x%02x%02x%02x%02x%02x\n",
2466 bda[0], bda[1], bda[2], bda[3], bda[4], bda[5]);
2468 evt_data.event = BTM_BL_COLLISION_EVT;
2469 evt_data.conn.p_bda = bda;
2471 #if BLE_INCLUDED == TRUE
2472 evt_data.conn.transport = BT_TRANSPORT_BR_EDR;
2473 evt_data.conn.handle = BTM_INVALID_HCI_HANDLE;
2475 (*btm_cb.p_bl_changed_cb)(&evt_data);
2483 /*******************************************************************************
2485 ** Function btm_acl_chk_peer_pkt_type_support
2487 ** Description Check if peer supports requested packets
2489 *******************************************************************************/
2490 void btm_acl_chk_peer_pkt_type_support (tACL_CONN *p, UINT16 *p_pkt_type)
2492 /* 3 and 5 slot packets? */
2493 if (!HCI_3_SLOT_PACKETS_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0])) {
2494 *p_pkt_type &= ~(BTM_ACL_PKT_TYPES_MASK_DH3 + BTM_ACL_PKT_TYPES_MASK_DM3);
2497 if (!HCI_5_SLOT_PACKETS_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0])) {
2498 *p_pkt_type &= ~(BTM_ACL_PKT_TYPES_MASK_DH5 + BTM_ACL_PKT_TYPES_MASK_DM5);
2501 /* 2 and 3 MPS support? */
2502 if (!HCI_EDR_ACL_2MPS_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0]))
2503 /* Not supported. Add 'not_supported' mask for all 2MPS packet types */
2504 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_2_DH1 + BTM_ACL_PKT_TYPES_MASK_NO_2_DH3 +
2505 BTM_ACL_PKT_TYPES_MASK_NO_2_DH5);
2507 if (!HCI_EDR_ACL_3MPS_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0]))
2508 /* Not supported. Add 'not_supported' mask for all 3MPS packet types */
2509 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_3_DH1 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH3 +
2510 BTM_ACL_PKT_TYPES_MASK_NO_3_DH5);
2512 /* EDR 3 and 5 slot support? */
2513 if (HCI_EDR_ACL_2MPS_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0])
2514 || HCI_EDR_ACL_3MPS_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0])) {
2515 if (!HCI_3_SLOT_EDR_ACL_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0]))
2516 /* Not supported. Add 'not_supported' mask for all 3-slot EDR packet types */
2518 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_2_DH3 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH3);
2521 if (!HCI_5_SLOT_EDR_ACL_SUPPORTED(p->peer_lmp_features[HCI_EXT_FEATURES_PAGE_0]))
2522 /* Not supported. Add 'not_supported' mask for all 5-slot EDR packet types */
2524 *p_pkt_type |= (BTM_ACL_PKT_TYPES_MASK_NO_2_DH5 + BTM_ACL_PKT_TYPES_MASK_NO_3_DH5);