1 /******************************************************************************
3 * Copyright 1999-2012 Broadcom Corporation
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
17 ******************************************************************************/
19 /******************************************************************************
21 * This file contains functions that interface with the HCI transport. On
22 * the receive side, it routes events to the appropriate handler, e.g.
23 * L2CAP, ScoMgr. On the transmit side, it manages the command
26 ******************************************************************************/
28 #define LOG_TAG "bt_btu_hcif"
30 #include <base/bind.h>
31 #include <base/callback.h>
32 #include <base/location.h>
33 #include <base/logging.h>
34 #include <base/threading/thread.h>
35 #include <frameworks/base/core/proto/android/bluetooth/enums.pb.h>
36 #include <frameworks/base/core/proto/android/bluetooth/hci/enums.pb.h>
43 #include "bt_common.h"
49 #include "common/metrics.h"
50 #include "device/include/controller.h"
51 #include "hci_layer.h"
54 #include "osi/include/log.h"
55 #include "osi/include/osi.h"
59 extern void btm_process_cancel_complete(uint8_t status, uint8_t mode);
60 extern void btm_ble_test_command_complete(uint8_t* p);
61 extern void smp_cancel_start_encryption_attempt();
63 /******************************************************************************/
64 /* L O C A L F U N C T I O N P R O T O T Y P E S */
65 /******************************************************************************/
66 static void btu_hcif_inquiry_comp_evt(uint8_t* p);
67 static void btu_hcif_inquiry_result_evt(uint8_t* p);
68 static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p);
69 static void btu_hcif_extended_inquiry_result_evt(uint8_t* p);
71 static void btu_hcif_connection_comp_evt(uint8_t* p);
72 static void btu_hcif_connection_request_evt(uint8_t* p);
73 static void btu_hcif_disconnection_comp_evt(uint8_t* p);
74 static void btu_hcif_authentication_comp_evt(uint8_t* p);
75 static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len);
76 static void btu_hcif_encryption_change_evt(uint8_t* p);
77 static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p);
78 static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p,
80 static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p);
81 static void btu_hcif_qos_setup_comp_evt(uint8_t* p);
82 static void btu_hcif_command_complete_evt(BT_HDR* response, void* context);
83 static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
85 static void btu_hcif_hardware_error_evt(uint8_t* p);
86 static void btu_hcif_flush_occured_evt(void);
87 static void btu_hcif_role_change_evt(uint8_t* p);
88 static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p);
89 static void btu_hcif_mode_change_evt(uint8_t* p);
90 static void btu_hcif_pin_code_request_evt(uint8_t* p);
91 static void btu_hcif_link_key_request_evt(uint8_t* p);
92 static void btu_hcif_link_key_notification_evt(uint8_t* p);
93 static void btu_hcif_loopback_command_evt(void);
94 static void btu_hcif_data_buf_overflow_evt(void);
95 static void btu_hcif_max_slots_changed_evt(void);
96 static void btu_hcif_read_clock_off_comp_evt(uint8_t* p);
97 static void btu_hcif_conn_pkt_type_change_evt(void);
98 static void btu_hcif_qos_violation_evt(uint8_t* p);
99 static void btu_hcif_page_scan_mode_change_evt(void);
100 static void btu_hcif_page_scan_rep_mode_chng_evt(void);
101 static void btu_hcif_esco_connection_comp_evt(uint8_t* p);
102 static void btu_hcif_esco_connection_chg_evt(uint8_t* p);
104 /* Simple Pairing Events */
105 static void btu_hcif_host_support_evt(uint8_t* p);
106 static void btu_hcif_io_cap_request_evt(uint8_t* p);
107 static void btu_hcif_io_cap_response_evt(uint8_t* p);
108 static void btu_hcif_user_conf_request_evt(uint8_t* p);
109 static void btu_hcif_user_passkey_request_evt(uint8_t* p);
110 static void btu_hcif_user_passkey_notif_evt(uint8_t* p);
111 static void btu_hcif_keypress_notif_evt(uint8_t* p);
112 static void btu_hcif_rem_oob_request_evt(uint8_t* p);
114 static void btu_hcif_simple_pair_complete_evt(uint8_t* p);
115 #if L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE
116 static void btu_hcif_enhanced_flush_complete_evt(void);
119 #if (BTM_SSR_INCLUDED == TRUE)
120 static void btu_hcif_ssr_evt(uint8_t* p, uint16_t evt_len);
121 #endif /* BTM_SSR_INCLUDED == TRUE */
123 static void btu_ble_ll_conn_complete_evt(uint8_t* p, uint16_t evt_len);
124 static void btu_ble_read_remote_feat_evt(uint8_t* p);
125 static void btu_ble_ll_conn_param_upd_evt(uint8_t* p, uint16_t evt_len);
126 static void btu_ble_proc_ltk_req(uint8_t* p);
127 static void btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t* p);
128 static void btu_ble_data_length_change_evt(uint8_t* p, uint16_t evt_len);
129 #if (BLE_LLT_INCLUDED == TRUE)
130 static void btu_ble_rc_param_req_evt(uint8_t* p);
132 #if (BLE_PRIVACY_SPT == TRUE)
133 static void btu_ble_proc_enhanced_conn_cmpl(uint8_t* p, uint16_t evt_len);
137 * Log HCI event metrics that are not handled in special functions
138 * @param evt_code event code
139 * @param p_event pointer to event parameter, skipping paremter length
141 void btu_hcif_log_event_metrics(uint8_t evt_code, uint8_t* p_event) {
142 uint32_t cmd = android::bluetooth::hci::CMD_UNKNOWN;
143 uint16_t status = android::bluetooth::hci::STATUS_UNKNOWN;
144 uint16_t reason = android::bluetooth::hci::STATUS_UNKNOWN;
145 uint16_t handle = bluetooth::common::kUnknownConnectionHandle;
148 RawAddress bda = RawAddress::kEmpty;
150 case HCI_IO_CAPABILITY_REQUEST_EVT:
151 case HCI_IO_CAPABILITY_RESPONSE_EVT:
152 case HCI_LINK_KEY_REQUEST_EVT:
153 case HCI_LINK_KEY_NOTIFICATION_EVT:
154 case HCI_USER_PASSKEY_REQUEST_EVT:
155 case HCI_USER_PASSKEY_NOTIFY_EVT:
156 case HCI_USER_CONFIRMATION_REQUEST_EVT:
157 case HCI_KEYPRESS_NOTIFY_EVT:
158 case HCI_REMOTE_OOB_DATA_REQUEST_EVT:
159 STREAM_TO_BDADDR(bda, p_event);
160 bluetooth::common::LogClassicPairingEvent(bda, handle, cmd, evt_code, status, reason, value);
162 case HCI_SIMPLE_PAIRING_COMPLETE_EVT:
163 case HCI_RMT_NAME_REQUEST_COMP_EVT:
164 STREAM_TO_UINT8(status, p_event);
165 STREAM_TO_BDADDR(bda, p_event);
166 bluetooth::common::LogClassicPairingEvent(bda, handle, cmd, evt_code, status, reason, value);
168 case HCI_AUTHENTICATION_COMP_EVT:
169 STREAM_TO_UINT8(status, p_event);
170 STREAM_TO_UINT16(handle, p_event);
171 handle = HCID_GET_HANDLE(handle);
172 bluetooth::common::LogClassicPairingEvent(bda, handle, cmd, evt_code, status, reason, value);
174 case HCI_ENCRYPTION_CHANGE_EVT: {
175 uint8_t encryption_enabled;
176 STREAM_TO_UINT8(status, p_event);
177 STREAM_TO_UINT16(handle, p_event);
178 STREAM_TO_UINT8(encryption_enabled, p_event);
179 bluetooth::common::LogClassicPairingEvent(bda, handle, cmd, evt_code, status, reason, encryption_enabled);
182 case HCI_CONNECTION_COMP_EVT: {
184 STREAM_TO_UINT8(status, p_event);
185 STREAM_TO_UINT16(handle, p_event);
186 STREAM_TO_BDADDR(bda, p_event);
187 STREAM_TO_UINT8(link_type, p_event);
188 handle = HCID_GET_HANDLE(handle);
189 bluetooth::common::LogLinkLayerConnectionEvent(
190 &bda, handle, android::bluetooth::DIRECTION_UNKNOWN, link_type, cmd,
191 evt_code, android::bluetooth::hci::BLE_EVT_UNKNOWN, status, reason);
194 case HCI_CONNECTION_REQUEST_EVT: {
197 STREAM_TO_BDADDR(bda, p_event);
198 STREAM_TO_DEVCLASS(dc, p_event);
199 STREAM_TO_UINT8(link_type, p_event);
200 bluetooth::common::LogLinkLayerConnectionEvent(
201 &bda, bluetooth::common::kUnknownConnectionHandle,
202 android::bluetooth::DIRECTION_INCOMING, link_type, cmd, evt_code,
203 android::bluetooth::hci::BLE_EVT_UNKNOWN, status, reason);
206 case HCI_DISCONNECTION_COMP_EVT: {
207 STREAM_TO_UINT8(status, p_event);
208 STREAM_TO_UINT16(handle, p_event);
209 STREAM_TO_UINT8(reason, p_event);
210 handle = HCID_GET_HANDLE(handle);
211 bluetooth::common::LogLinkLayerConnectionEvent(
212 nullptr, handle, android::bluetooth::DIRECTION_UNKNOWN,
213 android::bluetooth::LINK_TYPE_UNKNOWN, cmd, evt_code,
214 android::bluetooth::hci::BLE_EVT_UNKNOWN, status, reason);
217 case HCI_ESCO_CONNECTION_COMP_EVT: {
219 STREAM_TO_UINT8(status, p_event);
220 STREAM_TO_UINT16(handle, p_event);
221 STREAM_TO_BDADDR(bda, p_event);
222 STREAM_TO_UINT8(link_type, p_event);
223 handle = HCID_GET_HANDLE(handle);
224 bluetooth::common::LogLinkLayerConnectionEvent(
225 &bda, handle, android::bluetooth::DIRECTION_UNKNOWN, link_type, cmd,
226 evt_code, android::bluetooth::hci::BLE_EVT_UNKNOWN, status, reason);
229 case HCI_ESCO_CONNECTION_CHANGED_EVT: {
230 STREAM_TO_UINT8(status, p_event);
231 STREAM_TO_UINT16(handle, p_event);
232 handle = HCID_GET_HANDLE(handle);
233 bluetooth::common::LogLinkLayerConnectionEvent(
234 nullptr, handle, android::bluetooth::DIRECTION_UNKNOWN,
235 android::bluetooth::LINK_TYPE_UNKNOWN, cmd, evt_code,
236 android::bluetooth::hci::BLE_EVT_UNKNOWN, status, reason);
242 /*******************************************************************************
244 * Function btu_hcif_process_event
246 * Description This function is called when an event is received from
247 * the Host Controller.
