1 /******************************************************************************
2 *
3 * Copyright 2000-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /*****************************************************************************
20 *
21 * Name: btm_acl.cc
22 *
23 * Description: This file contains functions that handle ACL connections.
24 * This includes operations such as hold and sniff modes,
25 * supported packet types.
26 *
27 * This module contains both internal and external (API)
28 * functions. External (API) functions are distinguishable
29 * by their names beginning with uppercase BTM.
30 *
31 *
32 *****************************************************************************/
33
34 #define LOG_TAG "btm_acl"
35
36 #include <bluetooth/log.h>
37 #include <com_android_bluetooth_flags.h>
38
39 #include <cstdint>
40
41 #include "bta/include/bta_dm_acl.h"
42 #include "bta/sys/bta_sys.h"
43 #include "common/metrics.h"
44 #include "device/include/device_iot_config.h"
45 #include "device/include/interop.h"
46 #include "hci/controller_interface.h"
47 #include "include/l2cap_hci_link_interface.h"
48 #include "internal_include/bt_target.h"
49 #include "main/shim/acl_api.h"
50 #include "main/shim/dumpsys.h"
51 #include "main/shim/entry.h"
52 #include "main/shim/helpers.h"
53 #include "os/parameter_provider.h"
54 #include "osi/include/allocator.h"
55 #include "osi/include/properties.h"
56 #include "osi/include/stack_power_telemetry.h"
57 #include "stack/acl/acl.h"
58 #include "stack/acl/peer_packet_types.h"
59 #include "stack/btm/btm_ble_int.h"
60 #include "stack/btm/btm_dev.h"
61 #include "stack/btm/btm_int_types.h"
62 #include "stack/btm/btm_sco.h"
63 #include "stack/btm/btm_sec.h"
64 #include "stack/btm/security_device_record.h"
65 #include "stack/include/acl_api.h"
66 #include "stack/include/acl_api_types.h"
67 #include "stack/include/acl_hci_link_interface.h"
68 #include "stack/include/bt_hdr.h"
69 #include "stack/include/bt_types.h"
70 #include "stack/include/btm_ble_api.h"
71 #include "stack/include/btm_client_interface.h"
72 #include "stack/include/btm_iso_api.h"
73 #include "stack/include/btm_status.h"
74 #include "stack/include/hci_error_code.h"
75 #include "stack/include/hcimsgs.h"
76 #include "stack/include/inq_hci_link_interface.h"
77 #include "stack/include/l2cap_acl_interface.h"
78 #include "stack/include/l2cdefs.h"
79 #include "stack/include/main_thread.h"
80 #include "stack/l2cap/l2c_int.h"
81 #include "types/hci_role.h"
82 #include "types/raw_address.h"
83
84 #ifndef PROPERTY_LINK_SUPERVISION_TIMEOUT
85 #define PROPERTY_LINK_SUPERVISION_TIMEOUT "bluetooth.core.acl.link_supervision_timeout"
86 #endif
87
88 #ifndef PROPERTY_AUTO_FLUSH_TIMEOUT
89 #define PROPERTY_AUTO_FLUSH_TIMEOUT "bluetooth.core.classic.auto_flush_timeout"
90 #endif
91
92 using namespace bluetooth;
93 using bluetooth::legacy::hci::GetInterface;
94
95 void BTM_update_version_info(const RawAddress& bd_addr,
96 const remote_version_info& remote_version_info);
97
98 void BTM_db_reset(void);
99
100 extern tBTM_CB btm_cb;
101 void btm_iot_save_remote_properties(tACL_CONN* p_acl_cb);
102 void btm_iot_save_remote_versions(tACL_CONN* p_acl_cb);
103
104 struct StackAclBtmAcl {
105 tACL_CONN* acl_allocate_connection();
106 tACL_CONN* acl_get_connection_from_handle(uint16_t handle);
107 tACL_CONN* btm_bda_to_acl(const RawAddress& bda, tBT_TRANSPORT transport);
108 bool change_connection_packet_types(tACL_CONN& link, const uint16_t new_packet_type_bitmask);
