1 /******************************************************************************
3 * Copyright (C) 1999-2012 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
19 /******************************************************************************
21 * This file contains functions that interface with the HCI transport. On
22 * the receive side, it routes events to the appropriate handler, e.g.
23 * L2CAP, ScoMgr. On the transmit side, it manages the command
26 ******************************************************************************/
28 #define LOG_TAG "bt_btu_hcif"
30 #include <base/bind.h>
31 #include <base/callback.h>
32 #include <base/location.h>
33 #include <base/logging.h>
34 #include <base/threading/thread.h>
40 #include "bt_common.h"
46 #include "device/include/controller.h"
47 #include "hci_layer.h"
50 #include "osi/include/log.h"
51 #include "osi/include/osi.h"
53 using tracked_objects::Location;
55 extern void btm_process_cancel_complete(uint8_t status, uint8_t mode);
56 extern void btm_ble_test_command_complete(uint8_t* p);
58 /******************************************************************************/
59 /* L O C A L F U N C T I O N P R O T O T Y P E S */
60 /******************************************************************************/
61 static void btu_hcif_inquiry_comp_evt(uint8_t* p);
62 static void btu_hcif_inquiry_result_evt(uint8_t* p);
63 static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p);
64 static void btu_hcif_extended_inquiry_result_evt(uint8_t* p);
66 static void btu_hcif_connection_comp_evt(uint8_t* p);
67 static void btu_hcif_connection_request_evt(uint8_t* p);
68 static void btu_hcif_disconnection_comp_evt(uint8_t* p);
69 static void btu_hcif_authentication_comp_evt(uint8_t* p);
70 static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len);
71 static void btu_hcif_encryption_change_evt(uint8_t* p);
72 static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p);
73 static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p);
74 static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p);
75 static void btu_hcif_qos_setup_comp_evt(uint8_t* p);
76 static void btu_hcif_command_complete_evt(BT_HDR* response, void* context);
77 static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
79 static void btu_hcif_hardware_error_evt(uint8_t* p);
80 static void btu_hcif_flush_occured_evt(void);
81 static void btu_hcif_role_change_evt(uint8_t* p);
82 static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p);
83 static void btu_hcif_mode_change_evt(uint8_t* p);
84 static void btu_hcif_pin_code_request_evt(uint8_t* p);
85 static void btu_hcif_link_key_request_evt(uint8_t* p);
86 static void btu_hcif_link_key_notification_evt(uint8_t* p);
87 static void btu_hcif_loopback_command_evt(void);
88 static void btu_hcif_data_buf_overflow_evt(void);
89 static void btu_hcif_max_slots_changed_evt(void);
90 static void btu_hcif_read_clock_off_comp_evt(uint8_t* p);
91 static void btu_hcif_conn_pkt_type_change_evt(void);
92 static void btu_hcif_qos_violation_evt(uint8_t* p);
93 static void btu_hcif_page_scan_mode_change_evt(void);
94 static void btu_hcif_page_scan_rep_mode_chng_evt(void);
95 static void btu_hcif_esco_connection_comp_evt(uint8_t* p);
96 static void btu_hcif_esco_connection_chg_evt(uint8_t* p);
98 /* Simple Pairing Events */
99 static void btu_hcif_host_support_evt(uint8_t* p);
100 static void btu_hcif_io_cap_request_evt(uint8_t* p);
101 static void btu_hcif_io_cap_response_evt(uint8_t* p);
102 static void btu_hcif_user_conf_request_evt(uint8_t* p);
103 static void btu_hcif_user_passkey_request_evt(uint8_t* p);
104 static void btu_hcif_user_passkey_notif_evt(uint8_t* p);
105 static void btu_hcif_keypress_notif_evt(uint8_t* p);
106 static void btu_hcif_rem_oob_request_evt(uint8_t* p);
108 static void btu_hcif_simple_pair_complete_evt(uint8_t* p);
109 #if L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE
110 static void btu_hcif_enhanced_flush_complete_evt(void);
113 #if (BTM_SSR_INCLUDED == TRUE)
114 static void btu_hcif_ssr_evt(uint8_t* p, uint16_t evt_len);
115 #endif /* BTM_SSR_INCLUDED == TRUE */
117 static void btu_ble_ll_conn_complete_evt(uint8_t* p, uint16_t evt_len);
118 static void btu_ble_read_remote_feat_evt(uint8_t* p);
119 static void btu_ble_ll_conn_param_upd_evt(uint8_t* p, uint16_t evt_len);
120 static void btu_ble_proc_ltk_req(uint8_t* p);
121 static void btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t* p);
122 static void btu_ble_data_length_change_evt(uint8_t* p, uint16_t evt_len);
123 #if (BLE_LLT_INCLUDED == TRUE)
124 static void btu_ble_rc_param_req_evt(uint8_t* p);
126 #if (BLE_PRIVACY_SPT == TRUE)
127 static void btu_ble_proc_enhanced_conn_cmpl(uint8_t* p, uint16_t evt_len);
130 static void do_in_hci_thread(const tracked_objects::Location& from_here,
131 const base::Closure& task) {
132 base::MessageLoop* hci_message_loop = get_message_loop();
133 if (!hci_message_loop || !hci_message_loop->task_runner().get()) {
134 LOG_ERROR(LOG_TAG, "%s: HCI message loop not running, accessed from %s",
135 __func__, from_here.ToString().c_str());
139 hci_message_loop->task_runner()->PostTask(from_here, task);
142 /*******************************************************************************
144 * Function btu_hcif_process_event
146 * Description This function is called when an event is received from
147 * the Host Controller.