251 ******************************************************************************/
252 void btu_hcif_process_event(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_msg) {
253 uint8_t* p = (uint8_t*)(p_msg + 1) + p_msg->offset;
254 uint8_t hci_evt_code, hci_evt_len;
255 uint8_t ble_sub_code;
256 STREAM_TO_UINT8(hci_evt_code, p);
257 STREAM_TO_UINT8(hci_evt_len, p);
259 btu_hcif_log_event_metrics(hci_evt_code, p);
261 switch (hci_evt_code) {
262 case HCI_INQUIRY_COMP_EVT:
263 btu_hcif_inquiry_comp_evt(p);
265 case HCI_INQUIRY_RESULT_EVT:
266 btu_hcif_inquiry_result_evt(p);
268 case HCI_INQUIRY_RSSI_RESULT_EVT:
269 btu_hcif_inquiry_rssi_result_evt(p);
271 case HCI_EXTENDED_INQUIRY_RESULT_EVT:
272 btu_hcif_extended_inquiry_result_evt(p);
274 case HCI_CONNECTION_COMP_EVT:
275 btu_hcif_connection_comp_evt(p);
277 case HCI_CONNECTION_REQUEST_EVT:
278 btu_hcif_connection_request_evt(p);
280 case HCI_DISCONNECTION_COMP_EVT:
281 btu_hcif_disconnection_comp_evt(p);
283 case HCI_AUTHENTICATION_COMP_EVT:
284 btu_hcif_authentication_comp_evt(p);
286 case HCI_RMT_NAME_REQUEST_COMP_EVT:
287 btu_hcif_rmt_name_request_comp_evt(p, hci_evt_len);
289 case HCI_ENCRYPTION_CHANGE_EVT:
290 btu_hcif_encryption_change_evt(p);
292 case HCI_ENCRYPTION_KEY_REFRESH_COMP_EVT:
293 btu_hcif_encryption_key_refresh_cmpl_evt(p);
295 case HCI_READ_RMT_FEATURES_COMP_EVT:
296 btu_hcif_read_rmt_features_comp_evt(p);
298 case HCI_READ_RMT_EXT_FEATURES_COMP_EVT:
299 btu_hcif_read_rmt_ext_features_comp_evt(p, hci_evt_len);
301 case HCI_READ_RMT_VERSION_COMP_EVT:
302 btu_hcif_read_rmt_version_comp_evt(p);
304 case HCI_QOS_SETUP_COMP_EVT:
305 btu_hcif_qos_setup_comp_evt(p);
307 case HCI_COMMAND_COMPLETE_EVT:
309 "%s should not have received a command complete event. "
310 "Someone didn't go through the hci transmit_command function.",
313 case HCI_COMMAND_STATUS_EVT:
315 "%s should not have received a command status event. "
316 "Someone didn't go through the hci transmit_command function.",
319 case HCI_HARDWARE_ERROR_EVT:
320 btu_hcif_hardware_error_evt(p);
322 case HCI_FLUSH_OCCURED_EVT:
323 btu_hcif_flush_occured_evt();
325 case HCI_ROLE_CHANGE_EVT:
326 btu_hcif_role_change_evt(p);
328 case HCI_NUM_COMPL_DATA_PKTS_EVT:
329 btu_hcif_num_compl_data_pkts_evt(p);
331 case HCI_MODE_CHANGE_EVT:
332 btu_hcif_mode_change_evt(p);
334 case HCI_PIN_CODE_REQUEST_EVT:
335 btu_hcif_pin_code_request_evt(p);
337 case HCI_LINK_KEY_REQUEST_EVT:
338 btu_hcif_link_key_request_evt(p);
340 case HCI_LINK_KEY_NOTIFICATION_EVT:
341 btu_hcif_link_key_notification_evt(p);
343 case HCI_LOOPBACK_COMMAND_EVT:
344 btu_hcif_loopback_command_evt();
346 case HCI_DATA_BUF_OVERFLOW_EVT:
347 btu_hcif_data_buf_overflow_evt();
349 case HCI_MAX_SLOTS_CHANGED_EVT:
350 btu_hcif_max_slots_changed_evt();
352 case HCI_READ_CLOCK_OFF_COMP_EVT:
353 btu_hcif_read_clock_off_comp_evt(p);
355 case HCI_CONN_PKT_TYPE_CHANGE_EVT:
356 btu_hcif_conn_pkt_type_change_evt();
358 case HCI_QOS_VIOLATION_EVT:
359 btu_hcif_qos_violation_evt(p);
361 case HCI_PAGE_SCAN_MODE_CHANGE_EVT:
362 btu_hcif_page_scan_mode_change_evt();
364 case HCI_PAGE_SCAN_REP_MODE_CHNG_EVT:
365 btu_hcif_page_scan_rep_mode_chng_evt();
367 case HCI_ESCO_CONNECTION_COMP_EVT:
368 btu_hcif_esco_connection_comp_evt(p);
370 case HCI_ESCO_CONNECTION_CHANGED_EVT:
371 btu_hcif_esco_connection_chg_evt(p);
373 #if (BTM_SSR_INCLUDED == TRUE)
374 case HCI_SNIFF_SUB_RATE_EVT:
375 btu_hcif_ssr_evt(p, hci_evt_len);
377 #endif /* BTM_SSR_INCLUDED == TRUE */
378 case HCI_RMT_HOST_SUP_FEAT_NOTIFY_EVT:
379 btu_hcif_host_support_evt(p);
381 case HCI_IO_CAPABILITY_REQUEST_EVT:
382 btu_hcif_io_cap_request_evt(p);
384 case HCI_IO_CAPABILITY_RESPONSE_EVT:
385 btu_hcif_io_cap_response_evt(p);
387 case HCI_USER_CONFIRMATION_REQUEST_EVT:
388 btu_hcif_user_conf_request_evt(p);
390 case HCI_USER_PASSKEY_REQUEST_EVT:
391 btu_hcif_user_passkey_request_evt(p);
393 case HCI_REMOTE_OOB_DATA_REQUEST_EVT:
394 btu_hcif_rem_oob_request_evt(p);
396 case HCI_SIMPLE_PAIRING_COMPLETE_EVT:
397 btu_hcif_simple_pair_complete_evt(p);
399 case HCI_USER_PASSKEY_NOTIFY_EVT:
400 btu_hcif_user_passkey_notif_evt(p);
402 case HCI_KEYPRESS_NOTIFY_EVT:
403 btu_hcif_keypress_notif_evt(p);
405 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
406 case HCI_ENHANCED_FLUSH_COMPLETE_EVT:
407 btu_hcif_enhanced_flush_complete_evt();
411 case HCI_BLE_EVENT: {
412 STREAM_TO_UINT8(ble_sub_code, p);
414 HCI_TRACE_EVENT("BLE HCI(id=%d) event = 0x%02x)", hci_evt_code,
417 uint8_t ble_evt_len = hci_evt_len - 1;
418 switch (ble_sub_code) {
419 case HCI_BLE_ADV_PKT_RPT_EVT: /* result of inquiry */
420 HCI_TRACE_EVENT("HCI_BLE_ADV_PKT_RPT_EVT");
421 btm_ble_process_adv_pkt(ble_evt_len, p);
423 case HCI_BLE_CONN_COMPLETE_EVT:
424 btu_ble_ll_conn_complete_evt(p, hci_evt_len);
426 case HCI_BLE_LL_CONN_PARAM_UPD_EVT:
427 btu_ble_ll_conn_param_upd_evt(p, hci_evt_len);
429 case HCI_BLE_READ_REMOTE_FEAT_CMPL_EVT:
430 btu_ble_read_remote_feat_evt(p);
432 case HCI_BLE_LTK_REQ_EVT: /* received only at slave device */
433 btu_ble_proc_ltk_req(p);
435 #if (BLE_PRIVACY_SPT == TRUE)
436 case HCI_BLE_ENHANCED_CONN_COMPLETE_EVT:
437 btu_ble_proc_enhanced_conn_cmpl(p, hci_evt_len);
440 #if (BLE_LLT_INCLUDED == TRUE)
441 case HCI_BLE_RC_PARAM_REQ_EVT:
442 btu_ble_rc_param_req_evt(p);
445 case HCI_BLE_DATA_LENGTH_CHANGE_EVT:
446 btu_ble_data_length_change_evt(p, hci_evt_len);
449 case HCI_BLE_PHY_UPDATE_COMPLETE_EVT:
450 btm_ble_process_phy_update_pkt(ble_evt_len, p);
453 case HCI_LE_EXTENDED_ADVERTISING_REPORT_EVT:
454 btm_ble_process_ext_adv_pkt(hci_evt_len, p);
457 case HCI_LE_ADVERTISING_SET_TERMINATED_EVT:
458 btm_le_on_advertising_set_terminated(p, hci_evt_len);
464 case HCI_VENDOR_SPECIFIC_EVT:
465 btm_vendor_specific_evt(p, hci_evt_len);
470 static void btu_hcif_log_command_metrics(uint16_t opcode, uint8_t* p_cmd,
472 bool is_cmd_status) {
473 static uint16_t kUnknownBleEvt = android::bluetooth::hci::BLE_EVT_UNKNOWN;
475 uint16_t hci_event = android::bluetooth::hci::EVT_COMMAND_STATUS;
476 if (!is_cmd_status) {
477 hci_event = android::bluetooth::hci::EVT_UNKNOWN;
478 cmd_status = android::bluetooth::hci::STATUS_UNKNOWN;
486 case HCI_CREATE_CONNECTION:
487 case HCI_CREATE_CONNECTION_CANCEL:
488 STREAM_TO_BDADDR(bd_addr, p_cmd);
489 bluetooth::common::LogLinkLayerConnectionEvent(
490 &bd_addr, bluetooth::common::kUnknownConnectionHandle,
491 android::bluetooth::DIRECTION_OUTGOING,
492 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event, kUnknownBleEvt,
493 cmd_status, android::bluetooth::hci::STATUS_UNKNOWN);
496 STREAM_TO_UINT16(handle, p_cmd);
497 STREAM_TO_UINT8(reason, p_cmd);
498 bluetooth::common::LogLinkLayerConnectionEvent(
499 nullptr, handle, android::bluetooth::DIRECTION_UNKNOWN,
500 android::bluetooth::LINK_TYPE_UNKNOWN, opcode, hci_event,
501 kUnknownBleEvt, cmd_status, reason);
503 case HCI_SETUP_ESCO_CONNECTION:
