1 /******************************************************************************
3 * Copyright (C) 2008-2014 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
19 /******************************************************************************
21 * This file contains functions for BLE GAP.
23 ******************************************************************************/
25 #define LOG_TAG "bt_btm_ble"
35 #include "btm_ble_api.h"
38 #include "device/include/controller.h"
42 #if BLE_INCLUDED == TRUE
44 #include "btm_ble_int.h"
48 #include "osi/include/log.h"
50 #define BTM_BLE_NAME_SHORT 0x01
51 #define BTM_BLE_NAME_CMPL 0x02
53 #define BTM_BLE_FILTER_TARGET_UNKNOWN 0xff
54 #define BTM_BLE_POLICY_UNKNOWN 0xff
56 #define BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS (30 * 1000)
57 #define MIN_ADV_LENGTH 2
58 #define BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE 9
61 extern fixed_queue_t *btu_general_alarm_queue;
63 static tBTM_BLE_VSC_CB cmn_ble_vsc_cb;
65 #if BLE_VND_INCLUDED == TRUE
66 static tBTM_BLE_CTRL_FEATURES_CBACK *p_ctrl_le_feature_rd_cmpl_cback = NULL;
69 /*******************************************************************************
71 *******************************************************************************/
72 static void btm_ble_update_adv_flag(UINT8 flag);
73 static void btm_ble_process_adv_pkt_cont(BD_ADDR bda, UINT8 addr_type, UINT8 evt_type, UINT8 *p);
74 UINT8 *btm_ble_build_adv_data(tBTM_BLE_AD_MASK *p_data_mask, UINT8 **p_dst,
75 tBTM_BLE_ADV_DATA *p_data);
76 static UINT8 btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB *p_cb,
77 BD_ADDR_PTR p_peer_addr_ptr,
78 tBLE_ADDR_TYPE *p_peer_addr_type,
79 tBLE_ADDR_TYPE *p_own_addr_type);
80 static void btm_ble_stop_observe(void);
81 static void btm_ble_fast_adv_timer_timeout(void *data);
82 static void btm_ble_start_slow_adv(void);
83 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(void *data);
84 static void btm_ble_inquiry_timer_timeout(void *data);
85 static void btm_ble_observer_timer_timeout(void *data);
88 #define BTM_BLE_INQ_RESULT 0x01
89 #define BTM_BLE_OBS_RESULT 0x02
90 #define BTM_BLE_SEL_CONN_RESULT 0x04
92 /* LE states combo bit to check */
93 const UINT8 btm_le_state_combo_tbl[BTM_BLE_STATE_MAX][BTM_BLE_STATE_MAX][2] =
95 {/* single state support */
96 {HCI_SUPP_LE_STATES_CONN_ADV_MASK, HCI_SUPP_LE_STATES_CONN_ADV_OFF}, /* conn_adv */
97 {HCI_SUPP_LE_STATES_INIT_MASK, HCI_SUPP_LE_STATES_INIT_OFF}, /* init */
98 {HCI_SUPP_LE_STATES_INIT_MASK, HCI_SUPP_LE_STATES_INIT_OFF}, /* master */
99 {HCI_SUPP_LE_STATES_SLAVE_MASK, HCI_SUPP_LE_STATES_SLAVE_OFF}, /* slave */
100 {0, 0}, /* todo: lo du dir adv, not covered ? */
101 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_OFF}, /* hi duty dir adv */
102 {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_OFF}, /* non connectable adv */
103 {HCI_SUPP_LE_STATES_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_OFF}, /* passive scan */
104 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_OFF}, /* active scan */
105 {HCI_SUPP_LE_STATES_SCAN_ADV_MASK, HCI_SUPP_LE_STATESSCAN_ADV_OFF} /* scanable adv */
108 {0, 0}, /* conn_adv */
109 {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF}, /* init: 32 */
110 {HCI_SUPP_LE_STATES_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_CONN_ADV_MASTER_OFF}, /* master: 35 */
111 {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* slave: 38,*/
112 {0, 0}, /* lo du dir adv */
113 {0, 0}, /* hi duty dir adv */
114 {0, 0}, /* non connectable adv */
115 {HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_OFF}, /* passive scan */
116 {HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_OFF}, /* active scan */
117 {0, 0} /* scanable adv */
120 {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF}, /* conn_adv: 32 */
122 {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF}, /* master 28 */
123 {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* slave 41 */
124 {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_OFF} ,/* lo du dir adv 34 */
125 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_OFF}, /* hi duty dir adv 33 */
126 {HCI_SUPP_LE_STATES_NON_CONN_INIT_MASK, HCI_SUPP_LE_STATES_NON_CONN_INIT_OFF}, /* non connectable adv */
127 {HCI_SUPP_LE_STATES_PASS_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_INIT_OFF}, /* passive scan */
128 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_OFF}, /* active scan */
129 {HCI_SUPP_LE_STATES_SCAN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_INIT_OFF} /* scanable adv */
133 {HCI_SUPP_LE_STATES_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_CONN_ADV_MASTER_OFF}, /* conn_adv: 35 */
134 {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF}, /* init 28 */
135 {HCI_SUPP_LE_STATES_INIT_MASTER_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_OFF}, /* master 28 */
136 {HCI_SUPP_LE_STATES_CONN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_CONN_ADV_INIT_OFF}, /* slave: 32 */
137 {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_OFF}, /* lo duty cycle adv 37 */
138 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_OFF}, /* hi duty cycle adv 36 */
139 {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_OFF}, /* non connectable adv */
140 {HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_OFF}, /* passive scan */
141 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_OFF}, /* active scan */
142 {HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_OFF} /* scanable adv */
146 {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* conn_adv: 38,*/
147 {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* init 41 */
148 {HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_MASK, HCI_SUPP_LE_STATES_INIT_MASTER_SLAVE_OFF}, /* master 41 */
149 {HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_CONN_ADV_SLAVE_OFF}, /* slave: 38,*/
150 {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_OFF}, /* lo duty cycle adv 40 */
151 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_OFF}, /* hi duty cycle adv 39 */
152 {HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_OFF}, /* non connectable adv */
153 {HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_OFF}, /* passive scan */
154 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_OFF}, /* active scan */
155 {HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_OFF} /* scanable adv */
158 { /* lo duty cycle adv */
159 {0, 0}, /* conn_adv: 38,*/
160 {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_INIT_OFF} ,/* init 34 */
161 {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_MASTER_OFF}, /* master 37 */
162 {HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_LO_DUTY_DIR_ADV_SLAVE_OFF}, /* slave: 40 */
163 {0, 0}, /* lo duty cycle adv 40 */
164 {0, 0}, /* hi duty cycle adv 39 */
165 {0, 0}, /* non connectable adv */
166 {0, 0}, /* TODO: passive scan, not covered? */
167 {0, 0}, /* TODO: active scan, not covered? */
168 {0, 0} /* scanable adv */
170 { /* hi duty cycle adv */
171 {0, 0}, /* conn_adv: 38,*/
172 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_INIT_OFF}, /* init 33 */
173 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_MASTER_OFF}, /* master 36 */
174 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_SLAVE_OFF}, /* slave: 39*/
175 {0, 0}, /* lo duty cycle adv 40 */
176 {0, 0}, /* hi duty cycle adv 39 */
177 {0, 0}, /* non connectable adv */
178 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_OFF}, /* passive scan */
179 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_OFF}, /* active scan */
180 {0, 0} /* scanable adv */
182 { /* non connectable adv */
183 {0, 0}, /* conn_adv: */
184 {HCI_SUPP_LE_STATES_NON_CONN_INIT_MASK, HCI_SUPP_LE_STATES_NON_CONN_INIT_OFF}, /* init */
185 {HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_MASTER_OFF}, /* master */
186 {HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_SLAVE_OFF}, /* slave: */
187 {0, 0}, /* lo duty cycle adv */
188 {0, 0}, /* hi duty cycle adv */
189 {0, 0}, /* non connectable adv */
190 {HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_OFF}, /* passive scan */
191 {HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_OFF}, /* active scan */
192 {0, 0} /* scanable adv */
195 {HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_PASS_SCAN_OFF}, /* conn_adv: */
196 {HCI_SUPP_LE_STATES_PASS_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_INIT_OFF}, /* init */
197 {HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_MASTER_OFF}, /* master */
198 {HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_PASS_SCAN_SLAVE_OFF}, /* slave: */
199 {0, 0}, /* lo duty cycle adv */
200 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_PASS_SCAN_OFF}, /* hi duty cycle adv */
201 {HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_PASS_SCAN_OFF}, /* non connectable adv */
202 {0, 0}, /* passive scan */
203 {0, 0}, /* active scan */
204 {HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_OFF} /* scanable adv */
207 {HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_CONN_ADV_ACTIVE_SCAN_OFF}, /* conn_adv: */
208 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_INIT_OFF}, /* init */
209 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_MASTER_OFF}, /* master */
210 {HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_MASK, HCI_SUPP_LE_STATES_ACTIVE_SCAN_SLAVE_OFF}, /* slave: */
211 {0, 0}, /* lo duty cycle adv */
212 {HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_HI_DUTY_DIR_ADV_ACTIVE_SCAN_OFF}, /* hi duty cycle adv */
213 {HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_NON_CONN_ADV_ACTIVE_SCAN_OFF}, /* non connectable adv */
214 {0, 0}, /* TODO: passive scan */
215 {0, 0}, /* TODO: active scan */
216 {HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_OFF} /* scanable adv */
219 {0, 0}, /* conn_adv: */
220 {HCI_SUPP_LE_STATES_SCAN_ADV_INIT_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_INIT_OFF}, /* init */
221 {HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_MASTER_OFF}, /* master */
222 {HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_SLAVE_OFF}, /* slave: */
223 {0, 0}, /* lo duty cycle adv */
224 {0, 0}, /* hi duty cycle adv */
225 {0, 0}, /* non connectable adv */
226 {HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_PASS_SCAN_OFF}, /* passive scan */
227 {HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_MASK, HCI_SUPP_LE_STATES_SCAN_ADV_ACTIVE_SCAN_OFF}, /* active scan */
228 {0, 0} /* scanable adv */
232 /* check LE combo state supported */
233 #define BTM_LE_STATES_SUPPORTED(x, y, z) ((x)[(z)] & (y))
235 /*******************************************************************************
237 ** Function BTM_BleUpdateAdvWhitelist
239 ** Description Add or remove device from advertising white list
243 *******************************************************************************/
244 BOOLEAN BTM_BleUpdateAdvWhitelist(BOOLEAN add_remove, BD_ADDR remote_bda)
252 /*******************************************************************************
254 ** Function BTM_BleUpdateAdvFilterPolicy
256 ** Description This function update the filter policy of advertiser.
258 ** Parameter adv_policy: advertising filter policy
261 *******************************************************************************/
262 void BTM_BleUpdateAdvFilterPolicy(tBTM_BLE_AFP adv_policy)
264 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
265 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
266 BD_ADDR p_addr_ptr= {0};
267 UINT8 adv_mode = p_cb->adv_mode;
269 BTM_TRACE_EVENT ("BTM_BleUpdateAdvFilterPolicy");
271 if (!controller_get_interface()->supports_ble())
274 if (p_cb->afp != adv_policy)
276 p_cb->afp = adv_policy;
278 /* if adv active, stop and restart */
281 if (p_cb->connectable_mode & BTM_BLE_CONNECTABLE)
282 p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
283 &p_cb->adv_addr_type);
285 btsnd_hcic_ble_write_adv_params ((UINT16)(p_cb->adv_interval_min ? p_cb->adv_interval_min :
286 BTM_BLE_GAP_ADV_SLOW_INT),
287 (UINT16)(p_cb->adv_interval_max ? p_cb->adv_interval_max :
288 BTM_BLE_GAP_ADV_SLOW_INT),
296 if (adv_mode == BTM_BLE_ADV_ENABLE)
297 btm_ble_start_adv ();
302 /*******************************************************************************
304 ** Function btm_ble_send_extended_scan_params
306 ** Description This function sends out the extended scan parameters command to the controller
308 ** Parameters scan_type - Scan type
309 ** scan_int - Scan interval
310 ** scan_win - Scan window
311 ** addr_type_own - Own address type
312 ** scan_filter_policy - Scan filter policy
314 ** Returns TRUE or FALSE
316 *******************************************************************************/
317 BOOLEAN btm_ble_send_extended_scan_params(UINT8 scan_type, UINT32 scan_int,
318 UINT32 scan_win, UINT8 addr_type_own,
319 UINT8 scan_filter_policy)
321 UINT8 scan_param[HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM];
322 UINT8 *pp_scan = scan_param;
324 memset(scan_param, 0, HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM);
326 UINT8_TO_STREAM(pp_scan, scan_type);
327 UINT32_TO_STREAM(pp_scan, scan_int);
328 UINT32_TO_STREAM(pp_scan, scan_win);
329 UINT8_TO_STREAM(pp_scan, addr_type_own);
330 UINT8_TO_STREAM(pp_scan, scan_filter_policy);
332 BTM_TRACE_DEBUG("%s, %d, %d", __func__, scan_int, scan_win);
333 if ((BTM_VendorSpecificCommand(HCI_BLE_EXTENDED_SCAN_PARAMS_OCF,
334 HCIC_PARAM_SIZE_BLE_WRITE_EXTENDED_SCAN_PARAM, scan_param, NULL)) != BTM_SUCCESS)
336 BTM_TRACE_ERROR("%s error sending extended scan parameters", __func__);
342 /*******************************************************************************
344 ** Function BTM_BleObserve
346 ** Description This procedure keep the device listening for advertising
347 ** events from a broadcast device.
349 ** Parameters start: start or stop observe.
350 ** white_list: use white list in observer mode or not.
354 *******************************************************************************/
355 tBTM_STATUS BTM_BleObserve(BOOLEAN start, UINT8 duration,
356 tBTM_INQ_RESULTS_CB *p_results_cb, tBTM_CMPL_CB *p_cmpl_cb)
358 tBTM_BLE_INQ_CB *p_inq = &btm_cb.ble_ctr_cb.inq_var;
359 tBTM_STATUS status = BTM_WRONG_MODE;
361 UINT32 scan_interval = !p_inq->scan_interval ? BTM_BLE_GAP_DISC_SCAN_INT : p_inq->scan_interval;
362 UINT32 scan_window = !p_inq->scan_window ? BTM_BLE_GAP_DISC_SCAN_WIN : p_inq->scan_window;
364 BTM_TRACE_EVENT ("%s : scan_type:%d, %d, %d", __func__, btm_cb.btm_inq_vars.scan_type,
365 p_inq->scan_interval, p_inq->scan_window);
367 if (!controller_get_interface()->supports_ble())
368 return BTM_ILLEGAL_VALUE;
372 /* shared inquiry database, do not allow observe if any inquiry is active */
373 if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
375 BTM_TRACE_ERROR("%s Observe Already Active", __func__);
379 btm_cb.ble_ctr_cb.p_obs_results_cb = p_results_cb;
380 btm_cb.ble_ctr_cb.p_obs_cmpl_cb = p_cmpl_cb;
381 status = BTM_CMD_STARTED;
383 /* scan is not started */
384 if (!BTM_BLE_IS_SCAN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
386 /* allow config of scan type */
387 p_inq->scan_type = (p_inq->scan_type == BTM_BLE_SCAN_MODE_NONE) ?