109 void btm_establish_continue(tACL_CONN* p_acl_cb);
110 void btm_set_default_link_policy(tLINK_POLICY settings);
111 void btm_acl_role_changed(tHCI_STATUS hci_status, const RawAddress& bd_addr, tHCI_ROLE new_role);
112 void hci_start_role_switch_to_central(tACL_CONN& p_acl);
set_default_packet_types_supportedStackAclBtmAcl113 void set_default_packet_types_supported(uint16_t packet_types_supported) {
114 btm_cb.acl_cb_.btm_acl_pkt_types_supported = packet_types_supported;
115 }
116 void btm_acl_consolidate(const RawAddress& identity_addr, const RawAddress& rpa);
117 };
118
119 struct RoleChangeView {
120 tHCI_ROLE new_role = HCI_ROLE_UNKNOWN;
121 RawAddress bd_addr;
122 };
123
124 namespace {
125 StackAclBtmAcl internal_;
126 std::unique_ptr<RoleChangeView> delayed_role_change_ = nullptr;
127 } // namespace
128
129 typedef struct {
130 uint16_t handle;
131 uint16_t hci_len;
132 } __attribute__((packed)) acl_header_t;
133
134 constexpr uint8_t BTM_MAX_SW_ROLE_FAILED_ATTEMPTS = 3;
135
136 /* Define masks for supported and exception 2.0 ACL packet types
137 */
138 constexpr uint16_t BTM_ACL_SUPPORTED_PKTS_MASK =
139 (HCI_PKT_TYPES_MASK_DM1 | HCI_PKT_TYPES_MASK_DH1 | HCI_PKT_TYPES_MASK_DM3 |
140 HCI_PKT_TYPES_MASK_DH3 | HCI_PKT_TYPES_MASK_DM5 | HCI_PKT_TYPES_MASK_DH5);
141
142 constexpr uint16_t BTM_ACL_EXCEPTION_PKTS_MASK =
143 (HCI_PKT_TYPES_MASK_NO_2_DH1 | HCI_PKT_TYPES_MASK_NO_3_DH1 | HCI_PKT_TYPES_MASK_NO_2_DH3 |
144 HCI_PKT_TYPES_MASK_NO_3_DH3 | HCI_PKT_TYPES_MASK_NO_2_DH5 | HCI_PKT_TYPES_MASK_NO_3_DH5);
145
IsEprAvailable(const tACL_CONN & p_acl)146 static bool IsEprAvailable(const tACL_CONN& p_acl) {
147 if (!p_acl.peer_lmp_feature_valid[0]) {
148 log::warn("Checking incomplete feature page read");
149 return false;
150 }
151 return HCI_ATOMIC_ENCRYPT_SUPPORTED(p_acl.peer_lmp_feature_pages[0]) &&
152 bluetooth::shim::GetController()->SupportsEncryptionPause();
153 }
154
155 static void btm_process_remote_ext_features(tACL_CONN* p_acl_cb, uint8_t max_page_number);
156 static void btm_read_failed_contact_counter_timeout(void* data);
157 static void btm_read_remote_ext_features(uint16_t handle, uint8_t page_number);
158 static void btm_read_rssi_timeout(void* data);
159 static void btm_read_tx_power_timeout(void* data);
160 static void check_link_policy(tLINK_POLICY* settings);
161 void btm_set_link_policy(tACL_CONN* conn, tLINK_POLICY policy);
162
163 namespace {
NotifyAclLinkUp(tACL_CONN & p_acl)164 void NotifyAclLinkUp(tACL_CONN& p_acl) {
165 if (p_acl.link_up_issued) {
166 log::info("Already notified BTA layer that the link is up");
167 return;
168 }
169 p_acl.link_up_issued = true;
170 BTA_dm_acl_up(p_acl.remote_addr, p_acl.transport, p_acl.hci_handle);
171 }
172
NotifyAclLinkDown(tACL_CONN & p_acl)173 void NotifyAclLinkDown(tACL_CONN& p_acl) {
174 /* Only notify if link up has had a chance to be issued */
175 if (p_acl.link_up_issued) {
176 p_acl.link_up_issued = false;
177 BTA_dm_acl_down(p_acl.remote_addr, p_acl.transport);
178 }
179 }
180
NotifyAclRoleSwitchComplete(const RawAddress & bda,tHCI_ROLE new_role,tHCI_STATUS hci_status)181 void NotifyAclRoleSwitchComplete(const RawAddress& bda, tHCI_ROLE new_role,
182 tHCI_STATUS hci_status) {
183 BTA_dm_report_role_change(bda, new_role, hci_status);
184 }
185
NotifyAclFeaturesReadComplete(tACL_CONN & p_acl,uint8_t max_page_number)186 void NotifyAclFeaturesReadComplete(tACL_CONN& p_acl, uint8_t max_page_number) {