504 case HCI_ENH_SETUP_ESCO_CONNECTION:
505 STREAM_TO_UINT16(handle, p_cmd);
506 bluetooth::common::LogLinkLayerConnectionEvent(
507 nullptr, handle, android::bluetooth::DIRECTION_OUTGOING,
508 android::bluetooth::LINK_TYPE_UNKNOWN, opcode, hci_event,
509 kUnknownBleEvt, cmd_status, android::bluetooth::hci::STATUS_UNKNOWN);
511 case HCI_ACCEPT_CONNECTION_REQUEST:
512 case HCI_ACCEPT_ESCO_CONNECTION:
513 case HCI_ENH_ACCEPT_ESCO_CONNECTION:
514 STREAM_TO_BDADDR(bd_addr, p_cmd);
515 bluetooth::common::LogLinkLayerConnectionEvent(
516 &bd_addr, bluetooth::common::kUnknownConnectionHandle,
517 android::bluetooth::DIRECTION_INCOMING,
518 android::bluetooth::LINK_TYPE_UNKNOWN, opcode, hci_event,
519 kUnknownBleEvt, cmd_status, android::bluetooth::hci::STATUS_UNKNOWN);
521 case HCI_REJECT_CONNECTION_REQUEST:
522 case HCI_REJECT_ESCO_CONNECTION:
523 STREAM_TO_BDADDR(bd_addr, p_cmd);
524 STREAM_TO_UINT8(reason, p_cmd);
525 bluetooth::common::LogLinkLayerConnectionEvent(
526 &bd_addr, bluetooth::common::kUnknownConnectionHandle,
527 android::bluetooth::DIRECTION_INCOMING,
528 android::bluetooth::LINK_TYPE_UNKNOWN, opcode, hci_event,
529 kUnknownBleEvt, cmd_status, reason);
533 case HCI_BLE_CREATE_LL_CONN: {
534 p_cmd += 2; // Skip LE_Scan_Interval
535 p_cmd += 2; // Skip LE_Scan_Window;
536 uint8_t initiator_filter_policy;
537 STREAM_TO_UINT8(initiator_filter_policy, p_cmd);
538 uint8_t peer_address_type;
539 STREAM_TO_UINT8(peer_address_type, p_cmd);
540 STREAM_TO_BDADDR(bd_addr, p_cmd);
541 // Peer address should not be used if initiator filter policy is not 0x00
542 const RawAddress* bd_addr_p = nullptr;
543 if (initiator_filter_policy == 0x00) {
544 bd_addr_p = &bd_addr;
545 #if (BLE_PRIVACY_SPT == TRUE)
546 if (peer_address_type == BLE_ADDR_PUBLIC_ID ||
547 peer_address_type == BLE_ADDR_RANDOM_ID) {
548 // if identity address is not matched, this address is invalid
549 if (!btm_identity_addr_to_random_pseudo(&bd_addr, &peer_address_type,
556 if (initiator_filter_policy == 0x00 ||
557 (cmd_status != HCI_SUCCESS && !is_cmd_status)) {
558 // Selectively log to avoid log spam due to whitelist connections:
559 // - When doing non-whitelist connection
560 // - When there is an error in command status
561 bluetooth::common::LogLinkLayerConnectionEvent(
562 bd_addr_p, bluetooth::common::kUnknownConnectionHandle,
563 android::bluetooth::DIRECTION_OUTGOING,
564 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event,
565 kUnknownBleEvt, cmd_status,
566 android::bluetooth::hci::STATUS_UNKNOWN);
570 case HCI_LE_EXTENDED_CREATE_CONNECTION: {
571 uint8_t initiator_filter_policy;
572 STREAM_TO_UINT8(initiator_filter_policy, p_cmd);
573 p_cmd += 1; // Skip Own_Address_Type
574 uint8_t peer_addr_type;
575 STREAM_TO_UINT8(peer_addr_type, p_cmd);
576 STREAM_TO_BDADDR(bd_addr, p_cmd);
577 // Peer address should not be used if initiator filter policy is not 0x00
578 const RawAddress* bd_addr_p = nullptr;
579 if (initiator_filter_policy == 0x00) {
580 bd_addr_p = &bd_addr;
581 #if (BLE_PRIVACY_SPT == TRUE)
582 // if identity address is not matched, this should be a static address
583 btm_identity_addr_to_random_pseudo(&bd_addr, &peer_addr_type, false);
586 if (initiator_filter_policy == 0x00 ||
587 (cmd_status != HCI_SUCCESS && !is_cmd_status)) {
588 // Selectively log to avoid log spam due to whitelist connections:
589 // - When doing non-whitelist connection
590 // - When there is an error in command status
591 bluetooth::common::LogLinkLayerConnectionEvent(
592 bd_addr_p, bluetooth::common::kUnknownConnectionHandle,
593 android::bluetooth::DIRECTION_OUTGOING,
594 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event,
595 kUnknownBleEvt, cmd_status,
596 android::bluetooth::hci::STATUS_UNKNOWN);
600 case HCI_BLE_CREATE_CONN_CANCEL:
601 if (cmd_status != HCI_SUCCESS && !is_cmd_status) {
602 // Only log errors to prevent log spam due to whitelist connections
603 bluetooth::common::LogLinkLayerConnectionEvent(
604 nullptr, bluetooth::common::kUnknownConnectionHandle,
605 android::bluetooth::DIRECTION_OUTGOING,
606 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event,
607 kUnknownBleEvt, cmd_status,
608 android::bluetooth::hci::STATUS_UNKNOWN);
611 case HCI_BLE_CLEAR_WHITE_LIST:
612 bluetooth::common::LogLinkLayerConnectionEvent(
613 nullptr, bluetooth::common::kUnknownConnectionHandle,
614 android::bluetooth::DIRECTION_INCOMING,
615 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event, kUnknownBleEvt,
616 cmd_status, android::bluetooth::hci::STATUS_UNKNOWN);
618 case HCI_BLE_ADD_WHITE_LIST:
619 case HCI_BLE_REMOVE_WHITE_LIST: {
620 uint8_t peer_addr_type;
621 STREAM_TO_UINT8(peer_addr_type, p_cmd);
622 STREAM_TO_BDADDR(bd_addr, p_cmd);
623 const RawAddress* bd_addr_p = nullptr;
624 // When peer_addr_type is 0xFF, bd_addr should be ignored per BT spec
625 if (peer_addr_type != BLE_ADDR_ANONYMOUS) {
626 bd_addr_p = &bd_addr;
627 #if (BLE_PRIVACY_SPT == TRUE)
628 bool addr_is_rpa = peer_addr_type == BLE_ADDR_RANDOM &&
629 BTM_BLE_IS_RESOLVE_BDA(bd_addr);
630 // Only try to match identity address for pseudo if address is not RPA
632 // if identity address is not matched, this should be a static address
633 btm_identity_addr_to_random_pseudo(&bd_addr, &peer_addr_type, false);
637 bluetooth::common::LogLinkLayerConnectionEvent(
638 bd_addr_p, bluetooth::common::kUnknownConnectionHandle,
639 android::bluetooth::DIRECTION_INCOMING,
640 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event, kUnknownBleEvt,
641 cmd_status, android::bluetooth::hci::STATUS_UNKNOWN);
644 case HCI_READ_LOCAL_OOB_DATA:
645 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, bluetooth::common::kUnknownConnectionHandle, opcode,
646 hci_event, cmd_status, android::bluetooth::hci::STATUS_UNKNOWN, 0);
648 case HCI_WRITE_SIMPLE_PAIRING_MODE: {
649 uint8_t simple_pairing_mode;
650 STREAM_TO_UINT8(simple_pairing_mode, p_cmd);
651 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, bluetooth::common::kUnknownConnectionHandle, opcode,
652 hci_event, cmd_status, android::bluetooth::hci::STATUS_UNKNOWN,
653 simple_pairing_mode);
656 case HCI_WRITE_SECURE_CONNS_SUPPORT: {
657 uint8_t secure_conn_host_support;
658 STREAM_TO_UINT8(secure_conn_host_support, p_cmd);
659 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, bluetooth::common::kUnknownConnectionHandle, opcode,
660 hci_event, cmd_status, android::bluetooth::hci::STATUS_UNKNOWN,
661 secure_conn_host_support);
664 case HCI_AUTHENTICATION_REQUESTED:
665 STREAM_TO_UINT16(handle, p_cmd);
666 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, handle, opcode, hci_event, cmd_status,
667 android::bluetooth::hci::STATUS_UNKNOWN, 0);
669 case HCI_SET_CONN_ENCRYPTION: {
670 STREAM_TO_UINT16(handle, p_cmd);
671 uint8_t encryption_enable;
672 STREAM_TO_UINT8(encryption_enable, p_cmd);
673 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, handle, opcode, hci_event, cmd_status,