388 BTM_BLE_SCAN_MODE_ACTI: p_inq->scan_type;
389 /* assume observe always not using white list */
390 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
391 /* enable resolving list */
392 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
395 if (cmn_ble_vsc_cb.extended_scan_support == 0)
397 btsnd_hcic_ble_set_scan_params(p_inq->scan_type, (UINT16)scan_interval,
399 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
400 BTM_BLE_DEFAULT_SFP);
404 btm_ble_send_extended_scan_params(p_inq->scan_type, scan_interval, scan_window,
405 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
406 BTM_BLE_DEFAULT_SFP);
409 p_inq->scan_duplicate_filter = BTM_BLE_DUPLICATE_DISABLE;
410 status = btm_ble_start_scan();
413 if (status == BTM_CMD_STARTED)
415 btm_cb.ble_ctr_cb.scan_activity |= BTM_LE_OBSERVE_ACTIVE;
417 /* start observer timer */
418 period_ms_t duration_ms = duration * 1000;
419 alarm_set_on_queue(btm_cb.ble_ctr_cb.observer_timer,
420 duration_ms, btm_ble_observer_timer_timeout,
421 NULL, btu_general_alarm_queue);
425 else if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
427 status = BTM_CMD_STARTED;
428 btm_ble_stop_observe();
432 BTM_TRACE_ERROR("%s Observe not active", __func__);
439 /*******************************************************************************
441 ** Function BTM_BleBroadcast
443 ** Description This function is to start or stop broadcasting.
445 ** Parameters start: start or stop broadcasting.
449 *******************************************************************************/
450 tBTM_STATUS BTM_BleBroadcast(BOOLEAN start)
452 tBTM_STATUS status = BTM_NO_RESOURCES;
453 tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
454 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
455 UINT8 evt_type = p_cb->scan_rsp ? BTM_BLE_DISCOVER_EVT: BTM_BLE_NON_CONNECT_EVT;
457 if (!controller_get_interface()->supports_ble())
458 return BTM_ILLEGAL_VALUE;
460 #ifdef BTM_BLE_PC_ADV_TEST_MODE
461 if (BTM_BLE_PC_ADV_TEST_MODE)
463 evt_type = p_cb->scan_rsp ? BTM_BLE_CONNECT_EVT: BTM_BLE_NON_CONNECT_EVT;
467 if (start && p_cb->adv_mode == BTM_BLE_ADV_DISABLE)
469 /* update adv params */
470 if (!btsnd_hcic_ble_write_adv_params ((UINT16)(p_cb->adv_interval_min ? p_cb->adv_interval_min :
471 BTM_BLE_GAP_ADV_INT),
472 (UINT16)(p_cb->adv_interval_max ? p_cb->adv_interval_max :
473 BTM_BLE_GAP_ADV_INT),
475 p_addr_cb->own_addr_type,
476 p_cb->direct_bda.type,
477 p_cb->direct_bda.bda,
481 status = BTM_NO_RESOURCES;
483 p_cb->evt_type = evt_type;
485 status = btm_ble_start_adv ();
489 status = btm_ble_stop_adv();
490 #if BLE_PRIVACY_SPT == TRUE
491 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
496 status = BTM_WRONG_MODE;
497 BTM_TRACE_ERROR("Can not %s Broadcast, device %s in Broadcast mode",
498 (start ? "Start" : "Stop"), (start ? "already" :"not"));
503 #if BLE_VND_INCLUDED == TRUE
504 /*******************************************************************************
506 ** Function btm_vsc_brcm_features_complete
508 ** Description Command Complete callback for HCI_BLE_VENDOR_CAP_OCF
512 *******************************************************************************/
513 static void btm_ble_vendor_capability_vsc_cmpl_cback (tBTM_VSC_CMPL *p_vcs_cplt_params)
518 BTM_TRACE_DEBUG("%s", __func__);
520 /* Check status of command complete event */
521 if ((p_vcs_cplt_params->opcode == HCI_BLE_VENDOR_CAP_OCF) &&
522 (p_vcs_cplt_params->param_len > 0))
524 p = p_vcs_cplt_params->p_param_buf;
525 STREAM_TO_UINT8(status, p);
528 if (status == HCI_SUCCESS)
530 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.adv_inst_max, p);
531 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.rpa_offloading, p);
532 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg, p);
533 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz, p);
534 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.filter_support, p);
535 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.max_filter, p);
536 STREAM_TO_UINT8(btm_cb.cmn_ble_vsc_cb.energy_support, p);
538 if (p_vcs_cplt_params->param_len > BTM_VSC_CHIP_CAPABILITY_RSP_LEN_L_RELEASE)
540 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.version_supported, p);
544 btm_cb.cmn_ble_vsc_cb.version_supported = BTM_VSC_CHIP_CAPABILITY_L_VERSION;
547 if (btm_cb.cmn_ble_vsc_cb.version_supported >= BTM_VSC_CHIP_CAPABILITY_M_VERSION)
549 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.total_trackable_advertisers, p);
550 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.extended_scan_support, p);
551 STREAM_TO_UINT16(btm_cb.cmn_ble_vsc_cb.debug_logging_supported, p);
553 btm_cb.cmn_ble_vsc_cb.values_read = TRUE;
556 BTM_TRACE_DEBUG("%s: stat=%d, irk=%d, ADV ins:%d, rpa=%d, ener=%d, ext_scan=%d",
557 __func__, status, btm_cb.cmn_ble_vsc_cb.max_irk_list_sz,
558 btm_cb.cmn_ble_vsc_cb.adv_inst_max, btm_cb.cmn_ble_vsc_cb.rpa_offloading,
559 btm_cb.cmn_ble_vsc_cb.energy_support, btm_cb.cmn_ble_vsc_cb.extended_scan_support);
561 if (BTM_BleMaxMultiAdvInstanceCount() > 0)
562 btm_ble_multi_adv_init();
564 if (btm_cb.cmn_ble_vsc_cb.max_filter > 0)
565 btm_ble_adv_filter_init();
567 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
568 /* VS capability included and non-4.2 device */
569 if (btm_cb.cmn_ble_vsc_cb.max_irk_list_sz > 0 &&
570 controller_get_interface()->get_ble_resolving_list_max_size() == 0)
571 btm_ble_resolving_list_init(btm_cb.cmn_ble_vsc_cb.max_irk_list_sz);
572 #endif /* (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE) */
574 if (btm_cb.cmn_ble_vsc_cb.tot_scan_results_strg > 0)
575 btm_ble_batchscan_init();
577 if (p_ctrl_le_feature_rd_cmpl_cback != NULL)
578 p_ctrl_le_feature_rd_cmpl_cback(status);
580 #endif /* BLE_VND_INCLUDED == TRUE */
582 /*******************************************************************************
584 ** Function BTM_BleGetVendorCapabilities
586 ** Description This function reads local LE features
588 ** Parameters p_cmn_vsc_cb : Locala LE capability structure
592 *******************************************************************************/
593 extern void BTM_BleGetVendorCapabilities(tBTM_BLE_VSC_CB *p_cmn_vsc_cb)
595 BTM_TRACE_DEBUG("BTM_BleGetVendorCapabilities");
597 if (NULL != p_cmn_vsc_cb)
599 *p_cmn_vsc_cb = btm_cb.cmn_ble_vsc_cb;
603 /******************************************************************************
605 ** Function BTM_BleReadControllerFeatures
607 ** Description Reads BLE specific controller features
609 ** Parameters: tBTM_BLE_CTRL_FEATURES_CBACK : Callback to notify when features are read
613 *******************************************************************************/
614 extern void BTM_BleReadControllerFeatures(tBTM_BLE_CTRL_FEATURES_CBACK *p_vsc_cback)
616 if (TRUE == btm_cb.cmn_ble_vsc_cb.values_read)
619 #if BLE_VND_INCLUDED == TRUE
620 BTM_TRACE_DEBUG("BTM_BleReadControllerFeatures");
622 p_ctrl_le_feature_rd_cmpl_cback = p_vsc_cback;
623 if ( BTM_VendorSpecificCommand (HCI_BLE_VENDOR_CAP_OCF,
626 btm_ble_vendor_capability_vsc_cmpl_cback)
629 BTM_TRACE_ERROR("LE Get_Vendor Capabilities Command Failed.");
637 /*******************************************************************************
639 ** Function BTM_BleEnableMixedPrivacyMode
641 ** Description This function is called to enabled Mixed mode if privacy 1.2
642 ** is applicable in controller.
644 ** Parameters mixed_on: mixed mode to be used or not.
648 *******************************************************************************/
649 void BTM_BleEnableMixedPrivacyMode(BOOLEAN mixed_on)
652 #if BLE_PRIVACY_SPT == TRUE
653 btm_cb.ble_ctr_cb.mixed_mode = mixed_on;
655 /* TODO: send VSC to enabled mixed mode */
659 /*******************************************************************************
661 ** Function BTM_BleConfigPrivacy
663 ** Description This function is called to enable or disable the privacy in
664 ** LE channel of the local device.
666 ** Parameters privacy_mode: privacy mode on or off.
668 ** Returns BOOLEAN privacy mode set success; otherwise failed.
670 *******************************************************************************/
671 BOOLEAN BTM_BleConfigPrivacy(BOOLEAN privacy_mode)
673 #if BLE_PRIVACY_SPT == TRUE
674 tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb;
676 BTM_TRACE_EVENT ("%s", __func__);
678 /* if LE is not supported, return error */
679 if (!controller_get_interface()->supports_ble())
682 uint8_t addr_resolution = 0;
683 if(!privacy_mode)/* if privacy disabled, always use public address */
685 p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_PUBLIC;
686 p_cb->privacy_mode = BTM_PRIVACY_NONE;
688 else /* privacy is turned on*/
690 /* always set host random address, used when privacy 1.1 or priavcy 1.2 is disabled */
691 p_cb->addr_mgnt_cb.own_addr_type = BLE_ADDR_RANDOM;
692 btm_gen_resolvable_private_addr((void *)btm_gen_resolve_paddr_low);
694 if (BTM_BleMaxMultiAdvInstanceCount() > 0)
695 btm_ble_multi_adv_enb_privacy(privacy_mode);
697 /* 4.2 controller only allow privacy 1.2 or mixed mode, resolvable private address in controller */
698 if (controller_get_interface()->supports_ble_privacy())
701 /* check vendor specific capability */
702 p_cb->privacy_mode = btm_cb.ble_ctr_cb.mixed_mode ? BTM_PRIVACY_MIXED : BTM_PRIVACY_1_2;
704 else /* 4.1/4.0 controller */
705 p_cb->privacy_mode = BTM_PRIVACY_1_1;
708 GAP_BleAttrDBUpdate (GATT_UUID_GAP_CENTRAL_ADDR_RESOL, (tGAP_BLE_ATTR_VALUE *)&addr_resolution);
716 /*******************************************************************************
718 ** Function BTM_BleMaxMultiAdvInstanceCount
720 ** Description Returns max number of multi adv instances supported by controller
722 ** Returns Max multi adv instance count
724 *******************************************************************************/
725 extern UINT8 BTM_BleMaxMultiAdvInstanceCount(void)
727 return btm_cb.cmn_ble_vsc_cb.adv_inst_max < BTM_BLE_MULTI_ADV_MAX ?
728 btm_cb.cmn_ble_vsc_cb.adv_inst_max : BTM_BLE_MULTI_ADV_MAX;
731 #if BLE_PRIVACY_SPT == TRUE
732 /*******************************************************************************
734 ** Function btm_ble_resolve_random_addr_on_adv
736 ** Description resolve random address complete callback.
740 *******************************************************************************/
741 static void btm_ble_resolve_random_addr_on_adv(void * p_rec, void *p)
743 tBTM_SEC_DEV_REC *match_rec = (tBTM_SEC_DEV_REC *) p_rec;
744 UINT8 addr_type = BLE_ADDR_RANDOM;
746 UINT8 *pp = (UINT8 *)p + 1;
749 BTM_TRACE_EVENT ("btm_ble_resolve_random_addr_on_adv ");
751 STREAM_TO_UINT8 (evt_type, pp);
752 STREAM_TO_UINT8 (addr_type, pp);
753 STREAM_TO_BDADDR (bda, pp);
757 BTM_TRACE_DEBUG("Random match");
758 match_rec->ble.active_addr_type = BTM_BLE_ADDR_RRA;
759 memcpy(match_rec->ble.cur_rand_addr, bda, BD_ADDR_LEN);
761 if (btm_ble_init_pseudo_addr(match_rec, bda))
763 memcpy(bda, match_rec->bd_addr, BD_ADDR_LEN);
765 // Assign the original address to be the current report address
766 memcpy(bda, match_rec->ble.pseudo_addr, BD_ADDR_LEN);
770 btm_ble_process_adv_pkt_cont(bda, addr_type, evt_type, pp);
776 /*******************************************************************************
778 ** Function BTM_BleLocalPrivacyEnabled
780 ** Description Checks if local device supports private address
782 ** Returns Return TRUE if local privacy is enabled else FALSE
784 *******************************************************************************/
785 BOOLEAN BTM_BleLocalPrivacyEnabled(void)
787 #if BLE_PRIVACY_SPT == TRUE
788 return (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE);
794 /*******************************************************************************
796 ** Function BTM_BleSetBgConnType
798 ** Description This function is called to set BLE connectable mode for a
799 ** peripheral device.
801 ** Parameters bg_conn_type: it can be auto connection, or selective connection.
802 ** p_select_cback: callback function when selective connection procedure
807 *******************************************************************************/
808 BOOLEAN BTM_BleSetBgConnType(tBTM_BLE_CONN_TYPE bg_conn_type,
809 tBTM_BLE_SEL_CBACK *p_select_cback)
811 BOOLEAN started = TRUE;
813 BTM_TRACE_EVENT ("BTM_BleSetBgConnType ");
814 if (!controller_get_interface()->supports_ble())
817 if (btm_cb.ble_ctr_cb.bg_conn_type != bg_conn_type)
819 switch (bg_conn_type)
821 case BTM_BLE_CONN_AUTO:
822 btm_ble_start_auto_conn(TRUE);
825 case BTM_BLE_CONN_SELECTIVE:
826 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_AUTO)
828 btm_ble_start_auto_conn(FALSE);
830 btm_ble_start_select_conn(TRUE, p_select_cback);
833 case BTM_BLE_CONN_NONE:
834 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_AUTO)
836 btm_ble_start_auto_conn(FALSE);
838 else if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_SELECTIVE)
840 btm_ble_start_select_conn(FALSE, NULL);
846 BTM_TRACE_ERROR("invalid bg connection type : %d ", bg_conn_type);
852 btm_cb.ble_ctr_cb.bg_conn_type = bg_conn_type;
857 /*******************************************************************************
859 ** Function BTM_BleClearBgConnDev
861 ** Description This function is called to clear the whitelist,
862 ** end any pending whitelist connections,
863 * and reset the local bg device list.
869 *******************************************************************************/
870 void BTM_BleClearBgConnDev(void)
872 btm_ble_start_auto_conn(FALSE);
873 btm_ble_clear_white_list();
874 gatt_reset_bgdev_list();
877 /*******************************************************************************
879 ** Function BTM_BleUpdateBgConnDev
881 ** Description This function is called to add or remove a device into/from
882 ** background connection procedure. The background connection
883 * procedure is decided by the background connection type, it can be
884 * auto connection, or selective connection.
886 ** Parameters add_remove: TRUE to add; FALSE to remove.
887 ** remote_bda: device address to add/remove.