151 ******************************************************************************/
152 void btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_msg) {
153 uint8_t* p = (uint8_t*)(p_msg + 1) + p_msg->offset;
154 uint8_t hci_evt_code, hci_evt_len;
155 uint8_t ble_sub_code;
156 STREAM_TO_UINT8(hci_evt_code, p);
157 STREAM_TO_UINT8(hci_evt_len, p);
159 switch (hci_evt_code) {
160 case HCI_INQUIRY_COMP_EVT:
161 btu_hcif_inquiry_comp_evt(p);
163 case HCI_INQUIRY_RESULT_EVT:
164 btu_hcif_inquiry_result_evt(p);
166 case HCI_INQUIRY_RSSI_RESULT_EVT:
167 btu_hcif_inquiry_rssi_result_evt(p);
169 case HCI_EXTENDED_INQUIRY_RESULT_EVT:
170 btu_hcif_extended_inquiry_result_evt(p);
172 case HCI_CONNECTION_COMP_EVT:
173 btu_hcif_connection_comp_evt(p);
175 case HCI_CONNECTION_REQUEST_EVT:
176 btu_hcif_connection_request_evt(p);
178 case HCI_DISCONNECTION_COMP_EVT:
179 btu_hcif_disconnection_comp_evt(p);
181 case HCI_AUTHENTICATION_COMP_EVT:
182 btu_hcif_authentication_comp_evt(p);
184 case HCI_RMT_NAME_REQUEST_COMP_EVT:
185 btu_hcif_rmt_name_request_comp_evt(p, hci_evt_len);
187 case HCI_ENCRYPTION_CHANGE_EVT:
188 btu_hcif_encryption_change_evt(p);
190 case HCI_ENCRYPTION_KEY_REFRESH_COMP_EVT:
191 btu_hcif_encryption_key_refresh_cmpl_evt(p);
193 case HCI_READ_RMT_FEATURES_COMP_EVT:
194 btu_hcif_read_rmt_features_comp_evt(p);
196 case HCI_READ_RMT_EXT_FEATURES_COMP_EVT:
197 btu_hcif_read_rmt_ext_features_comp_evt(p);
199 case HCI_READ_RMT_VERSION_COMP_EVT:
200 btu_hcif_read_rmt_version_comp_evt(p);
202 case HCI_QOS_SETUP_COMP_EVT:
203 btu_hcif_qos_setup_comp_evt(p);
205 case HCI_COMMAND_COMPLETE_EVT:
207 "%s should not have received a command complete event. "
208 "Someone didn't go through the hci transmit_command function.",
211 case HCI_COMMAND_STATUS_EVT:
213 "%s should not have received a command status event. "
214 "Someone didn't go through the hci transmit_command function.",
217 case HCI_HARDWARE_ERROR_EVT:
218 btu_hcif_hardware_error_evt(p);
220 case HCI_FLUSH_OCCURED_EVT:
221 btu_hcif_flush_occured_evt();
223 case HCI_ROLE_CHANGE_EVT:
224 btu_hcif_role_change_evt(p);
226 case HCI_NUM_COMPL_DATA_PKTS_EVT:
227 btu_hcif_num_compl_data_pkts_evt(p);
229 case HCI_MODE_CHANGE_EVT:
230 btu_hcif_mode_change_evt(p);
232 case HCI_PIN_CODE_REQUEST_EVT:
233 btu_hcif_pin_code_request_evt(p);
235 case HCI_LINK_KEY_REQUEST_EVT:
236 btu_hcif_link_key_request_evt(p);
238 case HCI_LINK_KEY_NOTIFICATION_EVT:
239 btu_hcif_link_key_notification_evt(p);
241 case HCI_LOOPBACK_COMMAND_EVT:
242 btu_hcif_loopback_command_evt();
244 case HCI_DATA_BUF_OVERFLOW_EVT:
245 btu_hcif_data_buf_overflow_evt();
247 case HCI_MAX_SLOTS_CHANGED_EVT:
248 btu_hcif_max_slots_changed_evt();
250 case HCI_READ_CLOCK_OFF_COMP_EVT:
251 btu_hcif_read_clock_off_comp_evt(p);
253 case HCI_CONN_PKT_TYPE_CHANGE_EVT:
254 btu_hcif_conn_pkt_type_change_evt();
256 case HCI_QOS_VIOLATION_EVT:
257 btu_hcif_qos_violation_evt(p);
259 case HCI_PAGE_SCAN_MODE_CHANGE_EVT:
260 btu_hcif_page_scan_mode_change_evt();
262 case HCI_PAGE_SCAN_REP_MODE_CHNG_EVT:
263 btu_hcif_page_scan_rep_mode_chng_evt();
265 case HCI_ESCO_CONNECTION_COMP_EVT:
266 btu_hcif_esco_connection_comp_evt(p);
268 case HCI_ESCO_CONNECTION_CHANGED_EVT:
269 btu_hcif_esco_connection_chg_evt(p);
271 #if (BTM_SSR_INCLUDED == TRUE)
272 case HCI_SNIFF_SUB_RATE_EVT:
273 btu_hcif_ssr_evt(p, hci_evt_len);
275 #endif /* BTM_SSR_INCLUDED == TRUE */
276 case HCI_RMT_HOST_SUP_FEAT_NOTIFY_EVT:
277 btu_hcif_host_support_evt(p);
279 case HCI_IO_CAPABILITY_REQUEST_EVT:
280 btu_hcif_io_cap_request_evt(p);
282 case HCI_IO_CAPABILITY_RESPONSE_EVT:
283 btu_hcif_io_cap_response_evt(p);
285 case HCI_USER_CONFIRMATION_REQUEST_EVT:
286 btu_hcif_user_conf_request_evt(p);
288 case HCI_USER_PASSKEY_REQUEST_EVT:
289 btu_hcif_user_passkey_request_evt(p);
291 case HCI_REMOTE_OOB_DATA_REQUEST_EVT:
292 btu_hcif_rem_oob_request_evt(p);
294 case HCI_SIMPLE_PAIRING_COMPLETE_EVT:
295 btu_hcif_simple_pair_complete_evt(p);
297 case HCI_USER_PASSKEY_NOTIFY_EVT:
298 btu_hcif_user_passkey_notif_evt(p);
300 case HCI_KEYPRESS_NOTIFY_EVT:
301 btu_hcif_keypress_notif_evt(p);
303 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
304 case HCI_ENHANCED_FLUSH_COMPLETE_EVT:
305 btu_hcif_enhanced_flush_complete_evt();
309 case HCI_BLE_EVENT: {
310 STREAM_TO_UINT8(ble_sub_code, p);
312 HCI_TRACE_EVENT("BLE HCI(id=%d) event = 0x%02x)", hci_evt_code,
315 uint8_t ble_evt_len = hci_evt_len - 1;
316 switch (ble_sub_code) {
317 case HCI_BLE_ADV_PKT_RPT_EVT: /* result of inquiry */
318 HCI_TRACE_EVENT("HCI_BLE_ADV_PKT_RPT_EVT");
319 btm_ble_process_adv_pkt(ble_evt_len, p);
321 case HCI_BLE_CONN_COMPLETE_EVT:
322 btu_ble_ll_conn_complete_evt(p, hci_evt_len);
324 case HCI_BLE_LL_CONN_PARAM_UPD_EVT:
325 btu_ble_ll_conn_param_upd_evt(p, hci_evt_len);
327 case HCI_BLE_READ_REMOTE_FEAT_CMPL_EVT:
328 btu_ble_read_remote_feat_evt(p);
330 case HCI_BLE_LTK_REQ_EVT: /* received only at slave device */
331 btu_ble_proc_ltk_req(p);
333 #if (BLE_PRIVACY_SPT == TRUE)
334 case HCI_BLE_ENHANCED_CONN_COMPLETE_EVT:
335 btu_ble_proc_enhanced_conn_cmpl(p, hci_evt_len);
338 #if (BLE_LLT_INCLUDED == TRUE)
339 case HCI_BLE_RC_PARAM_REQ_EVT:
340 btu_ble_rc_param_req_evt(p);
343 case HCI_BLE_DATA_LENGTH_CHANGE_EVT:
344 btu_ble_data_length_change_evt(p, hci_evt_len);
347 case HCI_BLE_PHY_UPDATE_COMPLETE_EVT:
348 btm_ble_process_phy_update_pkt(ble_evt_len, p);
351 case HCI_LE_EXTENDED_ADVERTISING_REPORT_EVT:
352 btm_ble_process_ext_adv_pkt(hci_evt_len, p);
355 case HCI_LE_ADVERTISING_SET_TERMINATED_EVT:
356 btm_le_on_advertising_set_terminated(p, hci_evt_len);
362 case HCI_VENDOR_SPECIFIC_EVT:
363 btm_vendor_specific_evt(p, hci_evt_len);
368 /*******************************************************************************
370 * Function btu_hcif_send_cmd
372 * Description This function is called to send commands to the Host
377 ******************************************************************************/
378 void btu_hcif_send_cmd(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_buf) {
382 uint8_t* stream = p_buf->data + p_buf->offset;
383 void* vsc_callback = NULL;
385 STREAM_TO_UINT16(opcode, stream);
387 // Eww...horrible hackery here
388 /* If command was a VSC, then extract command_complete callback */
389 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC ||