674 android::bluetooth::hci::STATUS_UNKNOWN, encryption_enable);
677 case HCI_DELETE_STORED_LINK_KEY: {
678 uint8_t delete_all_flag;
679 STREAM_TO_BDADDR(bd_addr, p_cmd);
680 STREAM_TO_UINT8(delete_all_flag, p_cmd);
681 bluetooth::common::LogClassicPairingEvent(bd_addr, bluetooth::common::kUnknownConnectionHandle, opcode, hci_event,
682 cmd_status, android::bluetooth::hci::STATUS_UNKNOWN, delete_all_flag);
685 case HCI_RMT_NAME_REQUEST:
686 case HCI_RMT_NAME_REQUEST_CANCEL:
687 case HCI_LINK_KEY_REQUEST_REPLY:
688 case HCI_LINK_KEY_REQUEST_NEG_REPLY:
689 case HCI_IO_CAPABILITY_REQUEST_REPLY:
690 case HCI_USER_CONF_REQUEST_REPLY:
691 case HCI_USER_CONF_VALUE_NEG_REPLY:
692 case HCI_USER_PASSKEY_REQ_REPLY:
693 case HCI_USER_PASSKEY_REQ_NEG_REPLY:
694 case HCI_REM_OOB_DATA_REQ_REPLY:
695 case HCI_REM_OOB_DATA_REQ_NEG_REPLY:
696 STREAM_TO_BDADDR(bd_addr, p_cmd);
697 bluetooth::common::LogClassicPairingEvent(bd_addr, bluetooth::common::kUnknownConnectionHandle, opcode, hci_event,
698 cmd_status, android::bluetooth::hci::STATUS_UNKNOWN, 0);
700 case HCI_IO_CAP_REQ_NEG_REPLY:
701 STREAM_TO_BDADDR(bd_addr, p_cmd);
702 STREAM_TO_UINT8(reason, p_cmd);
703 bluetooth::common::LogClassicPairingEvent(bd_addr, bluetooth::common::kUnknownConnectionHandle, opcode, hci_event,
704 cmd_status, reason, 0);
709 /*******************************************************************************
711 * Function btu_hcif_send_cmd
713 * Description This function is called to send commands to the Host
718 ******************************************************************************/
719 void btu_hcif_send_cmd(UNUSED_ATTR uint8_t controller_id, BT_HDR* p_buf) {
723 uint8_t* stream = p_buf->data + p_buf->offset;
724 void* vsc_callback = NULL;
726 STREAM_TO_UINT16(opcode, stream);
728 // Eww...horrible hackery here
729 /* If command was a VSC, then extract command_complete callback */
730 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC ||
731 (opcode == HCI_BLE_RAND) || (opcode == HCI_BLE_ENCRYPT)) {
732 vsc_callback = *((void**)(p_buf + 1));
735 // Skip parameter length before logging
737 btu_hcif_log_command_metrics(opcode, stream,
738 android::bluetooth::hci::STATUS_UNKNOWN, false);
740 hci_layer_get_interface()->transmit_command(
741 p_buf, btu_hcif_command_complete_evt, btu_hcif_command_status_evt,
745 using hci_cmd_cb = base::OnceCallback<void(
746 uint8_t* /* return_parameters */, uint16_t /* return_parameters_length*/)>;
748 struct cmd_with_cb_data {
750 Location posted_from;
753 void cmd_with_cb_data_init(cmd_with_cb_data* cb_wrapper) {
754 new (&cb_wrapper->cb) hci_cmd_cb;
755 new (&cb_wrapper->posted_from) Location;
758 void cmd_with_cb_data_cleanup(cmd_with_cb_data* cb_wrapper) {
759 cb_wrapper->cb.~hci_cmd_cb();
760 cb_wrapper->posted_from.~Location();
764 * Log command complete events that is not handled individually in this file
765 * @param opcode opcode of the command
766 * @param p_return_params pointer to returned parameter after parameter length
769 static void btu_hcif_log_command_complete_metrics(uint16_t opcode,
770 uint8_t* p_return_params) {
771 uint16_t status = android::bluetooth::hci::STATUS_UNKNOWN;
772 uint16_t reason = android::bluetooth::hci::STATUS_UNKNOWN;
773 uint16_t hci_event = android::bluetooth::hci::EVT_COMMAND_COMPLETE;
774 uint16_t hci_ble_event = android::bluetooth::hci::BLE_EVT_UNKNOWN;
775 RawAddress bd_addr = RawAddress::kEmpty;
777 case HCI_BLE_CLEAR_WHITE_LIST:
778 case HCI_BLE_ADD_WHITE_LIST:
779 case HCI_BLE_REMOVE_WHITE_LIST: {
780 STREAM_TO_UINT8(status, p_return_params);
781 bluetooth::common::LogLinkLayerConnectionEvent(
782 nullptr, bluetooth::common::kUnknownConnectionHandle,
783 android::bluetooth::DIRECTION_INCOMING,
784 android::bluetooth::LINK_TYPE_ACL, opcode, hci_event, hci_ble_event,
788 case HCI_DELETE_STORED_LINK_KEY:
789 case HCI_READ_LOCAL_OOB_DATA:
790 case HCI_WRITE_SIMPLE_PAIRING_MODE:
791 case HCI_WRITE_SECURE_CONNS_SUPPORT:
792 STREAM_TO_UINT8(status, p_return_params);
793 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, bluetooth::common::kUnknownConnectionHandle, opcode,
794 hci_event, status, reason, 0);
796 case HCI_READ_ENCR_KEY_SIZE: {
799 STREAM_TO_UINT8(status, p_return_params);
800 STREAM_TO_UINT16(handle, p_return_params);
801 STREAM_TO_UINT8(key_size, p_return_params);
802 bluetooth::common::LogClassicPairingEvent(RawAddress::kEmpty, handle, opcode, hci_event, status, reason,
806 case HCI_LINK_KEY_REQUEST_REPLY:
807 case HCI_LINK_KEY_REQUEST_NEG_REPLY:
808 case HCI_IO_CAPABILITY_REQUEST_REPLY:
809 case HCI_IO_CAP_REQ_NEG_REPLY:
810 case HCI_USER_CONF_REQUEST_REPLY:
811 case HCI_USER_CONF_VALUE_NEG_REPLY:
812 case HCI_USER_PASSKEY_REQ_REPLY:
813 case HCI_USER_PASSKEY_REQ_NEG_REPLY:
814 case HCI_REM_OOB_DATA_REQ_REPLY:
815 case HCI_REM_OOB_DATA_REQ_NEG_REPLY:
816 STREAM_TO_UINT8(status, p_return_params);
817 STREAM_TO_BDADDR(bd_addr, p_return_params);
818 bluetooth::common::LogClassicPairingEvent(bd_addr, bluetooth::common::kUnknownConnectionHandle, opcode, hci_event,
824 static void btu_hcif_command_complete_evt_with_cb_on_task(BT_HDR* event,
826 command_opcode_t opcode;
827 // 2 for event header: event code (1) + parameter length (1)
828 // 1 for num_hci_pkt command credit
829 uint8_t* stream = event->data + event->offset + 3;
830 STREAM_TO_UINT16(opcode, stream);
832 btu_hcif_log_command_complete_metrics(opcode, stream);
834 cmd_with_cb_data* cb_wrapper = (cmd_with_cb_data*)context;
835 HCI_TRACE_DEBUG("command complete for: %s",
836 cb_wrapper->posted_from.ToString().c_str());
837 // 2 for event header: event code (1) + parameter length (1)
838 // 3 for command complete header: num_hci_pkt (1) + opcode (2)
839 uint16_t param_len = static_cast<uint16_t>(event->len - 5);
840 std::move(cb_wrapper->cb).Run(stream, param_len);
841 cmd_with_cb_data_cleanup(cb_wrapper);
842 osi_free(cb_wrapper);
847 static void btu_hcif_command_complete_evt_with_cb(BT_HDR* response,
849 do_in_main_thread(FROM_HERE,
850 base::Bind(btu_hcif_command_complete_evt_with_cb_on_task,
854 static void btu_hcif_command_status_evt_with_cb_on_task(uint8_t status,
857 command_opcode_t opcode;
858 uint8_t* stream = event->data + event->offset;
859 STREAM_TO_UINT16(opcode, stream);
863 // stream + 1 to skip parameter length field
864 // No need to check length since stream is written by us
865 btu_hcif_log_command_metrics(opcode, stream + 1, status, true);
867 // report command status error
868 cmd_with_cb_data* cb_wrapper = (cmd_with_cb_data*)context;
869 HCI_TRACE_DEBUG("command status for: %s",
870 cb_wrapper->posted_from.ToString().c_str());
871 std::move(cb_wrapper->cb).Run(&status, sizeof(uint16_t));
872 cmd_with_cb_data_cleanup(cb_wrapper);
873 osi_free(cb_wrapper);
878 static void btu_hcif_command_status_evt_with_cb(uint8_t status, BT_HDR* command,
880 // Command is pending, we report only error.