891 *******************************************************************************/
892 BOOLEAN BTM_BleUpdateBgConnDev(BOOLEAN add_remove, BD_ADDR remote_bda)
894 BTM_TRACE_EVENT("%s() add=%d", __func__, add_remove);
895 return btm_update_dev_to_white_list(add_remove, remote_bda);
898 /*******************************************************************************
900 ** Function BTM_BleSetConnectableMode
902 ** Description This function is called to set BLE connectable mode for a
903 ** peripheral device.
905 ** Parameters conn_mode: directed connectable mode, or non-directed.It can
906 ** be BTM_BLE_CONNECT_EVT, BTM_BLE_CONNECT_DIR_EVT or
907 ** BTM_BLE_CONNECT_LO_DUTY_DIR_EVT
909 ** Returns BTM_ILLEGAL_VALUE if controller does not support BLE.
910 ** BTM_SUCCESS is status set successfully; otherwise failure.
912 *******************************************************************************/
913 tBTM_STATUS BTM_BleSetConnectableMode(tBTM_BLE_CONN_MODE connectable_mode)
915 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
917 BTM_TRACE_EVENT ("%s connectable_mode = %d ", __func__, connectable_mode);
918 if (!controller_get_interface()->supports_ble())
919 return BTM_ILLEGAL_VALUE;
921 p_cb->directed_conn = connectable_mode;
922 return btm_ble_set_connectability( p_cb->connectable_mode);
925 #if BLE_PRIVACY_SPT == TRUE
926 static bool is_resolving_list_bit_set(void *data, void *context)
928 tBTM_SEC_DEV_REC *p_dev_rec = data;
930 if ((p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT) != 0)
937 /*******************************************************************************
939 ** Function btm_set_conn_mode_adv_init_addr
941 ** Description set initator address type and local address type based on adv
945 *******************************************************************************/
946 static UINT8 btm_set_conn_mode_adv_init_addr(tBTM_BLE_INQ_CB *p_cb,
947 BD_ADDR_PTR p_peer_addr_ptr,
948 tBLE_ADDR_TYPE *p_peer_addr_type,
949 tBLE_ADDR_TYPE *p_own_addr_type)
952 #if BLE_PRIVACY_SPT == TRUE
953 tBTM_SEC_DEV_REC *p_dev_rec;
956 evt_type = (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE) ? \
957 ((p_cb->scan_rsp) ? BTM_BLE_DISCOVER_EVT : BTM_BLE_NON_CONNECT_EVT )\
958 : BTM_BLE_CONNECT_EVT;
960 if (evt_type == BTM_BLE_CONNECT_EVT)
962 evt_type = p_cb->directed_conn;
964 if ( p_cb->directed_conn == BTM_BLE_CONNECT_DIR_EVT ||
965 p_cb->directed_conn == BTM_BLE_CONNECT_LO_DUTY_DIR_EVT)
968 #if BLE_PRIVACY_SPT == TRUE
969 /* for privacy 1.2, convert peer address as static, own address set as ID addr */
970 if (btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 ||
971 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED)
973 /* only do so for bonded device */
974 if ((p_dev_rec = btm_find_or_alloc_dev (p_cb->direct_bda.bda)) != NULL &&
975 p_dev_rec->ble.in_controller_list & BTM_RESOLVING_LIST_BIT)
977 btm_ble_enable_resolving_list(BTM_BLE_RL_ADV);
978 memcpy(p_peer_addr_ptr, p_dev_rec->ble.static_addr, BD_ADDR_LEN);
979 *p_peer_addr_type = p_dev_rec->ble.static_addr_type;
980 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
983 /* otherwise fall though as normal directed adv */
986 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
990 /* direct adv mode does not have privacy, if privacy is not enabled */
991 *p_peer_addr_type = p_cb->direct_bda.type;
992 memcpy(p_peer_addr_ptr, p_cb->direct_bda.bda, BD_ADDR_LEN);
997 /* undirect adv mode or non-connectable mode*/
998 #if BLE_PRIVACY_SPT == TRUE
999 /* when privacy 1.2 privacy only mode is used, or mixed mode */
1000 if ((btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_1_2 && p_cb->afp != AP_SCAN_CONN_ALL) ||
1001 btm_cb.ble_ctr_cb.privacy_mode == BTM_PRIVACY_MIXED)
1003 list_node_t *n = list_foreach(btm_cb.sec_dev_rec, is_resolving_list_bit_set, NULL);
1005 /* if enhanced privacy is required, set Identity address and matching IRK peer */
1006 tBTM_SEC_DEV_REC *p_dev_rec = list_node(n);
1007 memcpy(p_peer_addr_ptr, p_dev_rec->ble.static_addr, BD_ADDR_LEN);
1008 *p_peer_addr_type = p_dev_rec->ble.static_addr_type;
1010 *p_own_addr_type = BLE_ADDR_RANDOM_ID;
1012 /* resolving list is empty, not enabled */
1013 *p_own_addr_type = BLE_ADDR_RANDOM;
1016 /* privacy 1.1, or privacy 1.2, general discoverable/connectable mode, disable privacy in */
1017 /* controller fall back to host based privacy */
1018 else if (btm_cb.ble_ctr_cb.privacy_mode != BTM_PRIVACY_NONE)
1020 *p_own_addr_type = BLE_ADDR_RANDOM;
1024 /* if no privacy,do not set any peer address,*/
1025 /* local address type go by global privacy setting */
1029 /*******************************************************************************
1031 ** Function BTM_BleSetAdvParams
1033 ** Description This function is called to set advertising parameters.
1035 ** Parameters adv_int_min: minimum advertising interval
1036 ** adv_int_max: maximum advertising interval
1037 ** p_dir_bda: connectable direct initiator's LE device address
1038 ** chnl_map: advertising channel map.
1042 *******************************************************************************/
1043 tBTM_STATUS BTM_BleSetAdvParams(UINT16 adv_int_min, UINT16 adv_int_max,
1044 tBLE_BD_ADDR *p_dir_bda,
1045 tBTM_BLE_ADV_CHNL_MAP chnl_map)
1047 tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1048 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1049 tBTM_STATUS status = BTM_SUCCESS;
1050 BD_ADDR p_addr_ptr = {0};
1051 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
1052 tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
1053 UINT8 adv_mode = p_cb->adv_mode;
1055 BTM_TRACE_EVENT ("BTM_BleSetAdvParams");
1057 if (!controller_get_interface()->supports_ble())
1058 return BTM_ILLEGAL_VALUE;
1060 if (!BTM_BLE_ISVALID_PARAM(adv_int_min, BTM_BLE_ADV_INT_MIN, BTM_BLE_ADV_INT_MAX) ||
1061 !BTM_BLE_ISVALID_PARAM(adv_int_max, BTM_BLE_ADV_INT_MIN, BTM_BLE_ADV_INT_MAX))
1063 return BTM_ILLEGAL_VALUE;
1066 p_cb->adv_interval_min = adv_int_min;
1067 p_cb->adv_interval_max = adv_int_max;
1068 p_cb->adv_chnl_map = chnl_map;
1072 memcpy(&p_cb->direct_bda, p_dir_bda, sizeof(tBLE_BD_ADDR));
1075 BTM_TRACE_EVENT ("update params for an active adv");
1079 p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
1082 /* update adv params */
1083 btsnd_hcic_ble_write_adv_params (p_cb->adv_interval_min,
1084 p_cb->adv_interval_max,
1092 if (adv_mode == BTM_BLE_ADV_ENABLE)
1093 btm_ble_start_adv();
1098 /*******************************************************************************
1100 ** Function BTM_BleReadAdvParams
1102 ** Description This function is called to set advertising parameters.
1104 ** Parameters adv_int_min: minimum advertising interval
1105 ** adv_int_max: maximum advertising interval
1106 ** p_dir_bda: connectable direct initiator's LE device address
1107 ** chnl_map: advertising channel map.
1111 *******************************************************************************/
1112 void BTM_BleReadAdvParams (UINT16 *adv_int_min, UINT16 *adv_int_max,
1113 tBLE_BD_ADDR *p_dir_bda, tBTM_BLE_ADV_CHNL_MAP *p_chnl_map)
1115 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1117 BTM_TRACE_EVENT ("BTM_BleReadAdvParams ");
1118 if (!controller_get_interface()->supports_ble())
1121 *adv_int_min = p_cb->adv_interval_min;
1122 *adv_int_max = p_cb->adv_interval_max;
1123 *p_chnl_map = p_cb->adv_chnl_map;
1125 if (p_dir_bda != NULL)
1127 memcpy(p_dir_bda, &p_cb->direct_bda, sizeof(tBLE_BD_ADDR));
1131 /*******************************************************************************
1133 ** Function BTM_BleSetScanParams
1135 ** Description This function is called to set scan parameters.
1137 ** Parameters client_if - Client IF
1138 ** scan_interval - Scan interval
1139 ** scan_window - Scan window
1140 ** scan_mode - Scan mode
1141 ** scan_setup_status_cback - Scan param setup status callback
1145 *******************************************************************************/
1146 void BTM_BleSetScanParams(tGATT_IF client_if, UINT32 scan_interval, UINT32 scan_window,
1147 tBLE_SCAN_MODE scan_mode,
1148 tBLE_SCAN_PARAM_SETUP_CBACK scan_setup_status_cback)
1150 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1151 UINT32 max_scan_interval;
1152 UINT32 max_scan_window;
1154 BTM_TRACE_EVENT ("%s", __func__);
1155 if (!controller_get_interface()->supports_ble())
1158 /* If not supporting extended scan support, use the older range for checking */
1159 if (btm_cb.cmn_ble_vsc_cb.extended_scan_support == 0)
1161 max_scan_interval = BTM_BLE_SCAN_INT_MAX;
1162 max_scan_window = BTM_BLE_SCAN_WIN_MAX;
1166 /* If supporting extended scan support, use the new extended range for checking */
1167 max_scan_interval = BTM_BLE_EXT_SCAN_INT_MAX;
1168 max_scan_window = BTM_BLE_EXT_SCAN_WIN_MAX;
1171 if (BTM_BLE_ISVALID_PARAM(scan_interval, BTM_BLE_SCAN_INT_MIN, max_scan_interval) &&
1172 BTM_BLE_ISVALID_PARAM(scan_window, BTM_BLE_SCAN_WIN_MIN, max_scan_window) &&
1173 (scan_mode == BTM_BLE_SCAN_MODE_ACTI || scan_mode == BTM_BLE_SCAN_MODE_PASS))
1175 p_cb->scan_type = scan_mode;
1176 p_cb->scan_interval = scan_interval;
1177 p_cb->scan_window = scan_window;
1179 if (scan_setup_status_cback != NULL)
1180 scan_setup_status_cback(client_if, BTM_SUCCESS);
1184 if (scan_setup_status_cback != NULL)
1185 scan_setup_status_cback(client_if, BTM_ILLEGAL_VALUE);
1187 BTM_TRACE_ERROR("Illegal params: scan_interval = %d scan_window = %d",
1188 scan_interval, scan_window);
1193 /*******************************************************************************
1195 ** Function BTM_BleWriteScanRsp
1197 ** Description This function is called to write LE scan response.
1199 ** Parameters: p_scan_rsp: scan response information.
1203 *******************************************************************************/
1204 tBTM_STATUS BTM_BleWriteScanRsp(tBTM_BLE_AD_MASK data_mask, tBTM_BLE_ADV_DATA *p_data)
1206 tBTM_STATUS status = BTM_NO_RESOURCES;
1207 UINT8 rsp_data[BTM_BLE_AD_DATA_LEN],
1210 BTM_TRACE_EVENT ("%s: data_mask:%08x", __func__, data_mask);
1211 if (!controller_get_interface()->supports_ble())
1212 return BTM_ILLEGAL_VALUE;
1214 memset(rsp_data, 0, BTM_BLE_AD_DATA_LEN);
1215 btm_ble_build_adv_data(&data_mask, &p, p_data);
1217 if (btsnd_hcic_ble_set_scan_rsp_data((UINT8)(p - rsp_data), rsp_data))
1219 status = BTM_SUCCESS;
1222 btm_cb.ble_ctr_cb.inq_var.scan_rsp = TRUE;
1224 btm_cb.ble_ctr_cb.inq_var.scan_rsp = FALSE;
1227 status = BTM_ILLEGAL_VALUE;
1232 /*******************************************************************************
1234 ** Function BTM_BleWriteAdvData
1236 ** Description This function is called to write advertising data.
1238 ** Parameters: None.
1242 *******************************************************************************/
1243 tBTM_STATUS BTM_BleWriteAdvData(tBTM_BLE_AD_MASK data_mask, tBTM_BLE_ADV_DATA *p_data)
1245 tBTM_BLE_LOCAL_ADV_DATA *p_cb_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1247 tBTM_BLE_AD_MASK mask = data_mask;
1249 BTM_TRACE_EVENT ("BTM_BleWriteAdvData ");
1251 if (!controller_get_interface()->supports_ble())
1252 return BTM_ILLEGAL_VALUE;
1254 memset(p_cb_data, 0, sizeof(tBTM_BLE_LOCAL_ADV_DATA));
1255 p = p_cb_data->ad_data;
1256 p_cb_data->data_mask = data_mask;
1258 p_cb_data->p_flags = btm_ble_build_adv_data(&mask, &p, p_data);
1260 p_cb_data->p_pad = p;
1264 BTM_TRACE_ERROR("Partial data write into ADV");
1267 p_cb_data->data_mask &= ~mask;
1269 if (btsnd_hcic_ble_set_adv_data((UINT8)(p_cb_data->p_pad - p_cb_data->ad_data),
1270 p_cb_data->ad_data))
1273 return BTM_NO_RESOURCES;
1277 /*******************************************************************************
1279 ** Function BTM_CheckAdvData
1281 ** Description This function is called to get ADV data for a specific type.
1283 ** Parameters p_adv - pointer of ADV data
1284 ** type - finding ADV data type
1285 ** p_length - return the length of ADV data not including type
1287 ** Returns pointer of ADV data
1289 *******************************************************************************/
1290 UINT8 *BTM_CheckAdvData( UINT8 *p_adv, UINT8 type, UINT8 *p_length)
1295 BTM_TRACE_API("%s: type=0x%02x", __func__, type);
1297 STREAM_TO_UINT8(length, p);
1299 while ( length && (p - p_adv <= BTM_BLE_CACHE_ADV_DATA_MAX))
1301 STREAM_TO_UINT8(adv_type, p);
1303 if ( adv_type == type )
1305 /* length doesn't include itself */
1306 *p_length = length - 1; /* minus the length of type */
1309 p += length - 1; /* skip the length of data */
1310 STREAM_TO_UINT8(length, p);
1317 /*******************************************************************************
1319 ** Function BTM__BLEReadDiscoverability
1321 ** Description This function is called to read the current LE discoverability
1322 ** mode of the device.
1324 ** Returns BTM_BLE_NON_DISCOVERABLE ,BTM_BLE_LIMITED_DISCOVERABLE or
1325 ** BTM_BLE_GENRAL_DISCOVERABLE
1327 *******************************************************************************/
1328 UINT16 BTM_BleReadDiscoverability()
1330 BTM_TRACE_API("%s", __FUNCTION__);
1332 return (btm_cb.ble_ctr_cb.inq_var.discoverable_mode);
1335 /*******************************************************************************
1337 ** Function BTM__BLEReadConnectability
1339 ** Description This function is called to read the current LE connectibility
1340 ** mode of the device.