187 btm_process_remote_ext_features(&p_acl, max_page_number);
188 btm_set_link_policy(&p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
189 int32_t flush_timeout = osi_property_get_int32(PROPERTY_AUTO_FLUSH_TIMEOUT, 0);
190 if (bluetooth::shim::GetController()->SupportsNonFlushablePb() && flush_timeout != 0) {
191 acl_write_automatic_flush_timeout(p_acl.remote_addr, static_cast<uint16_t>(flush_timeout));
192 }
193 BTA_dm_notify_remote_features_complete(p_acl.remote_addr);
194 }
195
196 } // namespace
197
disconnect_acl(tACL_CONN & p_acl,tHCI_STATUS reason,std::string comment)198 static void disconnect_acl(tACL_CONN& p_acl, tHCI_STATUS reason, std::string comment) {
199 log::info("Disconnecting peer:{} reason:{} comment:{}", p_acl.remote_addr,
200 hci_error_code_text(reason), comment);
201 p_acl.disconnect_reason = reason;
202
203 return bluetooth::shim::ACL_Disconnect(p_acl.hci_handle, p_acl.is_transport_br_edr(), reason,
204 comment);
205 }
206
hci_start_role_switch_to_central(tACL_CONN & p_acl)207 void StackAclBtmAcl::hci_start_role_switch_to_central(tACL_CONN& p_acl) {
208 GetInterface().StartRoleSwitch(p_acl.remote_addr, static_cast<uint8_t>(HCI_ROLE_CENTRAL));
209 p_acl.set_switch_role_in_progress();
210 p_acl.rs_disc_pending = BTM_SEC_RS_PENDING;
211 }
212
213 /* 3 seconds timeout waiting for responses */
214 #define BTM_DEV_REPLY_TIMEOUT_MS (3 * 1000)
215
BTM_acl_after_controller_started()216 void BTM_acl_after_controller_started() {
217 internal_.btm_set_default_link_policy(HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH |
218 HCI_ENABLE_HOLD_MODE | HCI_ENABLE_SNIFF_MODE |
219 HCI_ENABLE_PARK_MODE);
220
221 /* Create ACL supported packet types mask */
222 uint16_t btm_acl_pkt_types_supported = (HCI_PKT_TYPES_MASK_DH1 + HCI_PKT_TYPES_MASK_DM1);
223
224 if (bluetooth::shim::GetController()->Supports3SlotPackets()) {
225 btm_acl_pkt_types_supported |= (HCI_PKT_TYPES_MASK_DH3 + HCI_PKT_TYPES_MASK_DM3);
226 }
227
228 if (bluetooth::shim::GetController()->Supports5SlotPackets()) {
229 btm_acl_pkt_types_supported |= (HCI_PKT_TYPES_MASK_DH5 + HCI_PKT_TYPES_MASK_DM5);
230 }
231
232 /* Add in EDR related ACL types */
233 if (!bluetooth::shim::GetController()->SupportsClassic2mPhy()) {
234 btm_acl_pkt_types_supported |= (HCI_PKT_TYPES_MASK_NO_2_DH1 + HCI_PKT_TYPES_MASK_NO_2_DH3 +
235 HCI_PKT_TYPES_MASK_NO_2_DH5);
236 }
237
238 if (!bluetooth::shim::GetController()->SupportsClassic3mPhy()) {
239 btm_acl_pkt_types_supported |= (HCI_PKT_TYPES_MASK_NO_3_DH1 + HCI_PKT_TYPES_MASK_NO_3_DH3 +
240 HCI_PKT_TYPES_MASK_NO_3_DH5);
241 }
242
243 /* Check to see if 3 and 5 slot packets are available */
244 if (bluetooth::shim::GetController()->SupportsClassic2mPhy() ||
245 bluetooth::shim::GetController()->SupportsClassic3mPhy()) {
246 if (!bluetooth::shim::GetController()->Supports3SlotEdrPackets()) {
247 btm_acl_pkt_types_supported |= (HCI_PKT_TYPES_MASK_NO_2_DH3 + HCI_PKT_TYPES_MASK_NO_3_DH3);
248 }
249
250 if (!bluetooth::shim::GetController()->Supports5SlotEdrPackets()) {
251 btm_acl_pkt_types_supported |= (HCI_PKT_TYPES_MASK_NO_2_DH5 + HCI_PKT_TYPES_MASK_NO_3_DH5);
252 }
253 }
254 internal_.set_default_packet_types_supported(btm_acl_pkt_types_supported);
255 }
256
257 /*******************************************************************************
258 *
259 * Function btm_bda_to_acl
260 *
261 * Description This function returns the FIRST acl_db entry for the passed
262 * BDA.