887 FROM_HERE, base::Bind(btu_hcif_command_status_evt_with_cb_on_task, status,
891 /* This function is called to send commands to the Host Controller. |cb| is
892 * called when command status event is called with error code, or when the
893 * command complete event is received. */
894 void btu_hcif_send_cmd_with_cb(const Location& posted_from, uint16_t opcode,
895 uint8_t* params, uint8_t params_len,
897 BT_HDR* p = (BT_HDR*)osi_malloc(HCI_CMD_BUF_SIZE);
898 uint8_t* pp = (uint8_t*)(p + 1);
900 p->len = HCIC_PREAMBLE_SIZE + params_len;
903 UINT16_TO_STREAM(pp, opcode);
904 UINT8_TO_STREAM(pp, params_len);
906 memcpy(pp, params, params_len);
909 btu_hcif_log_command_metrics(opcode, pp,
910 android::bluetooth::hci::STATUS_UNKNOWN, false);
912 cmd_with_cb_data* cb_wrapper =
913 (cmd_with_cb_data*)osi_malloc(sizeof(cmd_with_cb_data));
915 cmd_with_cb_data_init(cb_wrapper);
916 cb_wrapper->cb = std::move(cb);
917 cb_wrapper->posted_from = posted_from;
919 hci_layer_get_interface()->transmit_command(
920 p, btu_hcif_command_complete_evt_with_cb,
921 btu_hcif_command_status_evt_with_cb, (void*)cb_wrapper);
924 /*******************************************************************************
926 * Function btu_hcif_inquiry_comp_evt
928 * Description Process event HCI_INQUIRY_COMP_EVT
932 ******************************************************************************/
933 static void btu_hcif_inquiry_comp_evt(uint8_t* p) {
936 STREAM_TO_UINT8(status, p);
938 /* Tell inquiry processing that we are done */
939 btm_process_inq_complete(status, BTM_BR_INQUIRY_MASK);
942 /*******************************************************************************
944 * Function btu_hcif_inquiry_result_evt
946 * Description Process event HCI_INQUIRY_RESULT_EVT
950 ******************************************************************************/
951 static void btu_hcif_inquiry_result_evt(uint8_t* p) {
952 /* Store results in the cache */
953 btm_process_inq_results(p, BTM_INQ_RESULT_STANDARD);
956 /*******************************************************************************
958 * Function btu_hcif_inquiry_rssi_result_evt
960 * Description Process event HCI_INQUIRY_RSSI_RESULT_EVT
964 ******************************************************************************/
965 static void btu_hcif_inquiry_rssi_result_evt(uint8_t* p) {
966 /* Store results in the cache */
967 btm_process_inq_results(p, BTM_INQ_RESULT_WITH_RSSI);
970 /*******************************************************************************
972 * Function btu_hcif_extended_inquiry_result_evt
974 * Description Process event HCI_EXTENDED_INQUIRY_RESULT_EVT
978 ******************************************************************************/
979 static void btu_hcif_extended_inquiry_result_evt(uint8_t* p) {
980 /* Store results in the cache */
981 btm_process_inq_results(p, BTM_INQ_RESULT_EXTENDED);
984 /*******************************************************************************
986 * Function btu_hcif_connection_comp_evt
988 * Description Process event HCI_CONNECTION_COMP_EVT
992 ******************************************************************************/
993 static void btu_hcif_connection_comp_evt(uint8_t* p) {
999 tBTM_ESCO_DATA esco_data;
1001 STREAM_TO_UINT8(status, p);
1002 STREAM_TO_UINT16(handle, p);
1003 STREAM_TO_BDADDR(bda, p);
1004 STREAM_TO_UINT8(link_type, p);
1005 STREAM_TO_UINT8(enc_mode, p);
1007 handle = HCID_GET_HANDLE(handle);
1009 if (status != HCI_SUCCESS) {
1011 "%s: Connection failed: status=%d, handle=%d, link_type=%d, "
1013 __func__, status, handle, link_type, enc_mode);
1016 if (link_type == HCI_LINK_TYPE_ACL) {
1017 btm_sec_connected(bda, handle, status, enc_mode);
1019 l2c_link_hci_conn_comp(status, handle, bda);
1021 memset(&esco_data, 0, sizeof(tBTM_ESCO_DATA));
1022 /* esco_data.link_type = HCI_LINK_TYPE_SCO; already zero */
1023 esco_data.bd_addr = bda;
1024 btm_sco_connected(status, &bda, handle, &esco_data);
1028 /*******************************************************************************
1030 * Function btu_hcif_connection_request_evt
1032 * Description Process event HCI_CONNECTION_REQUEST_EVT
1036 ******************************************************************************/
1037 static void btu_hcif_connection_request_evt(uint8_t* p) {
1042 STREAM_TO_BDADDR(bda, p);
1043 STREAM_TO_DEVCLASS(dc, p);
1044 STREAM_TO_UINT8(link_type, p);
1046 /* Pass request to security manager to check connect filters before */
1047 /* passing request to l2cap */
1048 if (link_type == HCI_LINK_TYPE_ACL) {
1049 btm_sec_conn_req(bda, dc);
1051 btm_sco_conn_req(bda, dc, link_type);
1055 /*******************************************************************************
1057 * Function btu_hcif_disconnection_comp_evt
1059 * Description Process event HCI_DISCONNECTION_COMP_EVT
1063 ******************************************************************************/
1064 static void btu_hcif_disconnection_comp_evt(uint8_t* p) {
1069 STREAM_TO_UINT8(status, p);
1070 STREAM_TO_UINT16(handle, p);
1071 STREAM_TO_UINT8(reason, p);
1073 handle = HCID_GET_HANDLE(handle);
1075 if ((reason != HCI_ERR_CONN_CAUSE_LOCAL_HOST) &&
1076 (reason != HCI_ERR_PEER_USER)) {
1077 /* Uncommon disconnection reasons */
1078 HCI_TRACE_DEBUG("%s: Got Disconn Complete Event: reason=%d, handle=%d",
1079 __func__, reason, handle);
1082 /* If L2CAP doesn't know about it, send it to SCO */
1083 if (!l2c_link_hci_disc_comp(handle, reason)) btm_sco_removed(handle, reason);
1085 /* Notify security manager */
1086 btm_sec_disconnected(handle, reason);
1089 /*******************************************************************************
1091 * Function btu_hcif_authentication_comp_evt
1093 * Description Process event HCI_AUTHENTICATION_COMP_EVT
1097 ******************************************************************************/
1098 static void btu_hcif_authentication_comp_evt(uint8_t* p) {
1102 STREAM_TO_UINT8(status, p);
1103 STREAM_TO_UINT16(handle, p);
1105 btm_sec_auth_complete(handle, status);
1108 /*******************************************************************************
1110 * Function btu_hcif_rmt_name_request_comp_evt
1112 * Description Process event HCI_RMT_NAME_REQUEST_COMP_EVT
1116 ******************************************************************************/
1117 static void btu_hcif_rmt_name_request_comp_evt(uint8_t* p, uint16_t evt_len) {
1121 STREAM_TO_UINT8(status, p);
1122 STREAM_TO_BDADDR(bd_addr, p);
1124 evt_len -= (1 + BD_ADDR_LEN);
1126 btm_process_remote_name(&bd_addr, p, evt_len, status);
1128 btm_sec_rmt_name_request_complete(&bd_addr, p, status);
1131 constexpr uint8_t MIN_KEY_SIZE = 7;
1133 static void read_encryption_key_size_complete_after_encryption_change(uint8_t status, uint16_t handle,
1135 if (status == HCI_ERR_INSUFFCIENT_SECURITY) {
1136 /* If remote device stop the encryption before we call "Read Encryption Key
1137 * Size", we might receive Insufficient Security, which means that link is
1138 * no longer encrypted. */
1139 LOG(INFO) << __func__ << ": encryption stopped on link: " << loghex(handle);
1143 if (status != HCI_SUCCESS) {
1144 LOG(INFO) << __func__ << ": disconnecting, status: " << loghex(status);
1145 btsnd_hcic_disconnect(handle, HCI_ERR_PEER_USER);
1149 if (key_size < MIN_KEY_SIZE) {
1150 android_errorWriteLog(0x534e4554, "124301137");
1151 LOG(ERROR) << __func__ << " encryption key too short, disconnecting. handle: " << loghex(handle)
1152 << " key_size: " << +key_size;
1154 btsnd_hcic_disconnect(handle, HCI_ERR_HOST_REJECT_SECURITY);
1158 // good key size - succeed
1159 btm_acl_encrypt_change(handle, status, 1 /* enable */);
1160 btm_sec_encrypt_change(handle, status, 1 /* enable */);
1162 /*******************************************************************************
1164 * Function btu_hcif_encryption_change_evt
1166 * Description Process event HCI_ENCRYPTION_CHANGE_EVT
1170 ******************************************************************************/
1171 static void btu_hcif_encryption_change_evt(uint8_t* p) {
1174 uint8_t encr_enable;
1176 STREAM_TO_UINT8(status, p);
1177 STREAM_TO_UINT16(handle, p);
1178 STREAM_TO_UINT8(encr_enable, p);
1180 if (status != HCI_SUCCESS || encr_enable == 0 || BTM_IsBleConnection(handle)) {
1181 if (status == HCI_ERR_CONNECTION_TOUT) {
1182 smp_cancel_start_encryption_attempt();
1186 btm_acl_encrypt_change(handle, status, encr_enable);
1187 btm_sec_encrypt_change(handle, status, encr_enable);
1189 btsnd_hcic_read_encryption_key_size(handle, base::Bind(&read_encryption_key_size_complete_after_encryption_change));
1193 /*******************************************************************************
1195 * Function btu_hcif_read_rmt_features_comp_evt
1197 * Description Process event HCI_READ_RMT_FEATURES_COMP_EVT
1201 ******************************************************************************/
1202 static void btu_hcif_read_rmt_features_comp_evt(uint8_t* p) {
1203 btm_read_remote_features_complete(p);
1206 /*******************************************************************************
1208 * Function btu_hcif_read_rmt_ext_features_comp_evt
1210 * Description Process event HCI_READ_RMT_EXT_FEATURES_COMP_EVT
1214 ******************************************************************************/
1215 static void btu_hcif_read_rmt_ext_features_comp_evt(uint8_t* p,
1221 STREAM_TO_UINT8(status, p_cur);
1223 if (status == HCI_SUCCESS)
1224 btm_read_remote_ext_features_complete(p, evt_len);
1226 STREAM_TO_UINT16(handle, p_cur);
1227 btm_read_remote_ext_features_failed(status, handle);