390 (opcode == HCI_BLE_RAND) || (opcode == HCI_BLE_ENCRYPT)) {
391 vsc_callback = *((void**)(p_buf + 1));
394 hci_layer_get_interface()->transmit_command(
395 p_buf, btu_hcif_command_complete_evt, btu_hcif_command_status_evt,
399 using hci_cmd_cb = base::Callback<void(uint8_t* /* return_parameters */,
400 uint16_t /* return_parameters_length*/)>;
402 struct cmd_with_cb_data {
404 Location posted_from;
407 void cmd_with_cb_data_init(cmd_with_cb_data* cb_wrapper) {
408 new (&cb_wrapper->cb) hci_cmd_cb;
409 new (&cb_wrapper->posted_from) Location;
412 void cmd_with_cb_data_cleanup(cmd_with_cb_data* cb_wrapper) {
413 cb_wrapper->cb.~hci_cmd_cb();
414 cb_wrapper->posted_from.~Location();
417 static void btu_hcif_command_complete_evt_with_cb_on_task(BT_HDR* event,
419 command_opcode_t opcode;
421 event->data + event->offset +
422 3; // 2 to skip the event headers, 1 to skip the command credits
423 STREAM_TO_UINT16(opcode, stream);
425 cmd_with_cb_data* cb_wrapper = (cmd_with_cb_data*)context;
426 HCI_TRACE_DEBUG("command complete for: %s",
427 cb_wrapper->posted_from.ToString().c_str());
428 cb_wrapper->cb.Run(stream, event->len - 5);
429 cmd_with_cb_data_cleanup(cb_wrapper);
430 osi_free(cb_wrapper);
435 static void btu_hcif_command_complete_evt_with_cb(BT_HDR* response,
437 do_in_hci_thread(FROM_HERE,
438 base::Bind(btu_hcif_command_complete_evt_with_cb_on_task,
442 static void btu_hcif_command_status_evt_with_cb_on_task(uint8_t status,
445 command_opcode_t opcode;
446 uint8_t* stream = event->data + event->offset;
447 STREAM_TO_UINT16(opcode, stream);
451 // report command status error
452 cmd_with_cb_data* cb_wrapper = (cmd_with_cb_data*)context;
453 HCI_TRACE_DEBUG("command status for: %s",
454 cb_wrapper->posted_from.ToString().c_str());
455 cb_wrapper->cb.Run(&status, sizeof(uint16_t));
456 cmd_with_cb_data_cleanup(cb_wrapper);
457 osi_free(cb_wrapper);
462 static void btu_hcif_command_status_evt_with_cb(uint8_t status, BT_HDR* command,
464 // Command is pending, we report only error.
471 FROM_HERE, base::Bind(btu_hcif_command_status_evt_with_cb_on_task, status,
475 /* This function is called to send commands to the Host Controller. |cb| is
476 * called when command status event is called with error code, or when the
477 * command complete event is received. */
478 void btu_hcif_send_cmd_with_cb(const tracked_objects::Location& posted_from,
479 uint16_t opcode, uint8_t* params,
480 uint8_t params_len, hci_cmd_cb cb) {
481 BT_HDR* p = (BT_HDR*)osi_malloc(HCI_CMD_BUF_SIZE);
482 uint8_t* pp = (uint8_t*)(p + 1);
484 p->len = HCIC_PREAMBLE_SIZE + params_len;
487 UINT16_TO_STREAM(pp, opcode);
488 UINT8_TO_STREAM(pp, params_len);
490 memcpy(pp, params, params_len);
493 cmd_with_cb_data* cb_wrapper =
494 (cmd_with_cb_data*)osi_malloc(sizeof(cmd_with_cb_data));
496 cmd_with_cb_data_init(cb_wrapper);
498 cb_wrapper->posted_from = posted_from;
500 hci_layer_get_interface()->transmit_command(
501 p, btu_hcif_command_complete_evt_with_cb,
502 btu_hcif_command_status_evt_with_cb, (void*)cb_wrapper);
505 /*******************************************************************************
507 * Function btu_hcif_inquiry_comp_evt
509 * Description Process event HCI_INQUIRY_COMP_EVT
513 ******************************************************************************/
514 static void btu_hcif_inquiry_comp_evt(uint8_t* p) {
517 STREAM_TO_UINT8(status, p);
519 /* Tell inquiry processing that we are done */
520 btm_process_inq_complete(status, BTM_BR_INQUIRY_MASK);
523 /*******************************************************************************
525 * Function btu_hcif_inquiry_result_evt
527 * Description Process event HCI_INQUIRY_RESULT_EVT
531 ******************************************************************************/
532 static void btu_hcif_inquiry_result_evt(uint8_t* p) {
533 /* Store results in the cache */
534 btm_process_inq_results(p, BTM_INQ_RESULT_STANDARD);
537 /*******************************************************************************
539 * Function btu_hcif_inquiry_rssi_result_evt
541 * Description Process event HCI_INQUIRY_RSSI_RESULT_EVT
545 ******************************************************************************/
546 static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p) {
547 /* Store results in the cache */
548 btm_process_inq_results(p, BTM_INQ_RESULT_WITH_RSSI);
551 /*******************************************************************************
553 * Function btu_hcif_extended_inquiry_result_evt
555 * Description Process event HCI_EXTENDED_INQUIRY_RESULT_EVT
559 ******************************************************************************/
560 static void btu_hcif_extended_inquiry_result_evt(uint8_t* p) {
561 /* Store results in the cache */
562 btm_process_inq_results(p, BTM_INQ_RESULT_EXTENDED);
565 /*******************************************************************************
567 * Function btu_hcif_connection_comp_evt
569 * Description Process event HCI_CONNECTION_COMP_EVT
573 ******************************************************************************/
574 static void btu_hcif_connection_comp_evt(uint8_t* p) {
580 #if (BTM_SCO_INCLUDED == TRUE)
581 tBTM_ESCO_DATA esco_data;
584 STREAM_TO_UINT8(status, p);
585 STREAM_TO_UINT16(handle, p);
586 STREAM_TO_BDADDR(bda, p);
587 STREAM_TO_UINT8(link_type, p);
588 STREAM_TO_UINT8(enc_mode, p);
590 handle = HCID_GET_HANDLE(handle);
592 if (link_type == HCI_LINK_TYPE_ACL) {
593 btm_sec_connected(bda, handle, status, enc_mode);
595 l2c_link_hci_conn_comp(status, handle, bda);
597 #if (BTM_SCO_INCLUDED == TRUE)
599 memset(&esco_data, 0, sizeof(tBTM_ESCO_DATA));
600 /* esco_data.link_type = HCI_LINK_TYPE_SCO; already zero */
601 esco_data.bd_addr = bda;
602 btm_sco_connected(status, &bda, handle, &esco_data);
604 #endif /* BTM_SCO_INCLUDED */
607 /*******************************************************************************
609 * Function btu_hcif_connection_request_evt
611 * Description Process event HCI_CONNECTION_REQUEST_EVT
615 ******************************************************************************/
616 static void btu_hcif_connection_request_evt(uint8_t* p) {
621 STREAM_TO_BDADDR(bda, p);
622 STREAM_TO_DEVCLASS(dc, p);
623 STREAM_TO_UINT8(link_type, p);