263 *
264 * Parameters bda : BD address of the remote device
265 * transport : Physical transport used for ACL connection
266 * (BR/EDR or LE)
267 *
268 * Returns Returns pointer to the ACL DB for the requested BDA if found.
269 * nullptr if not found.
270 *
271 ******************************************************************************/
btm_bda_to_acl(const RawAddress & bda,tBT_TRANSPORT transport)272 tACL_CONN* StackAclBtmAcl::btm_bda_to_acl(const RawAddress& bda, tBT_TRANSPORT transport) {
273 tACL_CONN* p_acl = &btm_cb.acl_cb_.acl_db[0];
274 for (uint8_t index = 0; index < MAX_L2CAP_LINKS; index++, p_acl++) {
275 if ((p_acl->in_use) && p_acl->remote_addr == bda && p_acl->transport == transport) {
276 return p_acl;
277 }
278 }
279 return nullptr;
280 }
281
btm_acl_consolidate(const RawAddress & identity_addr,const RawAddress & rpa)282 void StackAclBtmAcl::btm_acl_consolidate(const RawAddress& identity_addr, const RawAddress& rpa) {
283 tACL_CONN* p_acl = &btm_cb.acl_cb_.acl_db[0];
284 for (uint8_t index = 0; index < MAX_L2CAP_LINKS; index++, p_acl++) {
285 if (!p_acl->in_use) {
286 continue;
287 }
288
289 if (p_acl->remote_addr == rpa) {
290 log::info("consolidate {} -> {}", rpa, identity_addr);
291 p_acl->remote_addr = identity_addr;
292 return;
293 }
294 }
295 }
296
btm_acl_consolidate(const RawAddress & identity_addr,const RawAddress & rpa)297 void btm_acl_consolidate(const RawAddress& identity_addr, const RawAddress& rpa) {
298 return internal_.btm_acl_consolidate(identity_addr, rpa);
299 }
300
301 /*******************************************************************************
302 *
303 * Function btm_handle_to_acl_index
304 *
305 * Description This function returns the FIRST acl_db entry for the passed
306 * hci_handle.
307 *
308 * Returns index to the acl_db or MAX_L2CAP_LINKS.
309 *
310 ******************************************************************************/
btm_handle_to_acl_index(uint16_t hci_handle)311 uint8_t btm_handle_to_acl_index(uint16_t hci_handle) {
312 tACL_CONN* p = &btm_cb.acl_cb_.acl_db[0];
313 uint8_t xx;
314 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
315 if ((p->in_use) && (p->hci_handle == hci_handle)) {
316 break;
317 }
318 }
319
320 /* If here, no BD Addr found */
321 return xx;
322 }
323
acl_get_connection_from_handle(uint16_t hci_handle)324 tACL_CONN* StackAclBtmAcl::acl_get_connection_from_handle(uint16_t hci_handle) {
325 uint8_t index = btm_handle_to_acl_index(hci_handle);
326 if (index >= MAX_L2CAP_LINKS) {
327 return nullptr;
328 }
329 return &btm_cb.acl_cb_.acl_db[index];
330 }
331
acl_get_connection_from_handle(uint16_t handle)332 static tACL_CONN* acl_get_connection_from_handle(uint16_t handle) {
333 return internal_.acl_get_connection_from_handle(handle);
334 }
335
btm_acl_process_sca_cmpl_pkt(uint8_t len,uint8_t * data)336 void btm_acl_process_sca_cmpl_pkt(uint8_t len, uint8_t* data) {
337 uint16_t handle;
338 uint8_t sca;
339 uint8_t status;
340
341 if (len < 4) {
342 log::warn("Malformatted packet, not containing enough data");
343 return;
344 }
345
346 STREAM_TO_UINT8(status, data);
347
348 if (status != HCI_SUCCESS) {
349 log::warn("Peer SCA Command complete failed:{}",
350 hci_error_code_text(static_cast<tHCI_STATUS>(status)));
351 return;
352 }
353
354 STREAM_TO_UINT16(handle, data);
355 STREAM_TO_UINT8(sca, data);
356
357 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
358 if (p_acl == nullptr) {
359 log::warn("Unable to find active acl");
360 return;
361 }
362 p_acl->sca = sca;
363 }
364
acl_allocate_connection()365 tACL_CONN* StackAclBtmAcl::acl_allocate_connection() {
366 tACL_CONN* p_acl = &btm_cb.acl_cb_.acl_db[0];
367 for (uint8_t xx = 0; xx < MAX_L2CAP_LINKS; xx++, p_acl++) {
368 if (!p_acl->in_use) {
369 return p_acl;
370 }
371 }