1231 /*******************************************************************************
1233 * Function btu_hcif_read_rmt_version_comp_evt
1235 * Description Process event HCI_READ_RMT_VERSION_COMP_EVT
1239 ******************************************************************************/
1240 static void btu_hcif_read_rmt_version_comp_evt(uint8_t* p) {
1241 btm_read_remote_version_complete(p);
1244 /*******************************************************************************
1246 * Function btu_hcif_qos_setup_comp_evt
1248 * Description Process event HCI_QOS_SETUP_COMP_EVT
1252 ******************************************************************************/
1253 static void btu_hcif_qos_setup_comp_evt(uint8_t* p) {
1258 STREAM_TO_UINT8(status, p);
1259 STREAM_TO_UINT16(handle, p);
1260 STREAM_TO_UINT8(flow.qos_flags, p);
1261 STREAM_TO_UINT8(flow.service_type, p);
1262 STREAM_TO_UINT32(flow.token_rate, p);
1263 STREAM_TO_UINT32(flow.peak_bandwidth, p);
1264 STREAM_TO_UINT32(flow.latency, p);
1265 STREAM_TO_UINT32(flow.delay_variation, p);
1267 btm_qos_setup_complete(status, handle, &flow);
1270 /*******************************************************************************
1272 * Function btu_hcif_esco_connection_comp_evt
1274 * Description Process event HCI_ESCO_CONNECTION_COMP_EVT
1278 ******************************************************************************/
1279 static void btu_hcif_esco_connection_comp_evt(uint8_t* p) {
1280 tBTM_ESCO_DATA data;
1285 STREAM_TO_UINT8(status, p);
1286 STREAM_TO_UINT16(handle, p);
1287 STREAM_TO_BDADDR(bda, p);
1289 STREAM_TO_UINT8(data.link_type, p);
1290 STREAM_TO_UINT8(data.tx_interval, p);
1291 STREAM_TO_UINT8(data.retrans_window, p);
1292 STREAM_TO_UINT16(data.rx_pkt_len, p);
1293 STREAM_TO_UINT16(data.tx_pkt_len, p);
1294 STREAM_TO_UINT8(data.air_mode, p);
1296 handle = HCID_GET_HANDLE(handle);
1299 btm_sco_connected(status, &bda, handle, &data);
1302 /*******************************************************************************
1304 * Function btu_hcif_esco_connection_chg_evt
1306 * Description Process event HCI_ESCO_CONNECTION_CHANGED_EVT
1310 ******************************************************************************/
1311 static void btu_hcif_esco_connection_chg_evt(uint8_t* p) {
1313 uint16_t tx_pkt_len;
1314 uint16_t rx_pkt_len;
1316 uint8_t tx_interval;
1317 uint8_t retrans_window;
1319 STREAM_TO_UINT8(status, p);
1320 STREAM_TO_UINT16(handle, p);
1322 STREAM_TO_UINT8(tx_interval, p);
1323 STREAM_TO_UINT8(retrans_window, p);
1324 STREAM_TO_UINT16(rx_pkt_len, p);
1325 STREAM_TO_UINT16(tx_pkt_len, p);
1327 handle = HCID_GET_HANDLE(handle);
1329 btm_esco_proc_conn_chg(status, handle, tx_interval, retrans_window,
1330 rx_pkt_len, tx_pkt_len);
1333 /*******************************************************************************
1335 * Function btu_hcif_hdl_command_complete
1337 * Description Handle command complete event
1341 ******************************************************************************/
1342 static void btu_hcif_hdl_command_complete(uint16_t opcode, uint8_t* p,
1344 void* p_cplt_cback) {
1346 case HCI_INQUIRY_CANCEL:
1347 /* Tell inquiry processing that we are done */
1348 btm_process_cancel_complete(HCI_SUCCESS, BTM_BR_INQUIRY_MASK);
1350 case HCI_SET_EVENT_FILTER:
1351 btm_event_filter_complete(p);
1354 case HCI_DELETE_STORED_LINK_KEY:
1355 btm_delete_stored_link_key_complete(p);
1358 case HCI_READ_LOCAL_NAME:
1359 btm_read_local_name_complete(p, evt_len);
1362 case HCI_GET_LINK_QUALITY:
1363 btm_read_link_quality_complete(p);
1367 btm_read_rssi_complete(p);
1370 case HCI_READ_FAILED_CONTACT_COUNTER:
1371 btm_read_failed_contact_counter_complete(p);
1374 case HCI_READ_AUTOMATIC_FLUSH_TIMEOUT:
1375 btm_read_automatic_flush_timeout_complete(p);
1378 case HCI_READ_TRANSMIT_POWER_LEVEL:
1379 btm_read_tx_power_complete(p, false);
1382 case HCI_CREATE_CONNECTION_CANCEL:
1383 btm_create_conn_cancel_complete(p);
1386 case HCI_READ_LOCAL_OOB_DATA:
1387 btm_read_local_oob_complete(p);
1390 case HCI_READ_INQ_TX_POWER_LEVEL:
1391 btm_read_inq_tx_power_complete(p);
1394 /* BLE Commands sComplete*/
1396 case HCI_BLE_ENCRYPT:
1397 btm_ble_rand_enc_complete(p, opcode, (tBTM_RAND_ENC_CB*)p_cplt_cback);
1400 case HCI_BLE_READ_ADV_CHNL_TX_POWER:
1401 btm_read_tx_power_complete(p, true);
1404 case HCI_BLE_WRITE_ADV_ENABLE:
1405 btm_ble_write_adv_enable_complete(p);
1408 case HCI_BLE_CREATE_LL_CONN:
1409 case HCI_LE_EXTENDED_CREATE_CONNECTION:
1410 // No command complete event for those commands according to spec
1411 LOG(ERROR) << "No command complete expected, but received!";
1414 case HCI_BLE_CREATE_CONN_CANCEL:
1415 btm_ble_create_conn_cancel_complete(p);
1418 case HCI_BLE_TRANSMITTER_TEST:
1419 case HCI_BLE_RECEIVER_TEST:
1420 case HCI_BLE_TEST_END:
1421 btm_ble_test_command_complete(p);
1424 #if (BLE_PRIVACY_SPT == TRUE)
1425 case HCI_BLE_ADD_DEV_RESOLVING_LIST:
1426 btm_ble_add_resolving_list_entry_complete(p, evt_len);
1429 case HCI_BLE_RM_DEV_RESOLVING_LIST:
1430 btm_ble_remove_resolving_list_entry_complete(p, evt_len);
1433 case HCI_BLE_CLEAR_RESOLVING_LIST:
1434 btm_ble_clear_resolving_list_complete(p, evt_len);
1437 case HCI_BLE_READ_RESOLVABLE_ADDR_PEER:
1438 btm_ble_read_resolving_list_entry_complete(p, evt_len);
1441 case HCI_BLE_READ_RESOLVABLE_ADDR_LOCAL:
1442 case HCI_BLE_SET_ADDR_RESOLUTION_ENABLE:
1443 case HCI_BLE_SET_RAND_PRIV_ADDR_TIMOUT:
1447 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC)
1448 btm_vsc_complete(p, opcode, evt_len, (tBTM_VSC_CMPL_CB*)p_cplt_cback);
1453 /*******************************************************************************
1455 * Function btu_hcif_command_complete_evt
1457 * Description Process event HCI_COMMAND_COMPLETE_EVT
1461 ******************************************************************************/
1462 static void btu_hcif_command_complete_evt_on_task(BT_HDR* event,
1464 command_opcode_t opcode;
1465 // 2 for event header: event code (1) + parameter length (1)
1466 // 1 for num_hci_pkt command credit
1467 uint8_t* stream = event->data + event->offset + 3;
1468 STREAM_TO_UINT16(opcode, stream);
1470 btu_hcif_log_command_complete_metrics(opcode, stream);
1471 // 2 for event header: event code (1) + parameter length (1)
1472 // 3 for command complete header: num_hci_pkt (1) + opcode (2)
1473 uint16_t param_len = static_cast<uint16_t>(event->len - 5);
1474 btu_hcif_hdl_command_complete(opcode, stream, param_len, context);
1479 static void btu_hcif_command_complete_evt(BT_HDR* response, void* context) {
1480 do_in_main_thread(FROM_HERE, base::Bind(btu_hcif_command_complete_evt_on_task,
1481 response, context));
1484 /*******************************************************************************
1486 * Function btu_hcif_hdl_command_status
1488 * Description Handle a command status event
1492 ******************************************************************************/
1493 static void btu_hcif_hdl_command_status(uint16_t opcode, uint8_t status,
1495 void* p_vsc_status_cback) {
1496 CHECK_NE(p_cmd, nullptr) << "Null command for opcode 0x" << loghex(opcode);
1497 p_cmd++; // Skip parameter total length
1503 // Link Control Commands
1505 if (status != HCI_SUCCESS) {
1506 // Tell inquiry processing that we are done
1507 btm_process_inq_complete(status, BTM_BR_INQUIRY_MASK);
1511 if (status != HCI_SUCCESS) {
1512 // Tell qos setup that we are done
1513 btm_qos_setup_complete(status, 0, nullptr);
1516 case HCI_SWITCH_ROLE:
1517 if (status != HCI_SUCCESS) {
1518 // Tell BTM that the command failed
1519 STREAM_TO_BDADDR(bd_addr, p_cmd);
1520 btm_acl_role_changed(status, &bd_addr, BTM_ROLE_UNDEFINED);
1521 l2c_link_role_changed(nullptr, BTM_ROLE_UNDEFINED,
1522 HCI_ERR_COMMAND_DISALLOWED);
1525 case HCI_CREATE_CONNECTION:
1526 if (status != HCI_SUCCESS) {
1527 STREAM_TO_BDADDR(bd_addr, p_cmd);
1528 btm_sec_connected(bd_addr, HCI_INVALID_HANDLE, status, 0);
1529 l2c_link_hci_conn_comp(status, HCI_INVALID_HANDLE, bd_addr);
1532 case HCI_AUTHENTICATION_REQUESTED:
1533 if (status != HCI_SUCCESS) {
1534 // Device refused to start authentication
1535 // This is treated as an authentication failure
1536 btm_sec_auth_complete(BTM_INVALID_HCI_HANDLE, status);
1539 case HCI_SET_CONN_ENCRYPTION:
1540 if (status != HCI_SUCCESS) {
1541 // Device refused to start encryption
1542 // This is treated as an encryption failure
1543 btm_sec_encrypt_change(BTM_INVALID_HCI_HANDLE, status, false);
1546 case HCI_RMT_NAME_REQUEST:
1547 if (status != HCI_SUCCESS) {
1548 // Tell inquiry processing that we are done
1549 btm_process_remote_name(nullptr, nullptr, 0, status);
1550 btm_sec_rmt_name_request_complete(nullptr, nullptr, status);
1553 case HCI_READ_RMT_EXT_FEATURES:
1554 if (status != HCI_SUCCESS) {
1555 STREAM_TO_UINT16(handle, p_cmd);
1556 btm_read_remote_ext_features_failed(status, handle);
1559 case HCI_SETUP_ESCO_CONNECTION:
1560 case HCI_ENH_SETUP_ESCO_CONNECTION:
1561 if (status != HCI_SUCCESS) {
1562 STREAM_TO_UINT16(handle, p_cmd);
1563 // Determine if initial connection failed or is a change of setup
1564 if (btm_is_sco_active(handle)) {
1565 btm_esco_proc_conn_chg(status, handle, 0, 0, 0, 0);
1567 btm_sco_connected(status, nullptr, handle, nullptr);
1573 case HCI_BLE_CREATE_LL_CONN:
1574 case HCI_LE_EXTENDED_CREATE_CONNECTION:
1575 if (status != HCI_SUCCESS) {
1576 btm_ble_create_ll_conn_complete(status);
1579 case HCI_BLE_START_ENC:
1580 // Race condition: disconnection happened right before we send
1581 // "LE Encrypt", controller responds with no connection, we should
1582 // cancel the encryption attempt, rather than unpair the device.