625 /* Pass request to security manager to check connect filters before */
626 /* passing request to l2cap */
627 if (link_type == HCI_LINK_TYPE_ACL) {
628 btm_sec_conn_req(bda, dc);
630 #if (BTM_SCO_INCLUDED == TRUE)
632 btm_sco_conn_req(bda, dc, link_type);
634 #endif /* BTM_SCO_INCLUDED */
637 /*******************************************************************************
639 * Function btu_hcif_disconnection_comp_evt
641 * Description Process event HCI_DISCONNECTION_COMP_EVT
645 ******************************************************************************/
646 static void btu_hcif_disconnection_comp_evt(uint8_t* p) {
651 STREAM_TO_UINT16(handle, p);
652 STREAM_TO_UINT8(reason, p);
654 handle = HCID_GET_HANDLE(handle);
656 #if (BTM_SCO_INCLUDED == TRUE)
657 /* If L2CAP doesn't know about it, send it to SCO */
658 if (!l2c_link_hci_disc_comp(handle, reason)) btm_sco_removed(handle, reason);
660 l2c_link_hci_disc_comp(handle, reason);
661 #endif /* BTM_SCO_INCLUDED */
663 /* Notify security manager */
664 btm_sec_disconnected(handle, reason);
667 /*******************************************************************************
669 * Function btu_hcif_authentication_comp_evt
671 * Description Process event HCI_AUTHENTICATION_COMP_EVT
675 ******************************************************************************/
676 static void btu_hcif_authentication_comp_evt(uint8_t* p) {
680 STREAM_TO_UINT8(status, p);
681 STREAM_TO_UINT16(handle, p);
683 btm_sec_auth_complete(handle, status);
686 /*******************************************************************************
688 * Function btu_hcif_rmt_name_request_comp_evt
690 * Description Process event HCI_RMT_NAME_REQUEST_COMP_EVT
694 ******************************************************************************/
695 static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len) {
699 STREAM_TO_UINT8(status, p);
700 STREAM_TO_BDADDR(bd_addr, p);
702 evt_len -= (1 + BD_ADDR_LEN);
704 btm_process_remote_name(&bd_addr, p, evt_len, status);
706 btm_sec_rmt_name_request_complete(&bd_addr, p, status);
709 constexpr uint8_t MIN_KEY_SIZE = 7;
711 static void read_encryption_key_size_complete_after_encryption_change(
712 uint8_t status, uint16_t handle, uint8_t key_size) {
713 if (status == HCI_ERR_INSUFFCIENT_SECURITY) {
714 /* If remote device stop the encryption before we call "Read Encryption Key
715 * Size", we might receive Insufficient Security, which means that link is
716 * no longer encrypted. */
717 HCI_TRACE_WARNING("%s encryption stopped on link: 0x%02x", __func__,
722 if (status != HCI_SUCCESS) {
723 HCI_TRACE_WARNING("%s: disconnecting, status: 0x%02x", __func__, status);
724 btsnd_hcic_disconnect(handle, HCI_ERR_PEER_USER);
728 if (key_size < MIN_KEY_SIZE) {
729 android_errorWriteLog(0x534e4554, "124301137");
731 "%s encryption key too short, disconnecting. handle: 0x%02x, key_size: "
733 __func__, handle, key_size);
735 btsnd_hcic_disconnect(handle, HCI_ERR_HOST_REJECT_SECURITY);
739 // good key size - succeed
740 btm_acl_encrypt_change(handle, status, 1 /* enable */);
741 btm_sec_encrypt_change(handle, status, 1 /* enable */);
743 /*******************************************************************************
745 * Function btu_hcif_encryption_change_evt
747 * Description Process event HCI_ENCRYPTION_CHANGE_EVT
751 ******************************************************************************/
752 static void btu_hcif_encryption_change_evt(uint8_t* p) {
757 STREAM_TO_UINT8(status, p);
758 STREAM_TO_UINT16(handle, p);
759 STREAM_TO_UINT8(encr_enable, p);
761 if (status != HCI_SUCCESS || encr_enable == 0 ||
762 BTM_IsBleConnection(handle)) {
763 btm_acl_encrypt_change(handle, status, encr_enable);
764 btm_sec_encrypt_change(handle, status, encr_enable);
766 btsnd_hcic_read_encryption_key_size(
768 base::Bind(&read_encryption_key_size_complete_after_encryption_change));
772 /*******************************************************************************
774 * Function btu_hcif_read_rmt_features_comp_evt
776 * Description Process event HCI_READ_RMT_FEATURES_COMP_EVT
780 ******************************************************************************/
781 static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p) {
782 btm_read_remote_features_complete(p);
785 /*******************************************************************************
787 * Function btu_hcif_read_rmt_ext_features_comp_evt
789 * Description Process event HCI_READ_RMT_EXT_FEATURES_COMP_EVT
793 ******************************************************************************/
794 static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p) {
799 STREAM_TO_UINT8(status, p_cur);
801 if (status == HCI_SUCCESS)
802 btm_read_remote_ext_features_complete(p);
804 STREAM_TO_UINT16(handle, p_cur);
805 btm_read_remote_ext_features_failed(status, handle);
809 /*******************************************************************************
811 * Function btu_hcif_read_rmt_version_comp_evt
813 * Description Process event HCI_READ_RMT_VERSION_COMP_EVT
817 ******************************************************************************/
818 static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p) {
819 btm_read_remote_version_complete(p);
822 /*******************************************************************************
824 * Function btu_hcif_qos_setup_comp_evt
826 * Description Process event HCI_QOS_SETUP_COMP_EVT
830 ******************************************************************************/
831 static void btu_hcif_qos_setup_comp_evt(uint8_t* p) {
836 STREAM_TO_UINT8(status, p);
837 STREAM_TO_UINT16(handle, p);
838 STREAM_TO_UINT8(flow.qos_flags, p);
839 STREAM_TO_UINT8(flow.service_type, p);
840 STREAM_TO_UINT32(flow.token_rate, p);
841 STREAM_TO_UINT32(flow.peak_bandwidth, p);
842 STREAM_TO_UINT32(flow.latency, p);
843 STREAM_TO_UINT32(flow.delay_variation, p);
845 btm_qos_setup_complete(status, handle, &flow);
848 /*******************************************************************************
850 * Function btu_hcif_esco_connection_comp_evt
852 * Description Process event HCI_ESCO_CONNECTION_COMP_EVT
856 ******************************************************************************/
857 static void btu_hcif_esco_connection_comp_evt(uint8_t* p) {
