From 78d863bd3002bba947f1a957211e3748e740f24b Mon Sep 17 00:00:00 2001 From: Venkata Jagadeesh Garaga Date: Fri, 17 Apr 2020 16:06:17 +0530 Subject: [PATCH] GAP: Use proper page scan rep mode for connection Issue: Page time out seen when user initiated pairing from LE scan response Steps to reproduce ================== Steps: 1. Turn on BT 2. inquiry any dual mode device 3. Initiate pairing (only LE scan response received but br/edr inquiry response not received) Actual Result: Remote name request or create connection got page timeout some times Expected result: Remote name request and create connection should be successful Root Cause: If user finds only LE scan response for dual mode devices, then stack treats it as dual mode based on br/edr not supported bit. If pairing initiated from LE scan response, then stack initiates RNR and ACL connection on br/edr transport with wrong page scan response from LE inquiry database, it leads to page time out. Fix: Use page scan response from inquiry data base if br/edr inquiry response received, else use default page scan response R1 in RNR and create connection. Test: Follow steps above Bug: 154286616 Change-Id: I281ebc6d0e67d88c30328cb67df7f28793f354c1 --- stack/btm/btm_ble_gap.cc | 2 +- stack/btm/btm_inq.cc | 4 ++-- stack/l2cap/l2c_utils.cc | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/stack/btm/btm_ble_gap.cc b/stack/btm/btm_ble_gap.cc index 5ea05f3d2..37cfeb592 100644 --- a/stack/btm/btm_ble_gap.cc +++ b/stack/btm/btm_ble_gap.cc @@ -1657,7 +1657,7 @@ void btm_ble_update_inq_result(tINQ_DB_ENT* p_i, uint8_t addr_type, tBTM_INQUIRY_VAR_ST* p_inq = &btm_cb.btm_inq_vars; /* Save the info */ - p_cur->inq_result_type = BTM_INQ_RESULT_BLE; + p_cur->inq_result_type |= BTM_INQ_RESULT_BLE; p_cur->ble_addr_type = addr_type; p_cur->rssi = rssi; p_cur->ble_primary_phy = primary_phy; diff --git a/stack/btm/btm_inq.cc b/stack/btm/btm_inq.cc index e00f7aeac..800025c39 100644 --- a/stack/btm/btm_inq.cc +++ b/stack/btm/btm_inq.cc @@ -1666,7 +1666,7 @@ void btm_process_inq_results(uint8_t* p, uint8_t hci_evt_len, if (p_i->inq_count != p_inq->inq_counter) p_inq->inq_cmpl_info.num_resp++; /* A new response was found */ - p_cur->inq_result_type = BTM_INQ_RESULT_BR; + p_cur->inq_result_type |= BTM_INQ_RESULT_BR; if (p_i->inq_count != p_inq->inq_counter) { p_cur->device_type = BT_DEVICE_TYPE_BREDR; p_i->scan_rsp = false; @@ -1891,7 +1891,7 @@ tBTM_STATUS btm_initiate_rem_name(const RawAddress& remote_bda, uint8_t origin, /* If the database entry exists for the device, use its clock offset */ tINQ_DB_ENT* p_i = btm_inq_db_find(remote_bda); - if (p_i) { + if (p_i && (p_i->inq_info.results.inq_result_type & BTM_INQ_RESULT_BR)) { tBTM_INQ_INFO* p_cur = &p_i->inq_info; btsnd_hcic_rmt_name_req( remote_bda, p_cur->results.page_scan_rep_mode, diff --git a/stack/l2cap/l2c_utils.cc b/stack/l2cap/l2c_utils.cc index b4d96e1bf..da30f2b8a 100644 --- a/stack/l2cap/l2c_utils.cc +++ b/stack/l2cap/l2c_utils.cc @@ -2244,7 +2244,8 @@ bool l2cu_create_conn_after_switch(tL2C_LCB* p_lcb) { /* Check with the BT manager if details about remote device are known */ p_inq_info = BTM_InqDbRead(p_lcb->remote_bd_addr); - if (p_inq_info != NULL) { + if ((p_inq_info != NULL) && + (p_inq_info->results.inq_result_type & BTM_INQ_RESULT_BR)) { page_scan_rep_mode = p_inq_info->results.page_scan_rep_mode; page_scan_mode = p_inq_info->results.page_scan_mode; clock_offset = (uint16_t)(p_inq_info->results.clock_offset); -- 2.11.0