1342 ** Returns BTM_BLE_NON_CONNECTABLE or BTM_BLE_CONNECTABLE
1344 *******************************************************************************/
1345 UINT16 BTM_BleReadConnectability()
1347 BTM_TRACE_API ("%s", __FUNCTION__);
1349 return (btm_cb.ble_ctr_cb.inq_var.connectable_mode);
1352 /*******************************************************************************
1354 ** Function btm_ble_build_adv_data
1356 ** Description This function is called build the adv data and rsp data.
1357 *******************************************************************************/
1358 UINT8 *btm_ble_build_adv_data(tBTM_BLE_AD_MASK *p_data_mask, UINT8 **p_dst,
1359 tBTM_BLE_ADV_DATA *p_data)
1361 UINT32 data_mask = *p_data_mask;
1364 UINT16 len = BTM_BLE_AD_DATA_LEN, cp_len = 0;
1366 tBTM_BLE_PROP_ELEM *p_elem;
1368 BTM_TRACE_EVENT (" btm_ble_build_adv_data");
1370 /* build the adv data structure and build the data string */
1374 if (data_mask & BTM_BLE_AD_BIT_FLAGS)
1376 *p++ = MIN_ADV_LENGTH;
1377 *p++ = BTM_BLE_AD_TYPE_FLAG;
1380 *p++ = p_data->flag;
1386 data_mask &= ~BTM_BLE_AD_BIT_FLAGS;
1388 /* appearance data */
1389 if (len > 3 && data_mask & BTM_BLE_AD_BIT_APPEARANCE)
1391 *p++ = 3; /* length */
1392 *p++ = BTM_BLE_AD_TYPE_APPEARANCE;
1393 UINT16_TO_STREAM(p, p_data->appearance);
1396 data_mask &= ~BTM_BLE_AD_BIT_APPEARANCE;
1399 #if BTM_MAX_LOC_BD_NAME_LEN > 0
1400 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_DEV_NAME)
1402 if (strlen(btm_cb.cfg.bd_name) > (UINT16)(len - MIN_ADV_LENGTH))
1404 *p++ = len - MIN_ADV_LENGTH + 1;
1405 *p++ = BTM_BLE_AD_TYPE_NAME_SHORT;
1406 ARRAY_TO_STREAM(p, btm_cb.cfg.bd_name, len - MIN_ADV_LENGTH);
1410 cp_len = (UINT16)strlen(btm_cb.cfg.bd_name);
1412 *p++ = BTM_BLE_AD_TYPE_NAME_CMPL;
1413 ARRAY_TO_STREAM(p, btm_cb.cfg.bd_name, cp_len);
1415 len -= (cp_len + MIN_ADV_LENGTH);
1416 data_mask &= ~BTM_BLE_AD_BIT_DEV_NAME;
1419 /* manufacturer data */
1420 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_MANU &&
1421 p_data && p_data->manu.len != 0)
1423 if (p_data->manu.len > (len - MIN_ADV_LENGTH))
1424 cp_len = len - MIN_ADV_LENGTH;
1426 cp_len = p_data->manu.len;
1429 *p++ = BTM_BLE_AD_TYPE_MANU;
1430 ARRAY_TO_STREAM(p, p_data->manu.val, cp_len);
1432 len -= (cp_len + MIN_ADV_LENGTH);
1433 data_mask &= ~BTM_BLE_AD_BIT_MANU;
1436 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_TX_PWR)
1438 *p++ = MIN_ADV_LENGTH;
1439 *p++ = BTM_BLE_AD_TYPE_TX_PWR;
1440 if (p_data->tx_power > BTM_BLE_ADV_TX_POWER_MAX)
1441 p_data->tx_power = BTM_BLE_ADV_TX_POWER_MAX;
1442 *p++ = btm_ble_map_adv_tx_power(p_data->tx_power);
1444 data_mask &= ~BTM_BLE_AD_BIT_TX_PWR;
1446 /* 16 bits services */
1447 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE &&
1448 p_data && p_data->services.num_service != 0)
1450 if (p_data->services.num_service * LEN_UUID_16 > (len - MIN_ADV_LENGTH))
1452 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_16;
1453 *p ++ = 1 + cp_len * LEN_UUID_16;
1454 *p++ = BTM_BLE_AD_TYPE_16SRV_PART;
1458 cp_len = p_data->services.num_service;
1459 *p++ = 1 + cp_len * LEN_UUID_16;
1460 *p++ = BTM_BLE_AD_TYPE_16SRV_CMPL;
1462 for (i = 0; i < cp_len; i ++)
1464 UINT16_TO_STREAM(p, *(p_data->services.uuid + i));
1467 len -= (cp_len * MIN_ADV_LENGTH + MIN_ADV_LENGTH);
1468 data_mask &= ~BTM_BLE_AD_BIT_SERVICE;
1470 /* 32 bits service uuid */
1471 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_32 &&
1472 p_data && p_data->service_32b.num_service != 0)
1474 if ((p_data->service_32b.num_service * LEN_UUID_32) > (len - MIN_ADV_LENGTH))
1476 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_32;
1477 *p ++ = 1 + cp_len * LEN_UUID_32;
1478 *p++ = BTM_BLE_AD_TYPE_32SRV_PART;
1482 cp_len = p_data->service_32b.num_service;
1483 *p++ = 1 + cp_len * LEN_UUID_32;
1484 *p++ = BTM_BLE_AD_TYPE_32SRV_CMPL;
1486 for (i = 0; i < cp_len; i ++)
1488 UINT32_TO_STREAM(p, *(p_data->service_32b.uuid + i));
1491 len -= (cp_len * LEN_UUID_32 + MIN_ADV_LENGTH);
1492 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_32;
1494 /* 128 bits services */
1495 if (len >= (MAX_UUID_SIZE + 2) && data_mask & BTM_BLE_AD_BIT_SERVICE_128 &&
1496 p_data && p_data->services_128b.num_service)
1498 *p ++ = 1 + MAX_UUID_SIZE;
1499 if (!p_data->services_128b.list_cmpl)
1500 *p++ = BTM_BLE_AD_TYPE_128SRV_PART;
1502 *p++ = BTM_BLE_AD_TYPE_128SRV_CMPL;
1504 ARRAY_TO_STREAM(p, p_data->services_128b.uuid128, MAX_UUID_SIZE);
1506 len -= (MAX_UUID_SIZE + MIN_ADV_LENGTH);
1507 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_128;
1509 /* 32 bits Service Solicitation UUIDs */
1510 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_32SOL &&
1511 p_data->sol_service_32b.num_service != 0)
1513 if ((p_data->sol_service_32b.num_service * LEN_UUID_32) > (len - MIN_ADV_LENGTH))
1515 cp_len = (len - MIN_ADV_LENGTH)/LEN_UUID_32;
1516 *p ++ = 1 + cp_len * LEN_UUID_32;
1520 cp_len = p_data->sol_service_32b.num_service;
1521 *p++ = 1 + cp_len * LEN_UUID_32;
1524 *p++ = BTM_BLE_AD_TYPE_32SOL_SRV_UUID;
1525 for (i = 0; i < cp_len; i ++)
1527 UINT32_TO_STREAM(p, *(p_data->sol_service_32b.uuid + i));
1530 len -= (cp_len * LEN_UUID_32 + MIN_ADV_LENGTH);
1531 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_32SOL;
1533 /* 128 bits Solicitation services UUID */
1534 if (len >= (MAX_UUID_SIZE + MIN_ADV_LENGTH) && data_mask & BTM_BLE_AD_BIT_SERVICE_128SOL &&
1535 p_data && p_data->sol_service_128b.num_service)
1537 *p ++ = 1 + MAX_UUID_SIZE;
1538 *p++ = BTM_BLE_AD_TYPE_128SOL_SRV_UUID;
1539 ARRAY_TO_STREAM(p, p_data->sol_service_128b.uuid128, MAX_UUID_SIZE);
1540 len -= (MAX_UUID_SIZE + MIN_ADV_LENGTH);
1541 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_128SOL;
1543 /* 16bits/32bits/128bits Service Data */
1544 if (len > MIN_ADV_LENGTH && data_mask & BTM_BLE_AD_BIT_SERVICE_DATA &&
1545 p_data && p_data->service_data.len != 0)
1547 if (len > (p_data->service_data.service_uuid.len + MIN_ADV_LENGTH))
1549 if (p_data->service_data.len > (len - MIN_ADV_LENGTH))
1550 cp_len = len - MIN_ADV_LENGTH- p_data->service_data.service_uuid.len;
1552 cp_len = p_data->service_data.len;
1554 *p++ = cp_len + 1 + p_data->service_data.service_uuid.len;
1555 if (p_data->service_data.service_uuid.len == LEN_UUID_16)
1557 *p++ = BTM_BLE_AD_TYPE_SERVICE_DATA;
1558 UINT16_TO_STREAM(p, p_data->service_data.service_uuid.uu.uuid16);
1560 else if (p_data->service_data.service_uuid.len == LEN_UUID_32)
1562 *p++ = BTM_BLE_AD_TYPE_32SERVICE_DATA;
1563 UINT32_TO_STREAM(p, p_data->service_data.service_uuid.uu.uuid32);
1567 *p++ = BTM_BLE_AD_TYPE_128SERVICE_DATA;
1568 ARRAY_TO_STREAM(p, p_data->service_data.service_uuid.uu.uuid128,
1572 ARRAY_TO_STREAM(p, p_data->service_data.val, cp_len);
1574 len -= (cp_len + MIN_ADV_LENGTH + p_data->service_data.service_uuid.len);
1575 data_mask &= ~BTM_BLE_AD_BIT_SERVICE_DATA;
1579 BTM_TRACE_WARNING("service data does not fit");
1583 if (len >= 6 && data_mask & BTM_BLE_AD_BIT_INT_RANGE &&
1587 *p++ = BTM_BLE_AD_TYPE_INT_RANGE;
1588 UINT16_TO_STREAM(p, p_data->int_range.low);
1589 UINT16_TO_STREAM(p, p_data->int_range.hi);
1591 data_mask &= ~BTM_BLE_AD_BIT_INT_RANGE;
1593 if (data_mask & BTM_BLE_AD_BIT_PROPRIETARY && p_data)
1595 for (i = 0; i < p_data->proprietary.num_elem; ++i)
1597 p_elem = &p_data->proprietary.elem[i];
1599 if (len >= (MIN_ADV_LENGTH + p_elem->len))/* len byte(1) + ATTR type(1) + Uuid len(2)
1602 *p ++ = p_elem->len + 1; /* Uuid len + value length */
1603 *p ++ = p_elem->adv_type;
1604 ARRAY_TO_STREAM(p, p_elem->val, p_elem->len);
1606 len -= (MIN_ADV_LENGTH + p_elem->len);
1610 BTM_TRACE_WARNING("data exceed max adv packet length");
1614 data_mask &= ~BTM_BLE_AD_BIT_PROPRIETARY;
1618 *p_data_mask = data_mask;
1623 /*******************************************************************************
1625 ** Function btm_ble_select_adv_interval
1627 ** Description select adv interval based on device mode
1631 *******************************************************************************/
1632 void btm_ble_select_adv_interval(tBTM_BLE_INQ_CB *p_cb, UINT8 evt_type, UINT16 *p_adv_int_min, UINT16 *p_adv_int_max)
1634 if (p_cb->adv_interval_min && p_cb->adv_interval_max)
1636 *p_adv_int_min = p_cb->adv_interval_min;
1637 *p_adv_int_max = p_cb->adv_interval_max;
1643 case BTM_BLE_CONNECT_EVT:
1644 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
1645 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_1;
1648 case BTM_BLE_NON_CONNECT_EVT:
1649 case BTM_BLE_DISCOVER_EVT:
1650 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_FAST_INT_2;
1653 /* connectable directed event */
1654 case BTM_BLE_CONNECT_DIR_EVT:
1655 *p_adv_int_min = BTM_BLE_GAP_ADV_DIR_MIN_INT;
1656 *p_adv_int_max = BTM_BLE_GAP_ADV_DIR_MAX_INT;
1660 *p_adv_int_min = *p_adv_int_max = BTM_BLE_GAP_ADV_SLOW_INT;
1667 /*******************************************************************************
1669 ** Function btm_ble_update_dmt_flag_bits
1671 ** Description Obtain updated adv flag value based on connect and discoverability mode.
1672 ** Also, setup DMT support value in the flag based on whether the controller
1673 ** supports both LE and BR/EDR.
1675 ** Parameters: flag_value (Input / Output) - flag value
1676 ** connect_mode (Input) - Connect mode value
1677 ** disc_mode (Input) - discoverability mode
1681 *******************************************************************************/
1682 void btm_ble_update_dmt_flag_bits(UINT8 *adv_flag_value, const UINT16 connect_mode,
1683 const UINT16 disc_mode)
1685 /* BR/EDR non-discoverable , non-connectable */
1686 if ((disc_mode & BTM_DISCOVERABLE_MASK) == 0 &&
1687 (connect_mode & BTM_CONNECTABLE_MASK) == 0)
1688 *adv_flag_value |= BTM_BLE_BREDR_NOT_SPT;
1690 *adv_flag_value &= ~BTM_BLE_BREDR_NOT_SPT;
1692 /* if local controller support, mark both controller and host support in flag */
1693 if (controller_get_interface()->supports_simultaneous_le_bredr())
1694 *adv_flag_value |= (BTM_BLE_DMT_CONTROLLER_SPT|BTM_BLE_DMT_HOST_SPT);
1696 *adv_flag_value &= ~(BTM_BLE_DMT_CONTROLLER_SPT|BTM_BLE_DMT_HOST_SPT);
1699 /*******************************************************************************
1701 ** Function btm_ble_set_adv_flag
1703 ** Description Set adv flag in adv data.
1705 ** Parameters: connect_mode (Input)- Connect mode value
1706 ** disc_mode (Input) - discoverability mode
1710 *******************************************************************************/
1711 void btm_ble_set_adv_flag(UINT16 connect_mode, UINT16 disc_mode)
1713 UINT8 flag = 0, old_flag = 0;
1714 tBTM_BLE_LOCAL_ADV_DATA *p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
1716 if (p_adv_data->p_flags != NULL)
1717 flag = old_flag = *(p_adv_data->p_flags);
1719 btm_ble_update_dmt_flag_bits (&flag, connect_mode, disc_mode);
1721 LOG_DEBUG(LOG_TAG, "disc_mode %04x", disc_mode);
1722 /* update discoverable flag */
1723 if (disc_mode & BTM_BLE_LIMITED_DISCOVERABLE)
1725 flag &= ~BTM_BLE_GEN_DISC_FLAG;
1726 flag |= BTM_BLE_LIMIT_DISC_FLAG;
1728 else if (disc_mode & BTM_BLE_GENERAL_DISCOVERABLE)
1730 flag |= BTM_BLE_GEN_DISC_FLAG;
1731 flag &= ~BTM_BLE_LIMIT_DISC_FLAG;
1733 else /* remove all discoverable flags */
1735 flag &= ~(BTM_BLE_LIMIT_DISC_FLAG|BTM_BLE_GEN_DISC_FLAG);
1738 if (flag != old_flag)
1740 btm_ble_update_adv_flag(flag);
1743 /*******************************************************************************
1745 ** Function btm_ble_set_discoverability
1747 ** Description This function is called to set BLE discoverable mode.
1749 ** Parameters: combined_mode: discoverability mode.
1751 ** Returns BTM_SUCCESS is status set successfully; otherwise failure.