858 #if (BTM_SCO_INCLUDED == TRUE)
864 STREAM_TO_UINT8(status, p);
865 STREAM_TO_UINT16(handle, p);
866 STREAM_TO_BDADDR(bda, p);
868 STREAM_TO_UINT8(data.link_type, p);
869 STREAM_TO_UINT8(data.tx_interval, p);
870 STREAM_TO_UINT8(data.retrans_window, p);
871 STREAM_TO_UINT16(data.rx_pkt_len, p);
872 STREAM_TO_UINT16(data.tx_pkt_len, p);
873 STREAM_TO_UINT8(data.air_mode, p);
876 btm_sco_connected(status, &bda, handle, &data);
880 /*******************************************************************************
882 * Function btu_hcif_esco_connection_chg_evt
884 * Description Process event HCI_ESCO_CONNECTION_CHANGED_EVT
888 ******************************************************************************/
889 static void btu_hcif_esco_connection_chg_evt(uint8_t* p) {
890 #if (BTM_SCO_INCLUDED == TRUE)
896 uint8_t retrans_window;
898 STREAM_TO_UINT8(status, p);
899 STREAM_TO_UINT16(handle, p);
901 STREAM_TO_UINT8(tx_interval, p);
902 STREAM_TO_UINT8(retrans_window, p);
903 STREAM_TO_UINT16(rx_pkt_len, p);
904 STREAM_TO_UINT16(tx_pkt_len, p);
906 btm_esco_proc_conn_chg(status, handle, tx_interval, retrans_window,
907 rx_pkt_len, tx_pkt_len);
911 /*******************************************************************************
913 * Function btu_hcif_hdl_command_complete
915 * Description Handle command complete event
919 ******************************************************************************/
920 static void btu_hcif_hdl_command_complete(uint16_t opcode, uint8_t* p,
922 void* p_cplt_cback) {
924 case HCI_INQUIRY_CANCEL:
925 /* Tell inquiry processing that we are done */
926 btm_process_cancel_complete(HCI_SUCCESS, BTM_BR_INQUIRY_MASK);
928 case HCI_SET_EVENT_FILTER:
929 btm_event_filter_complete(p);
932 case HCI_DELETE_STORED_LINK_KEY:
933 btm_delete_stored_link_key_complete(p);
936 case HCI_READ_LOCAL_NAME:
937 btm_read_local_name_complete(p, evt_len);
940 case HCI_GET_LINK_QUALITY:
941 btm_read_link_quality_complete(p);
945 btm_read_rssi_complete(p);
948 case HCI_READ_FAILED_CONTACT_COUNTER:
949 btm_read_failed_contact_counter_complete(p);
952 case HCI_READ_AUTOMATIC_FLUSH_TIMEOUT:
953 btm_read_automatic_flush_timeout_complete(p);
956 case HCI_READ_TRANSMIT_POWER_LEVEL:
957 btm_read_tx_power_complete(p, false);
960 case HCI_CREATE_CONNECTION_CANCEL:
961 btm_create_conn_cancel_complete(p);
964 case HCI_READ_LOCAL_OOB_DATA:
965 btm_read_local_oob_complete(p);
968 case HCI_READ_INQ_TX_POWER_LEVEL:
969 btm_read_inq_tx_power_complete(p);
972 /* BLE Commands sComplete*/
973 case HCI_BLE_ADD_WHITE_LIST:
974 btm_ble_add_2_white_list_complete(*p);
977 case HCI_BLE_CLEAR_WHITE_LIST:
978 btm_ble_clear_white_list_complete(p, evt_len);
981 case HCI_BLE_REMOVE_WHITE_LIST:
982 btm_ble_remove_from_white_list_complete(p, evt_len);
986 case HCI_BLE_ENCRYPT:
987 btm_ble_rand_enc_complete(p, opcode, (tBTM_RAND_ENC_CB*)p_cplt_cback);
990 case HCI_BLE_READ_ADV_CHNL_TX_POWER:
991 btm_read_tx_power_complete(p, true);
994 case HCI_BLE_WRITE_ADV_ENABLE:
995 btm_ble_write_adv_enable_complete(p);
998 case HCI_BLE_CREATE_LL_CONN:
999 btm_ble_create_ll_conn_complete(*p);
1002 case HCI_BLE_TRANSMITTER_TEST:
1003 case HCI_BLE_RECEIVER_TEST:
1004 case HCI_BLE_TEST_END:
1005 btm_ble_test_command_complete(p);
1008 #if (BLE_PRIVACY_SPT == TRUE)
1009 case HCI_BLE_ADD_DEV_RESOLVING_LIST:
1010 btm_ble_add_resolving_list_entry_complete(p, evt_len);
1013 case HCI_BLE_RM_DEV_RESOLVING_LIST:
1014 btm_ble_remove_resolving_list_entry_complete(p, evt_len);
1017 case HCI_BLE_CLEAR_RESOLVING_LIST:
1018 btm_ble_clear_resolving_list_complete(p, evt_len);
1021 case HCI_BLE_READ_RESOLVABLE_ADDR_PEER:
1022 btm_ble_read_resolving_list_entry_complete(p, evt_len);
1025 case HCI_BLE_READ_RESOLVABLE_ADDR_LOCAL:
1026 case HCI_BLE_SET_ADDR_RESOLUTION_ENABLE:
1027 case HCI_BLE_SET_RAND_PRIV_ADDR_TIMOUT:
1031 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
1032 btm_vsc_complete(p, opcode, evt_len, (tBTM_CMPL_CB*)p_cplt_cback);
1037 /*******************************************************************************
1039 * Function btu_hcif_command_complete_evt
1041 * Description Process event HCI_COMMAND_COMPLETE_EVT
1045 ******************************************************************************/
1046 static void btu_hcif_command_complete_evt_on_task(BT_HDR* event,
1048 command_opcode_t opcode;
1050 event->data + event->offset +
1051 3; // 2 to skip the event headers, 1 to skip the command credits
1052 STREAM_TO_UINT16(opcode, stream);
1054 btu_hcif_hdl_command_complete(
1057 5, // 3 for the command complete headers, 2 for the event headers
1063 static void btu_hcif_command_complete_evt(BT_HDR* response, void* context) {
1064 do_in_hci_thread(FROM_HERE, base::Bind(btu_hcif_command_complete_evt_on_task,
1065 response, context));
1068 /*******************************************************************************
1070 * Function btu_hcif_hdl_command_status
1072 * Description Handle a command status event
1076 ******************************************************************************/
1077 static void btu_hcif_hdl_command_status(uint16_t opcode, uint8_t status,
1079 void* p_vsc_status_cback) {
1082 #if (BTM_SCO_INCLUDED == TRUE)
1083 tBTM_ESCO_DATA esco_data;
1087 case HCI_EXIT_SNIFF_MODE:
1088 case HCI_EXIT_PARK_MODE:
1089 #if (BTM_SCO_WAKE_PARKED_LINK == TRUE)
1090 if (status != HCI_SUCCESS) {
1091 /* Allow SCO initiation to continue if waiting for change mode event */
1092 if (p_cmd != NULL) {
1093 p_cmd++; /* bypass length field */
1094 STREAM_TO_UINT16(handle, p_cmd);
1095 btm_sco_chk_pend_unpark(status, handle);
1099 /* Case Falls Through */
1102 case HCI_SNIFF_MODE:
1104 btm_pm_proc_cmd_status(status);
1108 /* If command failed to start, we may need to tell BTM */
1109 if (status != HCI_SUCCESS) {
1112 /* Tell inquiry processing that we are done */
1113 btm_process_inq_complete(status, BTM_BR_INQUIRY_MASK);
1116 case HCI_RMT_NAME_REQUEST:
1117 /* Tell inquiry processing that we are done */
1118 btm_process_remote_name(NULL, NULL, 0, status);
1120 btm_sec_rmt_name_request_complete(NULL, NULL, status);
1123 case HCI_QOS_SETUP_COMP_EVT:
1124 /* Tell qos setup that we are done */
1125 btm_qos_setup_complete(status, 0, NULL);
1128 case HCI_SWITCH_ROLE:
1129 /* Tell BTM that the command failed */