1583 if (status == HCI_ERR_NO_CONNECTION) {
1584 smp_cancel_start_encryption_attempt();
1588 // Link Policy Commands
1589 case HCI_EXIT_SNIFF_MODE:
1590 case HCI_EXIT_PARK_MODE:
1591 if (status != HCI_SUCCESS) {
1592 // Allow SCO initiation to continue if waiting for change mode event
1593 STREAM_TO_UINT16(handle, p_cmd);
1594 btm_sco_chk_pend_unpark(status, handle);
1596 FALLTHROUGH_INTENDED; /* FALLTHROUGH */
1598 case HCI_SNIFF_MODE:
1600 btm_pm_proc_cmd_status(status);
1604 if ((opcode & HCI_GRP_VENDOR_SPECIFIC) == HCI_GRP_VENDOR_SPECIFIC) {
1605 btm_vsc_complete(&status, opcode, 1,
1606 (tBTM_VSC_CMPL_CB*)p_vsc_status_cback);
1611 /*******************************************************************************
1613 * Function btu_hcif_command_status_evt
1615 * Description Process event HCI_COMMAND_STATUS_EVT
1619 ******************************************************************************/
1620 static void btu_hcif_command_status_evt_on_task(uint8_t status, BT_HDR* event,
1622 command_opcode_t opcode;
1623 uint8_t* stream = event->data + event->offset;
1624 STREAM_TO_UINT16(opcode, stream);
1626 // stream + 1 to skip parameter length field
1627 // No need to check length since stream is written by us
1628 btu_hcif_log_command_metrics(opcode, stream + 1, status, true);
1630 btu_hcif_hdl_command_status(opcode, status, stream, context);
1634 static void btu_hcif_command_status_evt(uint8_t status, BT_HDR* command,
1636 do_in_main_thread(FROM_HERE, base::Bind(btu_hcif_command_status_evt_on_task,
1637 status, command, context));
1640 /*******************************************************************************
1642 * Function btu_hcif_hardware_error_evt
1644 * Description Process event HCI_HARDWARE_ERROR_EVT
1648 ******************************************************************************/
1649 static void btu_hcif_hardware_error_evt(uint8_t* p) {
1650 HCI_TRACE_ERROR("Ctlr H/w error event - code:0x%x", *p);
1652 /* If anyone wants device status notifications, give him one. */
1653 btm_report_device_status(BTM_DEV_STATUS_DOWN);
1655 /* Reset the controller */
1656 if (BTM_IsDeviceUp()) BTM_DeviceReset(NULL);
1659 /*******************************************************************************
1661 * Function btu_hcif_flush_occured_evt
1663 * Description Process event HCI_FLUSH_OCCURED_EVT
1667 ******************************************************************************/
1668 static void btu_hcif_flush_occured_evt(void) {}
1670 /*******************************************************************************
1672 * Function btu_hcif_role_change_evt
1674 * Description Process event HCI_ROLE_CHANGE_EVT
1678 ******************************************************************************/
1679 static void btu_hcif_role_change_evt(uint8_t* p) {
1684 STREAM_TO_UINT8(status, p);
1685 STREAM_TO_BDADDR(bda, p);
1686 STREAM_TO_UINT8(role, p);
1688 btm_blacklist_role_change_device(bda, status);
1689 l2c_link_role_changed(&bda, role, status);
1690 btm_acl_role_changed(status, &bda, role);
1693 /*******************************************************************************
1695 * Function btu_hcif_num_compl_data_pkts_evt
1697 * Description Process event HCI_NUM_COMPL_DATA_PKTS_EVT
1701 ******************************************************************************/
1702 static void btu_hcif_num_compl_data_pkts_evt(uint8_t* p) {
1703 /* Process for L2CAP and SCO */
1704 l2c_link_process_num_completed_pkts(p);
1706 /* Send on to SCO */
1707 /*?? No SCO for now */
1710 /*******************************************************************************
1712 * Function btu_hcif_mode_change_evt
1714 * Description Process event HCI_MODE_CHANGE_EVT
1718 ******************************************************************************/
1719 static void btu_hcif_mode_change_evt(uint8_t* p) {
1722 uint8_t current_mode;
1725 STREAM_TO_UINT8(status, p);
1727 STREAM_TO_UINT16(handle, p);
1728 STREAM_TO_UINT8(current_mode, p);
1729 STREAM_TO_UINT16(interval, p);
1730 btm_sco_chk_pend_unpark(status, handle);
1731 btm_pm_proc_mode_change(status, handle, current_mode, interval);
1733 #if (HID_DEV_INCLUDED == TRUE && HID_DEV_PM_INCLUDED == TRUE)
1734 hidd_pm_proc_mode_change(status, current_mode, interval);
1738 /*******************************************************************************
1740 * Function btu_hcif_ssr_evt
1742 * Description Process event HCI_SNIFF_SUB_RATE_EVT
1746 ******************************************************************************/
1747 #if (BTM_SSR_INCLUDED == TRUE)
1748 static void btu_hcif_ssr_evt(uint8_t* p, uint16_t evt_len) {
1749 btm_pm_proc_ssr_evt(p, evt_len);
1753 /*******************************************************************************
1755 * Function btu_hcif_pin_code_request_evt
1757 * Description Process event HCI_PIN_CODE_REQUEST_EVT
1761 ******************************************************************************/
1762 static void btu_hcif_pin_code_request_evt(uint8_t* p) {
1765 STREAM_TO_BDADDR(bda, p);
1767 /* Tell L2CAP that there was a PIN code request, */
1768 /* it may need to stretch timeouts */
1769 l2c_pin_code_request(bda);
1771 btm_sec_pin_code_request(bda);
1774 /*******************************************************************************
1776 * Function btu_hcif_link_key_request_evt
1778 * Description Process event HCI_LINK_KEY_REQUEST_EVT
1782 ******************************************************************************/
1783 static void btu_hcif_link_key_request_evt(uint8_t* p) {
1786 STREAM_TO_BDADDR(bda, p);
1787 btm_sec_link_key_request(bda);
1790 /*******************************************************************************
1792 * Function btu_hcif_link_key_notification_evt
1794 * Description Process event HCI_LINK_KEY_NOTIFICATION_EVT
1798 ******************************************************************************/
1799 static void btu_hcif_link_key_notification_evt(uint8_t* p) {
1804 STREAM_TO_BDADDR(bda, p);
1805 STREAM_TO_ARRAY16(key.data(), p);
1806 STREAM_TO_UINT8(key_type, p);
1808 btm_sec_link_key_notification(bda, key, key_type);
1811 /*******************************************************************************
1813 * Function btu_hcif_loopback_command_evt
1815 * Description Process event HCI_LOOPBACK_COMMAND_EVT
1819 ******************************************************************************/
1820 static void btu_hcif_loopback_command_evt(void) {}
1822 /*******************************************************************************
1824 * Function btu_hcif_data_buf_overflow_evt
1826 * Description Process event HCI_DATA_BUF_OVERFLOW_EVT
1830 ******************************************************************************/
1831 static void btu_hcif_data_buf_overflow_evt(void) {}
1833 /*******************************************************************************
1835 * Function btu_hcif_max_slots_changed_evt
1837 * Description Process event HCI_MAX_SLOTS_CHANGED_EVT
1841 ******************************************************************************/
1842 static void btu_hcif_max_slots_changed_evt(void) {}
1844 /*******************************************************************************
1846 * Function btu_hcif_read_clock_off_comp_evt
1848 * Description Process event HCI_READ_CLOCK_OFF_COMP_EVT
1852 ******************************************************************************/
1853 static void btu_hcif_read_clock_off_comp_evt(uint8_t* p) {
1856 uint16_t clock_offset;
1858 STREAM_TO_UINT8(status, p);
1860 /* If failed to get clock offset just drop the result */
1861 if (status != HCI_SUCCESS) return;
1863 STREAM_TO_UINT16(handle, p);
1864 STREAM_TO_UINT16(clock_offset, p);
1866 handle = HCID_GET_HANDLE(handle);
1868 btm_process_clk_off_comp_evt(handle, clock_offset);
1869 btm_sec_update_clock_offset(handle, clock_offset);
1872 /*******************************************************************************
1874 * Function btu_hcif_conn_pkt_type_change_evt
1876 * Description Process event HCI_CONN_PKT_TYPE_CHANGE_EVT
1880 ******************************************************************************/
1881 static void btu_hcif_conn_pkt_type_change_evt(void) {}
1883 /*******************************************************************************
1885 * Function btu_hcif_qos_violation_evt
1887 * Description Process event HCI_QOS_VIOLATION_EVT
1891 ******************************************************************************/
1892 static void btu_hcif_qos_violation_evt(uint8_t* p) {
1895 STREAM_TO_UINT16(handle, p);
1897 handle = HCID_GET_HANDLE(handle);
1899 l2c_link_hci_qos_violation(handle);
1902 /*******************************************************************************