1753 *******************************************************************************/
1754 tBTM_STATUS btm_ble_set_discoverability(UINT16 combined_mode)
1756 tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1757 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1758 UINT16 mode = (combined_mode & BTM_BLE_DISCOVERABLE_MASK);
1759 UINT8 new_mode = BTM_BLE_ADV_ENABLE;
1761 tBTM_STATUS status = BTM_SUCCESS;
1762 BD_ADDR p_addr_ptr= {0};
1763 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC,
1764 own_addr_type = p_addr_cb->own_addr_type;
1765 UINT16 adv_int_min, adv_int_max;
1767 BTM_TRACE_EVENT ("%s mode=0x%0x combined_mode=0x%x", __FUNCTION__, mode, combined_mode);
1769 /*** Check mode parameter ***/
1770 if (mode > BTM_BLE_MAX_DISCOVERABLE)
1771 return(BTM_ILLEGAL_VALUE);
1773 p_cb->discoverable_mode = mode;
1775 evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type, &own_addr_type);
1777 if (p_cb->connectable_mode == BTM_BLE_NON_CONNECTABLE && mode == BTM_BLE_NON_DISCOVERABLE)
1778 new_mode = BTM_BLE_ADV_DISABLE;
1780 btm_ble_select_adv_interval(p_cb, evt_type, &adv_int_min, &adv_int_max);
1782 alarm_cancel(p_cb->fast_adv_timer);
1784 /* update adv params if start advertising */
1785 BTM_TRACE_EVENT ("evt_type=0x%x p-cb->evt_type=0x%x ", evt_type, p_cb->evt_type);
1787 if (new_mode == BTM_BLE_ADV_ENABLE)
1789 btm_ble_set_adv_flag (btm_cb.btm_inq_vars.connectable_mode, combined_mode);
1791 if (evt_type != p_cb->evt_type ||p_cb->adv_addr_type != own_addr_type
1792 || !p_cb->fast_adv_on)
1796 /* update adv params */
1797 if (!btsnd_hcic_ble_write_adv_params (adv_int_min,
1806 status = BTM_NO_RESOURCES;
1810 p_cb->evt_type = evt_type;
1811 p_cb->adv_addr_type = own_addr_type;
1816 if (status == BTM_SUCCESS && p_cb->adv_mode != new_mode)
1818 if (new_mode == BTM_BLE_ADV_ENABLE)
1819 status = btm_ble_start_adv();
1821 status = btm_ble_stop_adv();
1824 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
1826 p_cb->fast_adv_on = TRUE;
1827 /* start initial GAP mode adv timer */
1828 alarm_set_on_queue(p_cb->fast_adv_timer,
1829 BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1830 btm_ble_fast_adv_timer_timeout, NULL,
1831 btu_general_alarm_queue);
1835 #if BLE_PRIVACY_SPT == TRUE
1836 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
1840 /* set up stop advertising timer */
1841 if (status == BTM_SUCCESS && mode == BTM_BLE_LIMITED_DISCOVERABLE)
1843 BTM_TRACE_EVENT("start timer for limited disc mode duration=%d ms",
1844 BTM_BLE_GAP_LIM_TIMEOUT_MS);
1845 /* start Tgap(lim_timeout) */
1846 alarm_set_on_queue(p_cb->inquiry_timer, BTM_BLE_GAP_LIM_TIMEOUT_MS,
1847 btm_ble_inquiry_timer_gap_limited_discovery_timeout,
1848 NULL, btu_general_alarm_queue);
1853 /*******************************************************************************
1855 ** Function btm_ble_set_connectability
1857 ** Description This function is called to set BLE connectability mode.
1859 ** Parameters: combined_mode: connectability mode.
1861 ** Returns BTM_SUCCESS is status set successfully; otherwise failure.
1863 *******************************************************************************/
1864 tBTM_STATUS btm_ble_set_connectability(UINT16 combined_mode)
1866 tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
1867 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
1868 UINT16 mode = (combined_mode & BTM_BLE_CONNECTABLE_MASK);
1869 UINT8 new_mode = BTM_BLE_ADV_ENABLE;
1871 tBTM_STATUS status = BTM_SUCCESS;
1872 BD_ADDR p_addr_ptr = {0};
1873 tBLE_ADDR_TYPE peer_addr_type = BLE_ADDR_PUBLIC,
1874 own_addr_type = p_addr_cb->own_addr_type;
1875 UINT16 adv_int_min, adv_int_max;
1877 BTM_TRACE_EVENT ("%s mode=0x%0x combined_mode=0x%x", __FUNCTION__, mode, combined_mode);
1879 /*** Check mode parameter ***/
1880 if (mode > BTM_BLE_MAX_CONNECTABLE)
1881 return(BTM_ILLEGAL_VALUE);
1883 p_cb->connectable_mode = mode;
1885 evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &peer_addr_type, &own_addr_type);
1887 if (mode == BTM_BLE_NON_CONNECTABLE && p_cb->discoverable_mode == BTM_BLE_NON_DISCOVERABLE)
1888 new_mode = BTM_BLE_ADV_DISABLE;
1890 btm_ble_select_adv_interval(p_cb, evt_type, &adv_int_min, &adv_int_max);
1892 alarm_cancel(p_cb->fast_adv_timer);
1893 /* update adv params if needed */
1894 if (new_mode == BTM_BLE_ADV_ENABLE)
1896 btm_ble_set_adv_flag (combined_mode, btm_cb.btm_inq_vars.discoverable_mode);
1897 if (p_cb->evt_type != evt_type || p_cb->adv_addr_type != p_addr_cb->own_addr_type
1898 || !p_cb->fast_adv_on)
1902 if (!btsnd_hcic_ble_write_adv_params (adv_int_min,
1911 status = BTM_NO_RESOURCES;
1915 p_cb->evt_type = evt_type;
1916 p_cb->adv_addr_type = own_addr_type;
1921 /* update advertising mode */
1922 if (status == BTM_SUCCESS && new_mode != p_cb->adv_mode)
1924 if (new_mode == BTM_BLE_ADV_ENABLE)
1925 status = btm_ble_start_adv();
1927 status = btm_ble_stop_adv();
1930 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
1932 p_cb->fast_adv_on = TRUE;
1933 /* start initial GAP mode adv timer */
1934 alarm_set_on_queue(p_cb->fast_adv_timer,
1935 BTM_BLE_GAP_FAST_ADV_TIMEOUT_MS,
1936 btm_ble_fast_adv_timer_timeout, NULL,
1937 btu_general_alarm_queue);
1941 #if BLE_PRIVACY_SPT == TRUE
1942 btm_ble_disable_resolving_list(BTM_BLE_RL_ADV, TRUE);
1948 /*******************************************************************************
1950 ** Function btm_ble_start_inquiry
1952 ** Description This function is called to start BLE inquiry procedure.
1953 ** If the duration is zero, the periodic inquiry mode is cancelled.
1955 ** Parameters: mode - GENERAL or LIMITED inquiry
1956 ** p_inq_params - pointer to the BLE inquiry parameter.
1957 ** p_results_cb - callback returning pointer to results (tBTM_INQ_RESULTS)
1958 ** p_cmpl_cb - callback indicating the end of an inquiry
1962 ** Returns BTM_CMD_STARTED if successfully started
1963 ** BTM_NO_RESOURCES if could not allocate a message buffer
1964 ** BTM_BUSY - if an inquiry is already active
1966 *******************************************************************************/
1967 tBTM_STATUS btm_ble_start_inquiry (UINT8 mode, UINT8 duration)
1969 tBTM_STATUS status = BTM_CMD_STARTED;
1970 tBTM_BLE_CB *p_ble_cb = &btm_cb.ble_ctr_cb;
1971 tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
1973 BTM_TRACE_DEBUG("btm_ble_start_inquiry: mode = %02x inq_active = 0x%02x", mode, btm_cb.btm_inq_vars.inq_active);
1975 /* if selective connection is active, or inquiry is already active, reject it */
1976 if (BTM_BLE_IS_INQ_ACTIVE(p_ble_cb->scan_activity) ||
1977 BTM_BLE_IS_SEL_CONN_ACTIVE (p_ble_cb->scan_activity))
1979 BTM_TRACE_ERROR("LE Inquiry is active, can not start inquiry");
1983 if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
1985 btsnd_hcic_ble_set_scan_params(BTM_BLE_SCAN_MODE_ACTI,
1986 BTM_BLE_LOW_LATENCY_SCAN_INT,
1987 BTM_BLE_LOW_LATENCY_SCAN_WIN,
1988 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
1990 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
1991 /* enable IRK list */
1992 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_SCAN);
1994 p_ble_cb->inq_var.scan_duplicate_filter = BTM_BLE_DUPLICATE_DISABLE;
1995 status = btm_ble_start_scan();
1997 else if ((p_ble_cb->inq_var.scan_interval != BTM_BLE_LOW_LATENCY_SCAN_INT) ||
1998 (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN)) {
1999 BTM_TRACE_DEBUG("%s, restart LE scan with low latency scan params", __FUNCTION__);
2000 btsnd_hcic_ble_set_scan_enable(BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2001 btsnd_hcic_ble_set_scan_params(BTM_BLE_SCAN_MODE_ACTI,
2002 BTM_BLE_LOW_LATENCY_SCAN_INT,
2003 BTM_BLE_LOW_LATENCY_SCAN_WIN,
2004 btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type,
2006 btsnd_hcic_ble_set_scan_enable(BTM_BLE_SCAN_ENABLE, BTM_BLE_DUPLICATE_DISABLE);
2009 if (status == BTM_CMD_STARTED)
2011 p_inq->inq_active |= mode;
2012 p_ble_cb->scan_activity |= mode;
2014 BTM_TRACE_DEBUG("btm_ble_start_inquiry inq_active = 0x%02x", p_inq->inq_active);
2016 if (duration != 0) {
2017 /* start inquiry timer */
2018 period_ms_t duration_ms = duration * 1000;
2019 alarm_set_on_queue(p_ble_cb->inq_var.inquiry_timer,
2020 duration_ms, btm_ble_inquiry_timer_timeout,
2021 NULL, btu_general_alarm_queue);
2029 /*******************************************************************************
2031 ** Function btm_ble_read_remote_name_cmpl
2033 ** Description This function is called when BLE remote name is received.
2037 *******************************************************************************/
2038 void btm_ble_read_remote_name_cmpl(BOOLEAN status, BD_ADDR bda, UINT16 length, char *p_name)
2040 UINT8 hci_status = HCI_SUCCESS;
2043 memset(bd_name, 0, (BD_NAME_LEN + 1));
2044 if (length > BD_NAME_LEN)
2046 length = BD_NAME_LEN;
2048 memcpy((UINT8*)bd_name, p_name, length);
2050 if ((!status) || (length==0))
2052 hci_status = HCI_ERR_HOST_TIMEOUT;
2055 btm_process_remote_name(bda, bd_name, length +1, hci_status);
2056 btm_sec_rmt_name_request_complete (bda, (UINT8 *)p_name, hci_status);
2059 /*******************************************************************************
2061 ** Function btm_ble_read_remote_name
2063 ** Description This function read remote LE device name using GATT read
2066 ** Parameters: None.
2070 *******************************************************************************/
2071 tBTM_STATUS btm_ble_read_remote_name(BD_ADDR remote_bda, tBTM_INQ_INFO *p_cur, tBTM_CMPL_CB *p_cb)
2073 tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2075 if (!controller_get_interface()->supports_ble())
2076 return BTM_ERR_PROCESSING;
2079 p_cur->results.ble_evt_type != BTM_BLE_EVT_CONN_ADV &&
2080 p_cur->results.ble_evt_type != BTM_BLE_EVT_CONN_DIR_ADV)
2082 BTM_TRACE_DEBUG("name request to non-connectable device failed.");
2083 return BTM_ERR_PROCESSING;
2086 /* read remote device name using GATT procedure */
2087 if (p_inq->remname_active)
2090 if (!GAP_BleReadPeerDevName(remote_bda, btm_ble_read_remote_name_cmpl))
2093 p_inq->p_remname_cmpl_cb = p_cb;
2094 p_inq->remname_active = TRUE;
2096 memcpy(p_inq->remname_bda, remote_bda, BD_ADDR_LEN);
2098 alarm_set_on_queue(p_inq->remote_name_timer,
2099 BTM_EXT_BLE_RMT_NAME_TIMEOUT_MS,
2100 btm_inq_remote_name_timer_timeout, NULL,
2101 btu_general_alarm_queue);
2103 return BTM_CMD_STARTED;
2106 /*******************************************************************************
2108 ** Function btm_ble_cancel_remote_name
2110 ** Description This function cancel read remote LE device name.
2112 ** Parameters: None.
2116 *******************************************************************************/
2117 BOOLEAN btm_ble_cancel_remote_name(BD_ADDR remote_bda)
2119 tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2122 status = GAP_BleCancelReadPeerDevName(remote_bda);
2124 p_inq->remname_active = FALSE;
2125 memset(p_inq->remname_bda, 0, BD_ADDR_LEN);
2126 alarm_cancel(p_inq->remote_name_timer);
2131 /*******************************************************************************
2133 ** Function btm_ble_update_adv_flag
2135 ** Description This function update the limited discoverable flag in the adv
2138 ** Parameters: None.
2142 *******************************************************************************/
2143 static void btm_ble_update_adv_flag(UINT8 flag)
2145 tBTM_BLE_LOCAL_ADV_DATA *p_adv_data = &btm_cb.ble_ctr_cb.inq_var.adv_data;
2148 BTM_TRACE_DEBUG ("btm_ble_update_adv_flag new=0x%x", flag);
2150 if (p_adv_data->p_flags != NULL)
2152 BTM_TRACE_DEBUG ("btm_ble_update_adv_flag old=0x%x", *p_adv_data->p_flags);
2153 *p_adv_data->p_flags = flag;
2155 else /* no FLAGS in ADV data*/
2157 p = (p_adv_data->p_pad == NULL) ? p_adv_data->ad_data : p_adv_data->p_pad;
2158 /* need 3 bytes space to stuff in the flags, if not */
2159 /* erase all written data, just for flags */
2160 if ((BTM_BLE_AD_DATA_LEN - (p - p_adv_data->ad_data)) < 3)
2162 p = p_adv_data->p_pad = p_adv_data->ad_data;
2163 memset(p_adv_data->ad_data, 0, BTM_BLE_AD_DATA_LEN);
2167 *p++ = BTM_BLE_AD_TYPE_FLAG;
2168 p_adv_data->p_flags = p;
2170 p_adv_data->p_pad = p;
2173 if (btsnd_hcic_ble_set_adv_data((UINT8)(p_adv_data->p_pad - p_adv_data->ad_data),
2174 p_adv_data->ad_data))
2175 p_adv_data->data_mask |= BTM_BLE_AD_BIT_FLAGS;
2180 /*******************************************************************************
2182 ** Function btm_ble_parse_adv_data
2184 ** Description This function parse the adv data into a structure.
2186 ** Returns pointer to entry, or NULL if not found
2188 *******************************************************************************/
2189 static void btm_ble_parse_adv_data(tBTM_INQ_INFO *p_info, UINT8 *p_data,
2190 UINT8 len, tBTM_BLE_INQ_DATA *p_adv_data, UINT8 *p_buf)
2192 UINT8 *p_cur = p_data;
2193 UINT8 ad_len, ad_type, ad_flag;
2195 BTM_TRACE_EVENT (" btm_ble_parse_adv_data");
2199 BTM_TRACE_DEBUG("btm_ble_parse_adv_data: len = %d", len);
2200 if ((ad_len = *p_cur ++) == 0)
2203 ad_type = *p_cur ++;
2205 BTM_TRACE_DEBUG(" ad_type = %02x ad_len = %d", ad_type, ad_len);
2209 case BTM_BLE_AD_TYPE_NAME_SHORT:
2211 case BTM_BLE_AD_TYPE_NAME_CMPL:
2212 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_DEV_NAME;
2215 p_info->remote_name_type =(ad_type == BTM_BLE_AD_TYPE_NAME_SHORT) ?