1130 /* read bd addr out of stored command */
1131 if (p_cmd != NULL) {
1133 STREAM_TO_BDADDR(bd_addr, p_cmd);
1134 btm_acl_role_changed(status, &bd_addr, BTM_ROLE_UNDEFINED);
1136 btm_acl_role_changed(status, NULL, BTM_ROLE_UNDEFINED);
1137 l2c_link_role_changed(nullptr, BTM_ROLE_UNDEFINED,
1138 HCI_ERR_COMMAND_DISALLOWED);
1141 case HCI_CREATE_CONNECTION:
1142 /* read bd addr out of stored command */
1143 if (p_cmd != NULL) {
1145 STREAM_TO_BDADDR(bd_addr, p_cmd);
1146 btm_sec_connected(bd_addr, HCI_INVALID_HANDLE, status, 0);
1147 l2c_link_hci_conn_comp(status, HCI_INVALID_HANDLE, bd_addr);
1151 case HCI_READ_RMT_EXT_FEATURES:
1152 if (p_cmd != NULL) {
1153 p_cmd++; /* skip command length */
1154 STREAM_TO_UINT16(handle, p_cmd);
1156 handle = HCI_INVALID_HANDLE;
1158 btm_read_remote_ext_features_failed(status, handle);
1161 case HCI_AUTHENTICATION_REQUESTED:
1162 /* Device refused to start authentication. That should be treated
1163 * as authentication failure. */
1164 btm_sec_auth_complete(BTM_INVALID_HCI_HANDLE, status);
1167 case HCI_SET_CONN_ENCRYPTION:
1168 /* Device refused to start encryption. That should be treated as
1169 * encryption failure. */
1170 btm_sec_encrypt_change(BTM_INVALID_HCI_HANDLE, status, false);
1173 case HCI_BLE_CREATE_LL_CONN:
1174 btm_ble_create_ll_conn_complete(status);
1177 #if (BTM_SCO_INCLUDED == TRUE)
1178 case HCI_SETUP_ESCO_CONNECTION:
1179 case HCI_ENH_SETUP_ESCO_CONNECTION:
1180 /* read handle out of stored command */
1181 if (p_cmd != NULL) {
1183 STREAM_TO_UINT16(handle, p_cmd);
1185 /* Determine if initial connection failed or is a change
1187 if (btm_is_sco_active(handle))
1188 btm_esco_proc_conn_chg(status, handle, 0, 0, 0, 0);
1190 btm_sco_connected(status, NULL, handle, &esco_data);
1195 /* This is commented out until an upper layer cares about returning
1197 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
1198 case HCI_ENHANCED_FLUSH:
1203 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
1204 btm_vsc_complete(&status, opcode, 1,
1205 (tBTM_CMPL_CB*)p_vsc_status_cback);
1210 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
1211 btm_vsc_complete(&status, opcode, 1,
1212 (tBTM_CMPL_CB*)p_vsc_status_cback);
1217 /*******************************************************************************
1219 * Function btu_hcif_command_status_evt
1221 * Description Process event HCI_COMMAND_STATUS_EVT
1225 ******************************************************************************/
1226 static void btu_hcif_command_status_evt_on_task(uint8_t status, BT_HDR* event,
1228 command_opcode_t opcode;
1229 uint8_t* stream = event->data + event->offset;
1230 STREAM_TO_UINT16(opcode, stream);
1232 btu_hcif_hdl_command_status(opcode, status, stream, context);
1236 static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
1238 do_in_hci_thread(FROM_HERE, base::Bind(btu_hcif_command_status_evt_on_task,
1239 status, command, context));
1242 /*******************************************************************************
1244 * Function btu_hcif_hardware_error_evt
1246 * Description Process event HCI_HARDWARE_ERROR_EVT
1250 ******************************************************************************/
1251 static void btu_hcif_hardware_error_evt(uint8_t* p) {
1252 HCI_TRACE_ERROR("Ctlr H/w error event - code:0x%x", *p);
1254 /* If anyone wants device status notifications, give him one. */
1255 btm_report_device_status(BTM_DEV_STATUS_DOWN);
1257 /* Reset the controller */
1258 if (BTM_IsDeviceUp()) BTM_DeviceReset(NULL);
1261 /*******************************************************************************
1263 * Function btu_hcif_flush_occured_evt
1265 * Description Process event HCI_FLUSH_OCCURED_EVT
1269 ******************************************************************************/
1270 static void btu_hcif_flush_occured_evt(void) {}
1272 /*******************************************************************************
1274 * Function btu_hcif_role_change_evt
1276 * Description Process event HCI_ROLE_CHANGE_EVT
1280 ******************************************************************************/
1281 static void btu_hcif_role_change_evt(uint8_t* p) {
1286 STREAM_TO_UINT8(status, p);
1287 STREAM_TO_BDADDR(bda, p);
1288 STREAM_TO_UINT8(role, p);
1290 btm_blacklist_role_change_device(bda, status);
1291 l2c_link_role_changed(&bda, role, status);
1292 btm_acl_role_changed(status, &bda, role);
1295 /*******************************************************************************
1297 * Function btu_hcif_num_compl_data_pkts_evt
1299 * Description Process event HCI_NUM_COMPL_DATA_PKTS_EVT
1303 ******************************************************************************/
1304 static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p) {
1305 /* Process for L2CAP and SCO */
1306 l2c_link_process_num_completed_pkts(p);
1308 /* Send on to SCO */
1309 /*?? No SCO for now */
1312 /*******************************************************************************
1314 * Function btu_hcif_mode_change_evt
1316 * Description Process event HCI_MODE_CHANGE_EVT
1320 ******************************************************************************/
1321 static void btu_hcif_mode_change_evt(uint8_t* p) {
1324 uint8_t current_mode;
1327 STREAM_TO_UINT8(status, p);
1329 STREAM_TO_UINT16(handle, p);
1330 STREAM_TO_UINT8(current_mode, p);
1331 STREAM_TO_UINT16(interval, p);
1332 #if (BTM_SCO_WAKE_PARKED_LINK == TRUE)
1333 btm_sco_chk_pend_unpark(status, handle);
1335 btm_pm_proc_mode_change(status, handle, current_mode, interval);
1337 #if (HID_DEV_INCLUDED == TRUE && HID_DEV_PM_INCLUDED == TRUE)
1338 hidd_pm_proc_mode_change(status, current_mode, interval);
1342 /*******************************************************************************
1344 * Function btu_hcif_ssr_evt
1346 * Description Process event HCI_SNIFF_SUB_RATE_EVT
1350 ******************************************************************************/
1351 #if (BTM_SSR_INCLUDED == TRUE)
1352 static void btu_hcif_ssr_evt(uint8_t* p, uint16_t evt_len) {
1353 btm_pm_proc_ssr_evt(p, evt_len);
1357 /*******************************************************************************
1359 * Function btu_hcif_pin_code_request_evt
1361 * Description Process event HCI_PIN_CODE_REQUEST_EVT