1904 * Function btu_hcif_page_scan_mode_change_evt
1906 * Description Process event HCI_PAGE_SCAN_MODE_CHANGE_EVT
1910 ******************************************************************************/
1911 static void btu_hcif_page_scan_mode_change_evt(void) {}
1913 /*******************************************************************************
1915 * Function btu_hcif_page_scan_rep_mode_chng_evt
1917 * Description Process event HCI_PAGE_SCAN_REP_MODE_CHNG_EVT
1921 ******************************************************************************/
1922 static void btu_hcif_page_scan_rep_mode_chng_evt(void) {}
1924 /**********************************************
1925 * Simple Pairing Events
1926 **********************************************/
1928 /*******************************************************************************
1930 * Function btu_hcif_host_support_evt
1932 * Description Process event HCI_RMT_HOST_SUP_FEAT_NOTIFY_EVT
1936 ******************************************************************************/
1937 static void btu_hcif_host_support_evt(uint8_t* p) {
1938 btm_sec_rmt_host_support_feat_evt(p);
1941 /*******************************************************************************
1943 * Function btu_hcif_io_cap_request_evt
1945 * Description Process event HCI_IO_CAPABILITY_REQUEST_EVT
1949 ******************************************************************************/
1950 static void btu_hcif_io_cap_request_evt(uint8_t* p) {
1952 STREAM_TO_BDADDR(bda, p);
1953 btm_io_capabilities_req(bda);
1956 /*******************************************************************************
1958 * Function btu_hcif_io_cap_response_evt
1960 * Description Process event HCI_IO_CAPABILITY_RESPONSE_EVT
1964 ******************************************************************************/
1965 static void btu_hcif_io_cap_response_evt(uint8_t* p) {
1966 btm_io_capabilities_rsp(p);
1969 /*******************************************************************************
1971 * Function btu_hcif_user_conf_request_evt
1973 * Description Process event HCI_USER_CONFIRMATION_REQUEST_EVT
1977 ******************************************************************************/
1978 static void btu_hcif_user_conf_request_evt(uint8_t* p) {
1979 btm_proc_sp_req_evt(BTM_SP_CFM_REQ_EVT, p);
1982 /*******************************************************************************
1984 * Function btu_hcif_user_passkey_request_evt
1986 * Description Process event HCI_USER_PASSKEY_REQUEST_EVT
1990 ******************************************************************************/
1991 static void btu_hcif_user_passkey_request_evt(uint8_t* p) {
1992 btm_proc_sp_req_evt(BTM_SP_KEY_REQ_EVT, p);
1995 /*******************************************************************************
1997 * Function btu_hcif_user_passkey_notif_evt
1999 * Description Process event HCI_USER_PASSKEY_NOTIFY_EVT
2003 ******************************************************************************/
2004 static void btu_hcif_user_passkey_notif_evt(uint8_t* p) {
2005 btm_proc_sp_req_evt(BTM_SP_KEY_NOTIF_EVT, p);
2008 /*******************************************************************************
2010 * Function btu_hcif_keypress_notif_evt
2012 * Description Process event HCI_KEYPRESS_NOTIFY_EVT
2016 ******************************************************************************/
2017 static void btu_hcif_keypress_notif_evt(uint8_t* p) {
2018 btm_keypress_notif_evt(p);
2021 /*******************************************************************************
2023 * Function btu_hcif_rem_oob_request_evt
2025 * Description Process event HCI_REMOTE_OOB_DATA_REQUEST_EVT
2029 ******************************************************************************/
2030 static void btu_hcif_rem_oob_request_evt(uint8_t* p) { btm_rem_oob_req(p); }
2032 /*******************************************************************************
2034 * Function btu_hcif_simple_pair_complete_evt
2036 * Description Process event HCI_SIMPLE_PAIRING_COMPLETE_EVT
2040 ******************************************************************************/
2041 static void btu_hcif_simple_pair_complete_evt(uint8_t* p) {
2042 btm_simple_pair_complete(p);
2045 /*******************************************************************************
2047 * Function btu_hcif_enhanced_flush_complete_evt
2049 * Description Process event HCI_ENHANCED_FLUSH_COMPLETE_EVT
2053 ******************************************************************************/
2054 #if (L2CAP_NON_FLUSHABLE_PB_INCLUDED == TRUE)
2055 static void btu_hcif_enhanced_flush_complete_evt(void) {
2056 /* This is empty until an upper layer cares about returning event */
2059 /**********************************************
2060 * End of Simple Pairing Events
2061 **********************************************/
2063 static void read_encryption_key_size_complete_after_key_refresh(uint8_t status, uint16_t handle, uint8_t key_size) {
2064 if (status == HCI_ERR_INSUFFCIENT_SECURITY) {
2065 /* If remote device stop the encryption before we call "Read Encryption Key
2066 * Size", we might receive Insufficient Security, which means that link is
2067 * no longer encrypted. */
2068 LOG(INFO) << __func__ << ": encryption stopped on link: " << loghex(handle);
2072 if (status != HCI_SUCCESS) {
2073 LOG(INFO) << __func__ << ": disconnecting, status: " << loghex(status);
2074 btsnd_hcic_disconnect(handle, HCI_ERR_PEER_USER);
2078 if (key_size < MIN_KEY_SIZE) {
2079 android_errorWriteLog(0x534e4554, "124301137");
2080 LOG(ERROR) << __func__ << " encryption key too short, disconnecting. handle: " << loghex(handle)
2081 << " key_size: " << +key_size;
2083 btsnd_hcic_disconnect(handle, HCI_ERR_HOST_REJECT_SECURITY);
2087 btm_sec_encrypt_change(handle, status, 1 /* enc_enable */);
2090 static void btu_hcif_encryption_key_refresh_cmpl_evt(uint8_t* p) {
2094 STREAM_TO_UINT8(status, p);
2095 STREAM_TO_UINT16(handle, p);
2097 if (status != HCI_SUCCESS || BTM_IsBleConnection(handle)) {
2098 btm_sec_encrypt_change(handle, status, (status == HCI_SUCCESS) ? 1 : 0);
2100 btsnd_hcic_read_encryption_key_size(handle, base::Bind(&read_encryption_key_size_complete_after_key_refresh));
2104 /**********************************************
2106 **********************************************/
2108 static void btu_ble_ll_conn_complete_evt(uint8_t* p, uint16_t evt_len) {
2109 btm_ble_conn_complete(p, evt_len, false);
2111 #if (BLE_PRIVACY_SPT == TRUE)
2112 static void btu_ble_proc_enhanced_conn_cmpl(uint8_t* p, uint16_t evt_len) {
2113 btm_ble_conn_complete(p, evt_len, true);
2117 extern void gatt_notify_conn_update(uint16_t handle, uint16_t interval,
2118 uint16_t latency, uint16_t timeout,
2121 static void btu_ble_ll_conn_param_upd_evt(uint8_t* p, uint16_t evt_len) {
2122 /* LE connection update has completed successfully as a master. */
2123 /* We can enable the update request if the result is a success. */
2124 /* extract the HCI handle first */
2131 STREAM_TO_UINT8(status, p);
2132 STREAM_TO_UINT16(handle, p);
2133 STREAM_TO_UINT16(interval, p);
2134 STREAM_TO_UINT16(latency, p);
2135 STREAM_TO_UINT16(timeout, p);
2137 l2cble_process_conn_update_evt(handle, status, interval, latency, timeout);
2139 gatt_notify_conn_update(handle & 0x0FFF, interval, latency, timeout, status);
2142 static void btu_ble_read_remote_feat_evt(uint8_t* p) {
2143 btm_ble_read_remote_features_complete(p);
2146 static void btu_ble_proc_ltk_req(uint8_t* p) {
2147 uint16_t ediv, handle;
2150 STREAM_TO_UINT16(handle, p);
2152 STREAM_TO_UINT16(ediv, pp);
2153 btm_ble_ltk_request(handle, p, ediv);
2154 /* This is empty until an upper layer cares about returning event */
2157 static void btu_ble_data_length_change_evt(uint8_t* p, uint16_t evt_len) {
2159 uint16_t tx_data_len;
2160 uint16_t rx_data_len;
2162 if (!controller_get_interface()->supports_ble_packet_extension()) {
2163 HCI_TRACE_WARNING("%s, request not supported", __func__);
2167 STREAM_TO_UINT16(handle, p);
2168 STREAM_TO_UINT16(tx_data_len, p);
2169 p += 2; /* Skip the TxTimer */
2170 STREAM_TO_UINT16(rx_data_len, p);
2172 l2cble_process_data_length_change_event(handle, tx_data_len, rx_data_len);
2175 /**********************************************
2176 * End of BLE Events Handler
2177 **********************************************/
2178 #if (BLE_LLT_INCLUDED == TRUE)
2179 static void btu_ble_rc_param_req_evt(uint8_t* p) {
2181 uint16_t int_min, int_max, latency, timeout;
2183 STREAM_TO_UINT16(handle, p);
2184 STREAM_TO_UINT16(int_min, p);
2185 STREAM_TO_UINT16(int_max, p);
2186 STREAM_TO_UINT16(latency, p);
2187 STREAM_TO_UINT16(timeout, p);
2189 l2cble_process_rc_param_request_evt(handle, int_min, int_max, latency,
2192 #endif /* BLE_LLT_INCLUDED */