2216 BTM_BLE_NAME_SHORT: BTM_BLE_NAME_CMPL;
2217 memcpy(p_info->remote_name, p_cur, ad_len -1);
2218 p_info->remote_name[ad_len] = 0;
2219 p_adv_data->p_remote_name = p_info->remote_name;
2220 p_info->remote_name_len = p_adv_data->remote_name_len = ad_len - 1;
2221 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_NAME name = %s",p_adv_data->p_remote_name);
2223 p_cur += (ad_len -1);
2227 case BTM_BLE_AD_TYPE_FLAG:
2228 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_FLAGS;
2229 ad_flag = *p_cur ++;
2230 p_adv_data->flag = (UINT8)(ad_flag & BTM_BLE_ADV_FLAG_MASK) ;
2231 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_FLAG flag = %s | %s | %s",
2232 (p_adv_data->flag & BTM_BLE_LIMIT_DISC_FLAG)? "LE_LIMIT_DISC" : "",
2233 (p_adv_data->flag & BTM_BLE_GEN_DISC_FLAG)? "LE_GENERAL_DISC" : "",
2234 (p_adv_data->flag & BTM_BLE_BREDR_NOT_SPT)? "LE Only device" : "");
2237 case BTM_BLE_AD_TYPE_TX_PWR:
2238 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_TX_PWR;
2239 p_adv_data->tx_power_level = (INT8)*p_cur ++;
2240 BTM_TRACE_DEBUG("BTM_BLE_AD_TYPE_TX_PWR tx_level = %d", p_adv_data->tx_power_level);
2243 case BTM_BLE_AD_TYPE_MANU:
2245 case BTM_BLE_AD_TYPE_16SRV_PART:
2246 case BTM_BLE_AD_TYPE_16SRV_CMPL:
2247 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE;
2248 /* need allocate memory to store UUID list */
2249 p_adv_data->service.num_service = (ad_len - 1)/2;
2250 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2251 p_cur += (ad_len - 1);
2254 case BTM_BLE_AD_TYPE_SOL_SRV_UUID:
2255 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE_SOL;
2256 /* need allocate memory to store UUID list */
2257 p_adv_data->service.num_service = (ad_len - 1)/2;
2258 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2259 p_cur += (ad_len - 1);
2262 case BTM_BLE_AD_TYPE_128SOL_SRV_UUID:
2263 p_adv_data->ad_mask |= BTM_BLE_AD_BIT_SERVICE_128SOL;
2264 /* need allocate memory to store UUID list */
2265 p_adv_data->service.num_service = (ad_len - 1)/16;
2266 BTM_TRACE_DEBUG("service UUID list, num = %d", p_adv_data->service.num_service);
2267 p_cur += (ad_len - 1);
2270 case BTM_BLE_AD_TYPE_APPEARANCE:
2271 case BTM_BLE_AD_TYPE_PUBLIC_TARGET:
2272 case BTM_BLE_AD_TYPE_RANDOM_TARGET:
2276 len -= (ad_len + 1);
2281 /*******************************************************************************
2283 ** Function btm_ble_cache_adv_data
2285 ** Description Update advertising cache data.
2289 *******************************************************************************/
2290 BOOLEAN btm_ble_cache_adv_data(tBTM_INQ_RESULTS *p_cur, UINT8 data_len, UINT8 *p, UINT8 evt_type)
2292 tBTM_BLE_INQ_CB *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2297 /* cache adv report/scan response data */
2298 if (evt_type != BTM_BLE_SCAN_RSP_EVT)
2300 p_le_inq_cb->adv_len = 0;
2301 memset(p_le_inq_cb->adv_data_cache, 0, BTM_BLE_CACHE_ADV_DATA_MAX);
2306 p_cache = &p_le_inq_cb->adv_data_cache[p_le_inq_cb->adv_len];
2307 STREAM_TO_UINT8(length, p);
2308 while ( length && ((p_le_inq_cb->adv_len + length + 1) <= BTM_BLE_CACHE_ADV_DATA_MAX))
2310 /* adv record size must be smaller than the total adv data size */
2311 if ((length + 1) > data_len) {
2312 BTM_TRACE_ERROR("BTM - got incorrect LE advertising data");
2313 android_errorWriteLog(0x534e4554, "33899337");
2316 /* copy from the length byte & data into cache */
2317 memcpy(p_cache, p-1, length+1);
2318 /* reduce the total data size by size of data copied */
2319 data_len -= length + 1;
2320 /* advance the cache pointer past data */
2321 p_cache += length+1;
2322 /* increment cache length */
2323 p_le_inq_cb->adv_len += length+1;
2324 /* skip the length of data */
2326 STREAM_TO_UINT8(length, p);
2331 /* parse service UUID from adv packet and save it in inq db eir_uuid */
2335 /*******************************************************************************
2337 ** Function btm_ble_is_discoverable
2339 ** Description check ADV flag to make sure device is discoverable and match
2340 ** the search condition
2346 *******************************************************************************/
2347 UINT8 btm_ble_is_discoverable(BD_ADDR bda, UINT8 evt_type, UINT8 *p)
2349 UINT8 *p_flag, flag = 0, rt = 0;
2351 tBTM_INQ_PARMS *p_cond = &btm_cb.btm_inq_vars.inqparms;
2352 tBTM_BLE_INQ_CB *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2356 /* for observer, always "discoverable */
2357 if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2358 rt |= BTM_BLE_OBS_RESULT;
2360 if (BTM_BLE_IS_SEL_CONN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity) &&
2361 (evt_type == BTM_BLE_CONNECT_EVT || evt_type == BTM_BLE_CONNECT_DIR_EVT))
2362 rt |= BTM_BLE_SEL_CONN_RESULT;
2364 /* does not match filter condition */
2365 if (p_cond->filter_cond_type == BTM_FILTER_COND_BD_ADDR &&
2366 memcmp(bda, p_cond->filter_cond.bdaddr_cond, BD_ADDR_LEN) != 0)
2368 BTM_TRACE_DEBUG("BD ADDR does not meet filter condition");
2372 if (p_le_inq_cb->adv_len != 0)
2374 if ((p_flag = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache,
2375 BTM_BLE_AD_TYPE_FLAG, &data_len)) != NULL)
2379 if ((btm_cb.btm_inq_vars.inq_active & BTM_BLE_GENERAL_INQUIRY) &&
2380 (flag & (BTM_BLE_LIMIT_DISC_FLAG|BTM_BLE_GEN_DISC_FLAG)) != 0)
2382 BTM_TRACE_DEBUG("Find Generable Discoverable device");
2383 rt |= BTM_BLE_INQ_RESULT;
2386 else if (btm_cb.btm_inq_vars.inq_active & BTM_BLE_LIMITED_INQUIRY &&
2387 (flag & BTM_BLE_LIMIT_DISC_FLAG) != 0)
2389 BTM_TRACE_DEBUG("Find limited discoverable device");
2390 rt |= BTM_BLE_INQ_RESULT;
2397 static void btm_ble_appearance_to_cod(UINT16 appearance, UINT8 *dev_class)
2403 case BTM_BLE_APPEARANCE_GENERIC_PHONE:
2404 dev_class[1] = BTM_COD_MAJOR_PHONE;
2405 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2407 case BTM_BLE_APPEARANCE_GENERIC_COMPUTER:
2408 dev_class[1] = BTM_COD_MAJOR_COMPUTER;
2409 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2411 case BTM_BLE_APPEARANCE_GENERIC_REMOTE:
2412 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2413 dev_class[2] = BTM_COD_MINOR_REMOTE_CONTROL;
2415 case BTM_BLE_APPEARANCE_GENERIC_THERMOMETER:
2416 case BTM_BLE_APPEARANCE_THERMOMETER_EAR:
2417 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2418 dev_class[2] = BTM_COD_MINOR_THERMOMETER;
2420 case BTM_BLE_APPEARANCE_GENERIC_HEART_RATE:
2421 case BTM_BLE_APPEARANCE_HEART_RATE_BELT:
2422 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2423 dev_class[2] = BTM_COD_MINOR_HEART_PULSE_MONITOR;
2425 case BTM_BLE_APPEARANCE_GENERIC_BLOOD_PRESSURE:
2426 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_ARM:
2427 case BTM_BLE_APPEARANCE_BLOOD_PRESSURE_WRIST:
2428 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2429 dev_class[2] = BTM_COD_MINOR_BLOOD_MONITOR;
2431 case BTM_BLE_APPEARANCE_GENERIC_PULSE_OXIMETER:
2432 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_FINGERTIP:
2433 case BTM_BLE_APPEARANCE_PULSE_OXIMETER_WRIST:
2434 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2435 dev_class[2] = BTM_COD_MINOR_PULSE_OXIMETER;
2437 case BTM_BLE_APPEARANCE_GENERIC_GLUCOSE:
2438 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2439 dev_class[2] = BTM_COD_MINOR_GLUCOSE_METER;
2441 case BTM_BLE_APPEARANCE_GENERIC_WEIGHT:
2442 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2443 dev_class[2] = BTM_COD_MINOR_WEIGHING_SCALE;
2445 case BTM_BLE_APPEARANCE_GENERIC_WALKING:
2446 case BTM_BLE_APPEARANCE_WALKING_IN_SHOE:
2447 case BTM_BLE_APPEARANCE_WALKING_ON_SHOE:
2448 case BTM_BLE_APPEARANCE_WALKING_ON_HIP:
2449 dev_class[1] = BTM_COD_MAJOR_HEALTH;
2450 dev_class[2] = BTM_COD_MINOR_STEP_COUNTER;
2452 case BTM_BLE_APPEARANCE_GENERIC_WATCH:
2453 case BTM_BLE_APPEARANCE_SPORTS_WATCH:
2454 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
2455 dev_class[2] = BTM_COD_MINOR_WRIST_WATCH;
2457 case BTM_BLE_APPEARANCE_GENERIC_EYEGLASSES:
2458 dev_class[1] = BTM_COD_MAJOR_WEARABLE;
2459 dev_class[2] = BTM_COD_MINOR_GLASSES;
2461 case BTM_BLE_APPEARANCE_GENERIC_DISPLAY:
2462 dev_class[1] = BTM_COD_MAJOR_IMAGING;
2463 dev_class[2] = BTM_COD_MINOR_DISPLAY;
2465 case BTM_BLE_APPEARANCE_GENERIC_MEDIA_PLAYER:
2466 dev_class[1] = BTM_COD_MAJOR_AUDIO;
2467 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2469 case BTM_BLE_APPEARANCE_GENERIC_BARCODE_SCANNER:
2470 case BTM_BLE_APPEARANCE_HID_BARCODE_SCANNER:
2471 case BTM_BLE_APPEARANCE_GENERIC_HID:
2472 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2473 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2475 case BTM_BLE_APPEARANCE_HID_KEYBOARD:
2476 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2477 dev_class[2] = BTM_COD_MINOR_KEYBOARD;
2479 case BTM_BLE_APPEARANCE_HID_MOUSE:
2480 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2481 dev_class[2] = BTM_COD_MINOR_POINTING;
2483 case BTM_BLE_APPEARANCE_HID_JOYSTICK:
2484 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2485 dev_class[2] = BTM_COD_MINOR_JOYSTICK;
2487 case BTM_BLE_APPEARANCE_HID_GAMEPAD:
2488 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2489 dev_class[2] = BTM_COD_MINOR_GAMEPAD;
2491 case BTM_BLE_APPEARANCE_HID_DIGITIZER_TABLET:
2492 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2493 dev_class[2] = BTM_COD_MINOR_DIGITIZING_TABLET;
2495 case BTM_BLE_APPEARANCE_HID_CARD_READER:
2496 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2497 dev_class[2] = BTM_COD_MINOR_CARD_READER;
2499 case BTM_BLE_APPEARANCE_HID_DIGITAL_PEN:
2500 dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2501 dev_class[2] = BTM_COD_MINOR_DIGITAL_PAN;
2503 case BTM_BLE_APPEARANCE_UKNOWN:
2504 case BTM_BLE_APPEARANCE_GENERIC_CLOCK:
2505 case BTM_BLE_APPEARANCE_GENERIC_TAG:
2506 case BTM_BLE_APPEARANCE_GENERIC_KEYRING:
2507 case BTM_BLE_APPEARANCE_GENERIC_CYCLING:
2508 case BTM_BLE_APPEARANCE_CYCLING_COMPUTER:
2509 case BTM_BLE_APPEARANCE_CYCLING_SPEED:
2510 case BTM_BLE_APPEARANCE_CYCLING_CADENCE:
2511 case BTM_BLE_APPEARANCE_CYCLING_POWER:
2512 case BTM_BLE_APPEARANCE_CYCLING_SPEED_CADENCE:
2513 case BTM_BLE_APPEARANCE_GENERIC_OUTDOOR_SPORTS:
2514 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION:
2515 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_AND_NAV:
2516 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD:
2517 case BTM_BLE_APPEARANCE_OUTDOOR_SPORTS_LOCATION_POD_AND_NAV:
2519 dev_class[1] = BTM_COD_MAJOR_UNCLASSIFIED;
2520 dev_class[2] = BTM_COD_MINOR_UNCLASSIFIED;
2524 /*******************************************************************************
2526 ** Function btm_ble_update_inq_result
2528 ** Description Update adv packet information into inquiry result.
2534 *******************************************************************************/
2535 BOOLEAN btm_ble_update_inq_result(tINQ_DB_ENT *p_i, UINT8 addr_type, UINT8 evt_type, UINT8 *p)
2537 BOOLEAN to_report = TRUE;
2538 tBTM_INQ_RESULTS *p_cur = &p_i->inq_info.results;
2541 tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2542 UINT8 data_len, rssi;
2543 tBTM_BLE_INQ_CB *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2547 STREAM_TO_UINT8 (data_len, p);
2549 if (data_len > BTM_BLE_ADV_DATA_LEN_MAX)
2551 BTM_TRACE_WARNING("EIR data too long %d. discard", data_len);
2554 if (!btm_ble_cache_adv_data(p_cur, data_len, p, evt_type)) {
2558 p1 = (p + data_len);
2559 STREAM_TO_UINT8 (rssi, p1);
2562 p_cur->inq_result_type = BTM_INQ_RESULT_BLE;
2563 p_cur->ble_addr_type = addr_type;
2566 /* active scan, always wait until get scan_rsp to report the result */
2567 if ((btm_cb.ble_ctr_cb.inq_var.scan_type == BTM_BLE_SCAN_MODE_ACTI &&
2568 (evt_type == BTM_BLE_CONNECT_EVT || evt_type == BTM_BLE_DISCOVER_EVT)))
2570 BTM_TRACE_DEBUG("btm_ble_update_inq_result scan_rsp=false, to_report=false,\
2571 scan_type_active=%d", btm_cb.ble_ctr_cb.inq_var.scan_type);
2572 p_i->scan_rsp = FALSE;
2576 p_i->scan_rsp = TRUE;
2578 if (p_i->inq_count != p_inq->inq_counter)
2579 p_cur->device_type = BT_DEVICE_TYPE_BLE;
2581 p_cur->device_type |= BT_DEVICE_TYPE_BLE;
2583 if (evt_type != BTM_BLE_SCAN_RSP_EVT)
2584 p_cur->ble_evt_type = evt_type;
2586 p_i->inq_count = p_inq->inq_counter; /* Mark entry for current inquiry */
2588 if (p_le_inq_cb->adv_len != 0)
2590 if ((p_flag = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache, BTM_BLE_AD_TYPE_FLAG, &len)) != NULL)
2591 p_cur->flag = * p_flag;
2594 if (p_le_inq_cb->adv_len != 0)
2596 /* Check to see the BLE device has the Appearance UUID in the advertising data. If it does
2597 * then try to convert the appearance value to a class of device value Bluedroid can use.