1365 ******************************************************************************/
1366 static void btu_hcif_pin_code_request_evt(uint8_t* p) {
1369 STREAM_TO_BDADDR(bda, p);
1371 /* Tell L2CAP that there was a PIN code request, */
1372 /* it may need to stretch timeouts */
1373 l2c_pin_code_request(bda);
1375 btm_sec_pin_code_request(bda);
1378 /*******************************************************************************
1380 * Function btu_hcif_link_key_request_evt
1382 * Description Process event HCI_LINK_KEY_REQUEST_EVT
1386 ******************************************************************************/
1387 static void btu_hcif_link_key_request_evt(uint8_t* p) {
1390 STREAM_TO_BDADDR(bda, p);
1391 btm_sec_link_key_request(bda);
1394 /*******************************************************************************
1396 * Function btu_hcif_link_key_notification_evt
1398 * Description Process event HCI_LINK_KEY_NOTIFICATION_EVT
1402 ******************************************************************************/
1403 static void btu_hcif_link_key_notification_evt(uint8_t* p) {
1408 STREAM_TO_BDADDR(bda, p);
1409 STREAM_TO_ARRAY16(key, p);
1410 STREAM_TO_UINT8(key_type, p);
1412 btm_sec_link_key_notification(bda, key, key_type);
1415 /*******************************************************************************
1417 * Function btu_hcif_loopback_command_evt
1419 * Description Process event HCI_LOOPBACK_COMMAND_EVT
1423 ******************************************************************************/
1424 static void btu_hcif_loopback_command_evt(void) {}
1426 /*******************************************************************************
1428 * Function btu_hcif_data_buf_overflow_evt
1430 * Description Process event HCI_DATA_BUF_OVERFLOW_EVT
1434 ******************************************************************************/
1435 static void btu_hcif_data_buf_overflow_evt(void) {}
1437 /*******************************************************************************
1439 * Function btu_hcif_max_slots_changed_evt
1441 * Description Process event HCI_MAX_SLOTS_CHANGED_EVT
1445 ******************************************************************************/
1446 static void btu_hcif_max_slots_changed_evt(void) {}
1448 /*******************************************************************************
1450 * Function btu_hcif_read_clock_off_comp_evt
1452 * Description Process event HCI_READ_CLOCK_OFF_COMP_EVT
1456 ******************************************************************************/
1457 static void btu_hcif_read_clock_off_comp_evt(uint8_t* p) {
1460 uint16_t clock_offset;
1462 STREAM_TO_UINT8(status, p);
1464 /* If failed to get clock offset just drop the result */
1465 if (status != HCI_SUCCESS) return;
1467 STREAM_TO_UINT16(handle, p);
1468 STREAM_TO_UINT16(clock_offset, p);
1470 handle = HCID_GET_HANDLE(handle);
1472 btm_process_clk_off_comp_evt(handle, clock_offset);
1473 btm_sec_update_clock_offset(handle, clock_offset);
1476 /*******************************************************************************
1478 * Function btu_hcif_conn_pkt_type_change_evt
1480 * Description Process event HCI_CONN_PKT_TYPE_CHANGE_EVT
1484 ******************************************************************************/
1485 static void btu_hcif_conn_pkt_type_change_evt(void) {}
1487 /*******************************************************************************
1489 * Function btu_hcif_qos_violation_evt
1491 * Description Process event HCI_QOS_VIOLATION_EVT
1495 ******************************************************************************/
1496 static void btu_hcif_qos_violation_evt(uint8_t* p) {
1499 STREAM_TO_UINT16(handle, p);
1501 handle = HCID_GET_HANDLE(handle);
1503 l2c_link_hci_qos_violation(handle);
1506 /*******************************************************************************
1508 * Function btu_hcif_page_scan_mode_change_evt
1510 * Description Process event HCI_PAGE_SCAN_MODE_CHANGE_EVT
1514 ******************************************************************************/
1515 static void btu_hcif_page_scan_mode_change_evt(void) {}
1517 /*******************************************************************************
1519 * Function btu_hcif_page_scan_rep_mode_chng_evt
1521 * Description Process event HCI_PAGE_SCAN_REP_MODE_CHNG_EVT
1525 ******************************************************************************/
1526 static void btu_hcif_page_scan_rep_mode_chng_evt(void) {}
1528 /**********************************************
1529 * Simple Pairing Events
1530 **********************************************/
1532 /*******************************************************************************
1534 * Function btu_hcif_host_support_evt
1536 * Description Process event HCI_RMT_HOST_SUP_FEAT_NOTIFY_EVT
1540 ******************************************************************************/
1541 static void btu_hcif_host_support_evt(uint8_t* p) {
1542 btm_sec_rmt_host_support_feat_evt(p);
1545 /*******************************************************************************
1547 * Function btu_hcif_io_cap_request_evt
1549 * Description Process event HCI_IO_CAPABILITY_REQUEST_EVT
1553 ******************************************************************************/
1554 static void btu_hcif_io_cap_request_evt(uint8_t* p) {
1556 STREAM_TO_BDADDR(bda, p);
1557 btm_io_capabilities_req(bda);
1560 /*******************************************************************************
1562 * Function btu_hcif_io_cap_response_evt
1564 * Description Process event HCI_IO_CAPABILITY_RESPONSE_EVT
1568 ******************************************************************************/
1569 static void btu_hcif_io_cap_response_evt(uint8_t* p) {
1570 btm_io_capabilities_rsp(p);
1573 /*******************************************************************************
1575 * Function btu_hcif_user_conf_request_evt
1577 * Description Process event HCI_USER_CONFIRMATION_REQUEST_EVT
1581 ******************************************************************************/
1582 static void btu_hcif_user_conf_request_evt(uint8_t* p) {
1583 btm_proc_sp_req_evt(BTM_SP_CFM_REQ_EVT, p);
1586 /*******************************************************************************
1588 * Function btu_hcif_user_passkey_request_evt