2598 * Otherwise fall back to trying to infer if it is a HID device based on the service class.
2600 p_uuid16 = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache, BTM_BLE_AD_TYPE_APPEARANCE, &len);
2601 if (p_uuid16 && len == 2)
2603 btm_ble_appearance_to_cod((UINT16)p_uuid16[0] | (p_uuid16[1] << 8), p_cur->dev_class);
2607 if ((p_uuid16 = BTM_CheckAdvData(p_le_inq_cb->adv_data_cache,
2608 BTM_BLE_AD_TYPE_16SRV_CMPL, &len)) != NULL)
2611 for (i = 0; i + 2 <= len; i = i + 2)
2613 /* if this BLE device support HID over LE, set HID Major in class of device */
2614 if ((p_uuid16[i] | (p_uuid16[i+1] << 8)) == UUID_SERVCLASS_LE_HID)
2616 p_cur->dev_class[0] = 0;
2617 p_cur->dev_class[1] = BTM_COD_MAJOR_PERIPHERAL;
2618 p_cur->dev_class[2] = 0;
2626 /* if BR/EDR not supported is not set, assume is a DUMO device */
2627 if ((p_cur->flag & BTM_BLE_BREDR_NOT_SPT) == 0 &&
2628 evt_type != BTM_BLE_CONNECT_DIR_EVT)
2630 if (p_cur->ble_addr_type != BLE_ADDR_RANDOM)
2632 BTM_TRACE_DEBUG("BR/EDR NOT support bit not set, treat as DUMO");
2633 p_cur->device_type |= BT_DEVICE_TYPE_DUMO;
2635 BTM_TRACE_DEBUG("Random address, treating device as LE only");
2640 BTM_TRACE_DEBUG("BR/EDR NOT SUPPORT bit set, LE only device");
2647 /*******************************************************************************
2649 ** Function btm_clear_all_pending_le_entry
2651 ** Description This function is called to clear all LE pending entry in
2652 ** inquiry database.
2656 *******************************************************************************/
2657 void btm_clear_all_pending_le_entry(void)
2660 tINQ_DB_ENT *p_ent = btm_cb.btm_inq_vars.inq_db;
2662 for (xx = 0; xx < BTM_INQ_DB_SIZE; xx++, p_ent++)
2664 /* mark all pending LE entry as unused if an LE only device has scan response outstanding */
2665 if ((p_ent->in_use) &&
2666 (p_ent->inq_info.results.device_type == BT_DEVICE_TYPE_BLE) &&
2668 p_ent->in_use = FALSE;
2672 /*******************************************************************************
2674 ** Function btm_send_sel_conn_callback
2676 ** Description send selection connection request callback.
2682 *******************************************************************************/
2683 void btm_send_sel_conn_callback(BD_ADDR remote_bda, UINT8 evt_type, UINT8 *p_data, UINT8 addr_type)
2685 UINT8 data_len, len;
2686 UINT8 *p_dev_name, remname[31] = {0};
2689 if (btm_cb.ble_ctr_cb.p_select_cback == NULL ||
2690 /* non-connectable device */
2691 (evt_type != BTM_BLE_EVT_CONN_ADV && evt_type != BTM_BLE_EVT_CONN_DIR_ADV))
2694 STREAM_TO_UINT8 (data_len, p_data);
2696 /* get the device name if exist in ADV data */
2699 p_dev_name = BTM_CheckAdvData(p_data, BTM_BLE_AD_TYPE_NAME_CMPL, &len);
2701 if (p_dev_name == NULL)
2702 p_dev_name = BTM_CheckAdvData(p_data, BTM_BLE_AD_TYPE_NAME_SHORT, &len);
2705 memcpy(remname, p_dev_name, len);
2707 /* allow connection */
2708 if ((* btm_cb.ble_ctr_cb.p_select_cback)(remote_bda, remname))
2710 /* terminate selective connection, initiate connection */
2711 btm_ble_initiate_select_conn(remote_bda);
2715 /*******************************************************************************
2717 ** Function btm_ble_process_adv_pkt
2719 ** Description This function is called when adv packet report events are
2720 ** received from the device. It updates the inquiry database.
2721 ** If the inquiry database is full, the oldest entry is discarded.
2727 *******************************************************************************/
2728 void btm_ble_process_adv_pkt (UINT8 *p_data)
2731 UINT8 evt_type = 0, *p = p_data;
2732 UINT8 addr_type = 0;
2735 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
2736 BOOLEAN match = FALSE;
2739 /* Only process the results if the inquiry is still active */
2740 if (!BTM_BLE_IS_SCAN_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2743 /* Extract the number of reports in this event. */
2744 STREAM_TO_UINT8(num_reports, p);
2746 while (num_reports--)
2748 /* Extract inquiry results */
2749 STREAM_TO_UINT8 (evt_type, p);
2750 STREAM_TO_UINT8 (addr_type, p);
2751 STREAM_TO_BDADDR (bda, p);
2753 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
2754 /* map address to security record */
2755 match = btm_identity_addr_to_random_pseudo(bda, &addr_type, FALSE);
2757 BTM_TRACE_DEBUG("btm_ble_process_adv_pkt:bda= %0x:%0x:%0x:%0x:%0x:%0x",
2758 bda[0],bda[1],bda[2],bda[3],bda[4],bda[5]);
2759 /* always do RRA resolution on host */
2760 if (!match && BTM_BLE_IS_RESOLVE_BDA(bda))
2762 btm_ble_resolve_random_addr(bda, btm_ble_resolve_random_addr_on_adv, p_data);
2766 btm_ble_process_adv_pkt_cont(bda, addr_type, evt_type, p);
2768 STREAM_TO_UINT8(data_len, p);
2770 /* Advance to the next event data_len + rssi byte */
2775 /*******************************************************************************
2777 ** Function btm_ble_process_adv_pkt_cont
2779 ** Description This function is called after random address resolution is
2780 ** done, and proceed to process adv packet.
2786 *******************************************************************************/
2787 static void btm_ble_process_adv_pkt_cont(BD_ADDR bda, UINT8 addr_type, UINT8 evt_type, UINT8 *p)
2790 tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2791 tBTM_INQ_RESULTS_CB *p_inq_results_cb = p_inq->p_inq_results_cb;
2792 tBTM_INQ_RESULTS_CB *p_obs_results_cb = btm_cb.ble_ctr_cb.p_obs_results_cb;
2793 tBTM_BLE_INQ_CB *p_le_inq_cb = &btm_cb.ble_ctr_cb.inq_var;
2794 BOOLEAN update = TRUE;
2797 p_i = btm_inq_db_find (bda);
2799 /* Check if this address has already been processed for this inquiry */
2800 if (btm_inq_find_bdaddr(bda))
2802 /* never been report as an LE device */
2804 (!(p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) ||
2805 /* scan repsonse to be updated */
2810 else if (BTM_BLE_IS_OBS_ACTIVE(btm_cb.ble_ctr_cb.scan_activity))
2816 /* if yes, skip it */
2817 return; /* assumption: one result per event */
2820 /* If existing entry, use that, else get a new one (possibly reusing the oldest) */
2823 if ((p_i = btm_inq_db_new (bda)) != NULL)
2825 p_inq->inq_cmpl_info.num_resp++;
2830 else if (p_i->inq_count != p_inq->inq_counter) /* first time seen in this inquiry */
2832 p_inq->inq_cmpl_info.num_resp++;
2834 /* update the LE device information in inquiry database */
2835 if (!btm_ble_update_inq_result(p_i, addr_type, evt_type, p))
2838 if ((result = btm_ble_is_discoverable(bda, evt_type, p)) == 0)
2840 LOG_WARN(LOG_TAG, "%s device is no longer discoverable so discarding advertising packet pkt",
2845 result &= ~BTM_BLE_INQ_RESULT;
2846 /* If the number of responses found and limited, issue a cancel inquiry */
2847 if (p_inq->inqparms.max_resps &&
2848 p_inq->inq_cmpl_info.num_resp == p_inq->inqparms.max_resps)
2852 /* assume a DUMO device, BR/EDR inquiry is always active */
2854 (p_i->inq_info.results.device_type & BT_DEVICE_TYPE_BLE) == BT_DEVICE_TYPE_BLE &&
2857 BTM_TRACE_WARNING("INQ RES: Extra Response Received...cancelling inquiry..");
2859 /* if is non-periodic inquiry active, cancel now */
2860 if ((p_inq->inq_active & BTM_BR_INQ_ACTIVE_MASK) != 0 &&
2861 (p_inq->inq_active & BTM_PERIODIC_INQUIRY_ACTIVE) == 0)
2862 btsnd_hcic_inq_cancel();
2864 btm_ble_stop_inquiry();
2866 btm_acl_update_busy_level (BTM_BLI_INQ_DONE_EVT);
2869 /* background connection in selective connection mode */
2870 if (btm_cb.ble_ctr_cb.bg_conn_type == BTM_BLE_CONN_SELECTIVE)
2872 if (result & BTM_BLE_SEL_CONN_RESULT)
2873 btm_send_sel_conn_callback(bda, evt_type, p, addr_type);
2876 BTM_TRACE_DEBUG("None LE device, can not initiate selective connection");
2881 if (p_inq_results_cb && (result & BTM_BLE_INQ_RESULT))
2883 (p_inq_results_cb)((tBTM_INQ_RESULTS *) &p_i->inq_info.results, p_le_inq_cb->adv_data_cache);
2885 if (p_obs_results_cb && (result & BTM_BLE_OBS_RESULT))
2887 (p_obs_results_cb)((tBTM_INQ_RESULTS *) &p_i->inq_info.results, p_le_inq_cb->adv_data_cache);
2892 /*******************************************************************************
2894 ** Function btm_ble_start_scan
2896 ** Description Start the BLE scan.
2900 *******************************************************************************/
2901 tBTM_STATUS btm_ble_start_scan(void)
2903 tBTM_BLE_INQ_CB *p_inq = &btm_cb.ble_ctr_cb.inq_var;
2904 tBTM_STATUS status = BTM_CMD_STARTED;
2906 /* start scan, disable duplicate filtering */
2907 if (!btsnd_hcic_ble_set_scan_enable (BTM_BLE_SCAN_ENABLE, p_inq->scan_duplicate_filter))
2909 status = BTM_NO_RESOURCES;
2913 if (p_inq->scan_type == BTM_BLE_SCAN_MODE_ACTI)
2914 btm_ble_set_topology_mask(BTM_BLE_STATE_ACTIVE_SCAN_BIT);
2916 btm_ble_set_topology_mask(BTM_BLE_STATE_PASSIVE_SCAN_BIT);
2921 /*******************************************************************************
2923 ** Function btm_ble_stop_scan
2925 ** Description Stop the BLE scan.
2929 *******************************************************************************/
2930 void btm_ble_stop_scan(void)
2932 BTM_TRACE_EVENT ("btm_ble_stop_scan ");
2934 /* Clear the inquiry callback if set */
2935 btm_cb.ble_ctr_cb.inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
2937 /* stop discovery now */
2938 btsnd_hcic_ble_set_scan_enable (BTM_BLE_SCAN_DISABLE, BTM_BLE_DUPLICATE_ENABLE);
2940 btm_update_scanner_filter_policy(SP_ADV_ALL);
2942 btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_SCAN;
2944 /*******************************************************************************
2946 ** Function btm_ble_stop_inquiry
2948 ** Description Stop the BLE Inquiry.
2952 *******************************************************************************/
2953 void btm_ble_stop_inquiry(void)
2955 tBTM_INQUIRY_VAR_ST *p_inq = &btm_cb.btm_inq_vars;
2956 tBTM_BLE_CB *p_ble_cb = &btm_cb.ble_ctr_cb;
2958 alarm_cancel(p_ble_cb->inq_var.inquiry_timer);
2960 p_ble_cb->scan_activity &= ~BTM_BLE_INQUIRY_MASK;
2962 /* If no more scan activity, stop LE scan now */
2963 if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
2964 btm_ble_stop_scan();
2965 else if((p_ble_cb->inq_var.scan_interval != BTM_BLE_LOW_LATENCY_SCAN_INT) ||
2966 (p_ble_cb->inq_var.scan_window != BTM_BLE_LOW_LATENCY_SCAN_WIN))
2968 BTM_TRACE_DEBUG("%s: setting default params for ongoing observe", __FUNCTION__);
2969 btm_ble_stop_scan();
2970 btm_ble_start_scan();
2973 /* If we have a callback registered for inquiry complete, call it */
2974 BTM_TRACE_DEBUG ("BTM Inq Compl Callback: status 0x%02x, num results %d",
2975 p_inq->inq_cmpl_info.status, p_inq->inq_cmpl_info.num_resp);
2977 btm_process_inq_complete(HCI_SUCCESS, (UINT8)(p_inq->inqparms.mode & BTM_BLE_INQUIRY_MASK));
2980 /*******************************************************************************
2982 ** Function btm_ble_stop_observe
2984 ** Description Stop the BLE Observe.
2988 *******************************************************************************/
2989 static void btm_ble_stop_observe(void)
2991 tBTM_BLE_CB *p_ble_cb = & btm_cb.ble_ctr_cb;
2992 tBTM_CMPL_CB *p_obs_cb = p_ble_cb->p_obs_cmpl_cb;
2994 alarm_cancel(p_ble_cb->observer_timer);
2996 p_ble_cb->scan_activity &= ~BTM_LE_OBSERVE_ACTIVE;
2998 p_ble_cb->p_obs_results_cb = NULL;
2999 p_ble_cb->p_obs_cmpl_cb = NULL;
3001 if (!BTM_BLE_IS_SCAN_ACTIVE(p_ble_cb->scan_activity))
3002 btm_ble_stop_scan();
3005 (p_obs_cb)((tBTM_INQUIRY_CMPL *) &btm_cb.btm_inq_vars.inq_cmpl_info);
3007 /*******************************************************************************
3009 ** Function btm_ble_adv_states_operation
3011 ** Description Set or clear adv states in topology mask
3013 ** Returns operation status. TRUE if sucessful, FALSE otherwise.
3015 *******************************************************************************/
3016 typedef BOOLEAN (BTM_TOPOLOGY_FUNC_PTR)(tBTM_BLE_STATE_MASK);
3017 static BOOLEAN btm_ble_adv_states_operation(BTM_TOPOLOGY_FUNC_PTR *p_handler, UINT8 adv_evt)
3023 case BTM_BLE_CONNECT_EVT:
3024 rt = (*p_handler)(BTM_BLE_STATE_CONN_ADV_BIT);
3027 case BTM_BLE_NON_CONNECT_EVT:
3028 rt = (*p_handler) (BTM_BLE_STATE_NON_CONN_ADV_BIT);
3030 case BTM_BLE_CONNECT_DIR_EVT:
3031 rt = (*p_handler) (BTM_BLE_STATE_HI_DUTY_DIR_ADV_BIT);
3034 case BTM_BLE_DISCOVER_EVT:
3035 rt = (*p_handler) (BTM_BLE_STATE_SCAN_ADV_BIT);
3038 case BTM_BLE_CONNECT_LO_DUTY_DIR_EVT:
3039 rt = (*p_handler) (BTM_BLE_STATE_LO_DUTY_DIR_ADV_BIT);
3043 BTM_TRACE_ERROR("unknown adv event : %d", adv_evt);
3050 /*******************************************************************************
3052 ** Function btm_ble_start_adv
3054 ** Description start the BLE advertising.