1590 * Description Process event HCI_USER_PASSKEY_REQUEST_EVT
1594 ******************************************************************************/
1595 static void btu_hcif_user_passkey_request_evt(uint8_t* p) {
1596 btm_proc_sp_req_evt(BTM_SP_KEY_REQ_EVT, p);
1599 /*******************************************************************************
1601 * Function btu_hcif_user_passkey_notif_evt
1603 * Description Process event HCI_USER_PASSKEY_NOTIFY_EVT
1607 ******************************************************************************/
1608 static void btu_hcif_user_passkey_notif_evt(uint8_t* p) {
1609 btm_proc_sp_req_evt(BTM_SP_KEY_NOTIF_EVT, p);
1612 /*******************************************************************************
1614 * Function btu_hcif_keypress_notif_evt
1616 * Description Process event HCI_KEYPRESS_NOTIFY_EVT
1620 ******************************************************************************/
1621 static void btu_hcif_keypress_notif_evt(uint8_t* p) {
1622 btm_keypress_notif_evt(p);
1625 /*******************************************************************************
1627 * Function btu_hcif_rem_oob_request_evt
1629 * Description Process event HCI_REMOTE_OOB_DATA_REQUEST_EVT
1633 ******************************************************************************/
1634 static void btu_hcif_rem_oob_request_evt(uint8_t* p) { btm_rem_oob_req(p); }
1636 /*******************************************************************************
1638 * Function btu_hcif_simple_pair_complete_evt
1640 * Description Process event HCI_SIMPLE_PAIRING_COMPLETE_EVT
1644 ******************************************************************************/
1645 static void btu_hcif_simple_pair_complete_evt(uint8_t* p) {
1646 btm_simple_pair_complete(p);
1649 /*******************************************************************************
1651 * Function btu_hcif_enhanced_flush_complete_evt
1653 * Description Process event HCI_ENHANCED_FLUSH_COMPLETE_EVT
1657 ******************************************************************************/
1658 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
1659 static void btu_hcif_enhanced_flush_complete_evt(void) {
1660 /* This is empty until an upper layer cares about returning event */
1663 /**********************************************
1664 * End of Simple Pairing Events
1665 **********************************************/
1667 static void read_encryption_key_size_complete_after_key_refresh(
1668 uint8_t status, uint16_t handle, uint8_t key_size) {
1669 if (status == HCI_ERR_INSUFFCIENT_SECURITY) {
1670 /* If remote device stop the encryption before we call "Read Encryption Key
1671 * Size", we might receive Insufficient Security, which means that link is
1672 * no longer encrypted. */
1673 HCI_TRACE_WARNING("%s encryption stopped on link: 0x%02x", __func__,
1678 if (status != HCI_SUCCESS) {
1679 HCI_TRACE_WARNING("%s: disconnecting, status: 0x%02x", __func__, status);
1680 btsnd_hcic_disconnect(handle, HCI_ERR_PEER_USER);
1684 if (key_size < MIN_KEY_SIZE) {
1685 android_errorWriteLog(0x534e4554, "124301137");
1687 "%s encryption key too short, disconnecting. handle: 0x%02x, key_size: "
1689 __func__, handle, key_size);
1691 btsnd_hcic_disconnect(handle, HCI_ERR_HOST_REJECT_SECURITY);
1695 btm_sec_encrypt_change(handle, status, 1 /* enc_enable */);
1698 static void btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t* p) {
1702 STREAM_TO_UINT8(status, p);
1703 STREAM_TO_UINT16(handle, p);
1705 if (status != HCI_SUCCESS || BTM_IsBleConnection(handle)) {
1706 btm_sec_encrypt_change(handle, status, (status == HCI_SUCCESS) ? 1 : 0);
1708 btsnd_hcic_read_encryption_key_size(
1710 base::Bind(&read_encryption_key_size_complete_after_key_refresh));
1714 /**********************************************
1716 **********************************************/
1718 static void btu_ble_ll_conn_complete_evt(uint8_t* p, uint16_t evt_len) {
1719 btm_ble_conn_complete(p, evt_len, false);
1721 #if (BLE_PRIVACY_SPT == TRUE)
1722 static void btu_ble_proc_enhanced_conn_cmpl(uint8_t* p, uint16_t evt_len) {
1723 btm_ble_conn_complete(p, evt_len, true);
1727 extern void gatt_notify_conn_update(uint16_t handle, uint16_t interval,
1728 uint16_t latency, uint16_t timeout,
1731 static void btu_ble_ll_conn_param_upd_evt(uint8_t* p, uint16_t evt_len) {
1732 /* LE connection update has completed successfully as a master. */
1733 /* We can enable the update request if the result is a success. */
1734 /* extract the HCI handle first */
1741 STREAM_TO_UINT8(status, p);
1742 STREAM_TO_UINT16(handle, p);
1743 STREAM_TO_UINT16(interval, p);
1744 STREAM_TO_UINT16(latency, p);
1745 STREAM_TO_UINT16(timeout, p);
1747 l2cble_process_conn_update_evt(handle, status, interval, latency, timeout);
1749 gatt_notify_conn_update(handle & 0x0FFF, interval, latency, timeout, status);
1752 static void btu_ble_read_remote_feat_evt(uint8_t* p) {
1753 btm_ble_read_remote_features_complete(p);
1756 static void btu_ble_proc_ltk_req(uint8_t* p) {
1757 uint16_t ediv, handle;
1760 STREAM_TO_UINT16(handle, p);
1762 STREAM_TO_UINT16(ediv, pp);
1763 btm_ble_ltk_request(handle, p, ediv);
1764 /* This is empty until an upper layer cares about returning event */
1767 static void btu_ble_data_length_change_evt(uint8_t* p, uint16_t evt_len) {
1769 uint16_t tx_data_len;
1770 uint16_t rx_data_len;
1772 if (!controller_get_interface()->supports_ble_packet_extension()) {
1773 HCI_TRACE_WARNING("%s, request not supported", __func__);
1777 STREAM_TO_UINT16(handle, p);
1778 STREAM_TO_UINT16(tx_data_len, p);
1779 p += 2; /* Skip the TxTimer */
1780 STREAM_TO_UINT16(rx_data_len, p);
1782 l2cble_process_data_length_change_event(handle, tx_data_len, rx_data_len);
1785 /**********************************************
1786 * End of BLE Events Handler
1787 **********************************************/
1788 #if (BLE_LLT_INCLUDED == TRUE)
1789 static void btu_ble_rc_param_req_evt(uint8_t* p) {
1791 uint16_t int_min, int_max, latency, timeout;
1793 STREAM_TO_UINT16(handle, p);
1794 STREAM_TO_UINT16(int_min, p);
1795 STREAM_TO_UINT16(int_max, p);
1796 STREAM_TO_UINT16(latency, p);
1797 STREAM_TO_UINT16(timeout, p);
1799 l2cble_process_rc_param_request_evt(handle, int_min, int_max, latency,
1802 #endif /* BLE_LLT_INCLUDED */