3058 *******************************************************************************/
3059 tBTM_STATUS btm_ble_start_adv(void)
3061 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3062 tBTM_STATUS rt = BTM_NO_RESOURCES;
3064 if (!btm_ble_adv_states_operation (btm_ble_topology_check, p_cb->evt_type))
3065 return BTM_WRONG_MODE;
3067 #if (defined BLE_PRIVACY_SPT && BLE_PRIVACY_SPT == TRUE)
3068 /* To relax resolving list, always have resolving list enabled, unless directed adv */
3069 if (p_cb->evt_type != BTM_BLE_CONNECT_LO_DUTY_DIR_EVT &&
3070 p_cb->evt_type != BTM_BLE_CONNECT_DIR_EVT)
3071 /* enable resolving list is desired */
3072 btm_ble_enable_resolving_list_for_platform(BTM_BLE_RL_ADV);
3074 if (p_cb->afp != AP_SCAN_CONN_ALL)
3076 btm_execute_wl_dev_operation();
3077 btm_cb.ble_ctr_cb.wl_state |= BTM_BLE_WL_ADV;
3080 if (btsnd_hcic_ble_set_adv_enable (BTM_BLE_ADV_ENABLE))
3082 p_cb->adv_mode = BTM_BLE_ADV_ENABLE;
3083 btm_ble_adv_states_operation(btm_ble_set_topology_mask, p_cb->evt_type);
3088 p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
3089 btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_ADV;
3094 /*******************************************************************************
3096 ** Function btm_ble_stop_adv
3098 ** Description Stop the BLE advertising.
3102 *******************************************************************************/
3103 tBTM_STATUS btm_ble_stop_adv(void)
3105 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3106 tBTM_STATUS rt = BTM_SUCCESS;
3108 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
3110 if (btsnd_hcic_ble_set_adv_enable (BTM_BLE_ADV_DISABLE))
3112 p_cb->fast_adv_on = FALSE;
3113 p_cb->adv_mode = BTM_BLE_ADV_DISABLE;
3114 btm_cb.ble_ctr_cb.wl_state &= ~BTM_BLE_WL_ADV;
3116 /* clear all adv states */
3117 btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_ADV_MASK);
3120 rt = BTM_NO_RESOURCES;
3125 static void btm_ble_fast_adv_timer_timeout(UNUSED_ATTR void *data)
3127 /* fast adv is completed, fall back to slow adv interval */
3128 btm_ble_start_slow_adv();
3131 /*******************************************************************************
3133 ** Function btm_ble_start_slow_adv
3135 ** Description Restart adv with slow adv interval
3139 *******************************************************************************/
3140 static void btm_ble_start_slow_adv(void)
3142 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3144 if (p_cb->adv_mode == BTM_BLE_ADV_ENABLE)
3146 tBTM_LE_RANDOM_CB *p_addr_cb = &btm_cb.ble_ctr_cb.addr_mgnt_cb;
3147 BD_ADDR p_addr_ptr = {0};
3148 tBLE_ADDR_TYPE init_addr_type = BLE_ADDR_PUBLIC;
3149 tBLE_ADDR_TYPE own_addr_type = p_addr_cb->own_addr_type;
3153 p_cb->evt_type = btm_set_conn_mode_adv_init_addr(p_cb, p_addr_ptr, &init_addr_type,
3156 /* slow adv mode never goes into directed adv */
3157 btsnd_hcic_ble_write_adv_params (BTM_BLE_GAP_ADV_SLOW_INT, BTM_BLE_GAP_ADV_SLOW_INT,
3158 p_cb->evt_type, own_addr_type,
3159 init_addr_type, p_addr_ptr,
3160 p_cb->adv_chnl_map, p_cb->afp);
3162 btm_ble_start_adv();
3166 static void btm_ble_inquiry_timer_gap_limited_discovery_timeout(UNUSED_ATTR void *data)
3168 /* lim_timeout expired, limited discovery should exit now */
3169 btm_cb.btm_inq_vars.discoverable_mode &= ~BTM_BLE_LIMITED_DISCOVERABLE;
3170 btm_ble_set_adv_flag(btm_cb.btm_inq_vars.connectable_mode,
3171 btm_cb.btm_inq_vars.discoverable_mode);
3174 static void btm_ble_inquiry_timer_timeout(UNUSED_ATTR void *data)
3176 btm_ble_stop_inquiry();
3179 static void btm_ble_observer_timer_timeout(UNUSED_ATTR void *data)
3181 btm_ble_stop_observe();
3184 void btm_ble_adv_raddr_timer_timeout(void *data)
3186 if ((btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type == BLE_ADDR_RANDOM) &&
3187 (BTM_BleMaxMultiAdvInstanceCount() > 0)) {
3188 btm_ble_multi_adv_configure_rpa((tBTM_BLE_MULTI_ADV_INST *)data);
3192 void btm_ble_refresh_raddr_timer_timeout(UNUSED_ATTR void *data)
3194 if (btm_cb.ble_ctr_cb.addr_mgnt_cb.own_addr_type == BLE_ADDR_RANDOM) {
3195 /* refresh the random addr */
3196 btm_gen_resolvable_private_addr((void *)btm_gen_resolve_paddr_low);
3200 /*******************************************************************************
3202 ** Function btm_ble_read_remote_features_complete
3204 ** Description This function is called when the command complete message
3205 ** is received from the HCI for the read LE remote feature supported
3210 *******************************************************************************/
3211 void btm_ble_read_remote_features_complete(UINT8 *p)
3213 tACL_CONN *p_acl_cb = &btm_cb.acl_db[0];
3218 BTM_TRACE_EVENT ("btm_ble_read_remote_features_complete ");
3220 STREAM_TO_UINT8(status, p);
3222 // if LE read remote feature failed for HCI_ERR_CONN_FAILED_ESTABLISHMENT,
3223 // expect disconnect complete to be received
3224 if (status != HCI_ERR_CONN_FAILED_ESTABLISHMENT)
3226 STREAM_TO_UINT16 (handle, p);
3228 /* Look up the connection by handle and copy features */
3229 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl_cb++)
3231 if ((p_acl_cb->in_use) && (p_acl_cb->hci_handle == handle))
3233 STREAM_TO_ARRAY(p_acl_cb->peer_le_features, p, BD_FEATURES_LEN);
3234 btsnd_hcic_rmt_ver_req (p_acl_cb->hci_handle);
3242 /*******************************************************************************
3244 ** Function btm_ble_write_adv_enable_complete
3246 ** Description This function process the write adv enable command complete.
3250 *******************************************************************************/
3251 void btm_ble_write_adv_enable_complete(UINT8 * p)
3253 tBTM_BLE_INQ_CB *p_cb = &btm_cb.ble_ctr_cb.inq_var;
3255 /* if write adv enable/disbale not succeed */
3256 if (*p != HCI_SUCCESS)
3258 /* toggle back the adv mode */
3259 p_cb->adv_mode = !p_cb->adv_mode;
3263 /*******************************************************************************
3265 ** Function btm_ble_dir_adv_tout
3267 ** Description when directed adv time out
3271 *******************************************************************************/
3272 void btm_ble_dir_adv_tout(void)
3274 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3276 /* make device fall back into undirected adv mode by default */
3277 btm_cb.ble_ctr_cb.inq_var.directed_conn = FALSE;
3280 /*******************************************************************************
3282 ** Function btm_ble_set_topology_mask
3284 ** Description set BLE topology mask
3286 ** Returns TRUE is request is allowed, FALSE otherwise.
3288 *******************************************************************************/
3289 BOOLEAN btm_ble_set_topology_mask(tBTM_BLE_STATE_MASK request_state_mask)
3291 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
3292 btm_cb.ble_ctr_cb.cur_states |= (request_state_mask & BTM_BLE_STATE_ALL_MASK);
3296 /*******************************************************************************
3298 ** Function btm_ble_clear_topology_mask
3300 ** Description Clear BLE topology bit mask
3302 ** Returns TRUE is request is allowed, FALSE otherwise.
3304 *******************************************************************************/
3305 BOOLEAN btm_ble_clear_topology_mask (tBTM_BLE_STATE_MASK request_state_mask)
3307 request_state_mask &= BTM_BLE_STATE_ALL_MASK;
3308 btm_cb.ble_ctr_cb.cur_states &= ~request_state_mask;
3312 /*******************************************************************************
3314 ** Function btm_ble_update_link_topology_mask
3316 ** Description This function update the link topology mask
3320 *******************************************************************************/
3321 void btm_ble_update_link_topology_mask(UINT8 link_role, BOOLEAN increase)
3323 btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_CONN_MASK);
3326 btm_cb.ble_ctr_cb.link_count[link_role]++;
3327 else if (btm_cb.ble_ctr_cb.link_count[link_role] > 0)
3328 btm_cb.ble_ctr_cb.link_count[link_role]--;
3330 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_MASTER])
3331 btm_ble_set_topology_mask (BTM_BLE_STATE_MASTER_BIT);
3333 if (btm_cb.ble_ctr_cb.link_count[HCI_ROLE_SLAVE])
3334 btm_ble_set_topology_mask(BTM_BLE_STATE_SLAVE_BIT);
3336 if (link_role == HCI_ROLE_SLAVE && increase)
3338 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3339 /* make device fall back into undirected adv mode by default */
3340 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_CONNECT_EVT;
3341 /* clear all adv states */
3342 btm_ble_clear_topology_mask(BTM_BLE_STATE_ALL_ADV_MASK);
3346 /*******************************************************************************
3348 ** Function btm_ble_update_mode_operation
3350 ** Description This function update the GAP role operation when a link status
3355 *******************************************************************************/
3356 void btm_ble_update_mode_operation(UINT8 link_role, BD_ADDR bd_addr, UINT8 status)
3358 if (status == HCI_ERR_DIRECTED_ADVERTISING_TIMEOUT)
3360 btm_cb.ble_ctr_cb.inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3361 /* make device fall back into undirected adv mode by default */
3362 btm_cb.ble_ctr_cb.inq_var.directed_conn = BTM_BLE_CONNECT_EVT;
3363 /* clear all adv states */
3364 btm_ble_clear_topology_mask (BTM_BLE_STATE_ALL_ADV_MASK);
3367 if (btm_cb.ble_ctr_cb.inq_var.connectable_mode == BTM_BLE_CONNECTABLE)
3369 btm_ble_set_connectability(btm_cb.btm_inq_vars.connectable_mode |
3370 btm_cb.ble_ctr_cb.inq_var.connectable_mode);
3373 /* when no connection is attempted, and controller is not rejecting last request
3374 due to resource limitation, start next direct connection or background connection
3376 if (btm_ble_get_conn_st() == BLE_CONN_IDLE && status != HCI_ERR_HOST_REJECT_RESOURCES &&
3377 !btm_send_pending_direct_conn())
3379 btm_ble_resume_bg_conn();
3383 /*******************************************************************************
3385 ** Function btm_ble_init
3387 ** Description Initialize the control block variable values.
3391 *******************************************************************************/
3392 void btm_ble_init(void)
3394 tBTM_BLE_CB *p_cb = &btm_cb.ble_ctr_cb;
3396 BTM_TRACE_DEBUG("%s", __func__);
3398 alarm_free(p_cb->observer_timer);
3399 alarm_free(p_cb->inq_var.fast_adv_timer);
3400 memset(p_cb, 0, sizeof(tBTM_BLE_CB));
3401 memset(&(btm_cb.cmn_ble_vsc_cb), 0 , sizeof(tBTM_BLE_VSC_CB));
3402 btm_cb.cmn_ble_vsc_cb.values_read = FALSE;
3404 p_cb->observer_timer = alarm_new("btm_ble.observer_timer");
3405 p_cb->cur_states = 0;
3406 p_cb->conn_pending_q = fixed_queue_new(SIZE_MAX);
3408 p_cb->inq_var.adv_mode = BTM_BLE_ADV_DISABLE;
3409 p_cb->inq_var.scan_type = BTM_BLE_SCAN_MODE_NONE;
3410 p_cb->inq_var.adv_chnl_map = BTM_BLE_DEFAULT_ADV_CHNL_MAP;
3411 p_cb->inq_var.afp = BTM_BLE_DEFAULT_AFP;
3412 p_cb->inq_var.sfp = BTM_BLE_DEFAULT_SFP;
3413 p_cb->inq_var.connectable_mode = BTM_BLE_NON_CONNECTABLE;
3414 p_cb->inq_var.discoverable_mode = BTM_BLE_NON_DISCOVERABLE;
3415 p_cb->inq_var.fast_adv_timer = alarm_new("btm_ble_inq.fast_adv_timer");
3416 p_cb->inq_var.inquiry_timer = alarm_new("btm_ble_inq.inquiry_timer");
3418 /* for background connection, reset connection params to be undefined */
3419 p_cb->scan_int = p_cb->scan_win = BTM_BLE_SCAN_PARAM_UNDEF;
3421 p_cb->inq_var.evt_type = BTM_BLE_NON_CONNECT_EVT;
3423 p_cb->addr_mgnt_cb.refresh_raddr_timer =
3424 alarm_new("btm_ble_addr.refresh_raddr_timer");
3426 #if BLE_VND_INCLUDED == FALSE
3427 btm_ble_adv_filter_init();
3431 /*******************************************************************************
3433 ** Function btm_ble_topology_check
3435 ** Description check to see requested state is supported. One state check at
3436 ** a time is supported
3438 ** Returns TRUE is request is allowed, FALSE otherwise.
3440 *******************************************************************************/
3441 BOOLEAN btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)
3445 UINT8 state_offset = 0;
3446 UINT16 cur_states = btm_cb.ble_ctr_cb.cur_states;
3448 UINT8 request_state = 0;
3450 /* check only one bit is set and within valid range */
3451 if (request_state_mask == BTM_BLE_STATE_INVALID ||
3452 request_state_mask > BTM_BLE_STATE_SCAN_ADV_BIT ||
3453 (request_state_mask & (request_state_mask -1 )) != 0)
3455 BTM_TRACE_ERROR("illegal state requested: %d", request_state_mask);
3459 while (request_state_mask)
3461 request_state_mask >>= 1;
3465 /* check if the requested state is supported or not */
3466 mask = btm_le_state_combo_tbl[0][request_state - 1][0];
3467 offset = btm_le_state_combo_tbl[0][request_state-1][1];
3469 const uint8_t *ble_supported_states = controller_get_interface()->get_ble_supported_states();
3471 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, mask, offset))
3473 BTM_TRACE_ERROR("state requested not supported: %d", request_state);
3478 /* make sure currently active states are all supported in conjunction with the requested
3479 state. If the bit in table is not set, the combination is not supported */
3480 while (cur_states != 0)
3482 if (cur_states & 0x01)
3484 mask = btm_le_state_combo_tbl[request_state][state_offset][0];
3485 offset = btm_le_state_combo_tbl[request_state][state_offset][1];
3487 if (mask != 0 && offset != 0)
3489 if (!BTM_LE_STATES_SUPPORTED(ble_supported_states, mask, offset))
3502 #endif /* BLE_INCLUDED */