372 return nullptr;
373 }
374
btm_acl_created(const RawAddress & bda,uint16_t hci_handle,tHCI_ROLE link_role,tBT_TRANSPORT transport)375 void btm_acl_created(const RawAddress& bda, uint16_t hci_handle, tHCI_ROLE link_role,
376 tBT_TRANSPORT transport) {
377 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bda, transport);
378 if (p_acl != (tACL_CONN*)NULL) {
379 p_acl->hci_handle = hci_handle;
380 p_acl->link_role = link_role;
381 p_acl->transport = transport;
382 if (transport == BT_TRANSPORT_BR_EDR) {
383 btm_set_link_policy(p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
384 }
385 log::warn(
386 "Unable to create duplicate acl when one already exists handle:{} "
387 "role:{} transport:{}",
388 hci_handle, RoleText(link_role), bt_transport_text(transport));
389 return;
390 }
391
392 p_acl = internal_.acl_allocate_connection();
393 if (p_acl == nullptr) {
394 log::warn("Unable to find active acl");
395 return;
396 }
397
398 p_acl->in_use = true;
399 p_acl->hci_handle = hci_handle;
400 p_acl->link_role = link_role;
401 p_acl->link_up_issued = false;
402 p_acl->remote_addr = bda;
403 p_acl->sca = 0xFF;
404 p_acl->transport = transport;
405 p_acl->switch_role_failed_attempts = 0;
406 p_acl->reset_switch_role();
407
408 log::debug("Created new ACL connection peer:{} role:{} handle:0x{:04x} transport:{}", bda,
409 RoleText(p_acl->link_role), hci_handle, bt_transport_text(transport));
410
411 if (p_acl->is_transport_br_edr()) {
412 BTM_PM_OnConnected(hci_handle, bda);
413 btm_set_link_policy(p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
414 }
415
416 // save remote properties to iot conf file
417 btm_iot_save_remote_properties(p_acl);
418
419 /* if BR/EDR do something more */
420 if (transport == BT_TRANSPORT_BR_EDR) {
421 btsnd_hcic_read_rmt_clk_offset(hci_handle);
422 }
423
424 if (transport == BT_TRANSPORT_LE) {
425 btm_ble_get_acl_remote_addr(hci_handle, p_acl->active_remote_addr,
426 &p_acl->active_remote_addr_type);
427
428 if (bluetooth::shim::GetController()->SupportsBlePeripheralInitiatedFeaturesExchange() ||
429 link_role == HCI_ROLE_CENTRAL) {
430 btsnd_hcic_ble_read_remote_feat(p_acl->hci_handle);
431 } else {
432 internal_.btm_establish_continue(p_acl);
433 }
434 }
435 }
436
btm_acl_create_failed(const RawAddress & bda,tBT_TRANSPORT transport,tHCI_STATUS hci_status)437 void btm_acl_create_failed(const RawAddress& bda, tBT_TRANSPORT transport, tHCI_STATUS hci_status) {
438 BTA_dm_acl_up_failed(bda, transport, hci_status);
439 }
440
441 /*******************************************************************************
442 *
443 * Function btm_acl_removed
444 *
445 * Description This function is called by L2CAP when an ACL connection
446 * is removed. Since only L2CAP creates ACL links, we use
447 * the L2CAP link index as our index into the control blocks.
448 *
449 * Returns void
450 *
451 ******************************************************************************/
btm_acl_removed(uint16_t handle)452 void btm_acl_removed(uint16_t handle) {
453 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
454 if (p_acl == nullptr) {
455 log::warn("Unable to find active acl");
456 return;
457 }
458 p_acl->in_use = false;
459 NotifyAclLinkDown(*p_acl);
460 if (p_acl->is_transport_br_edr()) {
461 BTM_PM_OnDisconnected(handle);
462 }
463 p_acl->Reset();
464 }
465
466 /*******************************************************************************
467 *
468 * Function btm_acl_device_down
469 *
470 * Description This function is called when the local device is deemed
471 * to be down. It notifies L2CAP of the failure.
472 *
473 * Returns void
474 *
475 ******************************************************************************/
btm_acl_device_down(void)476 void btm_acl_device_down(void) {
477 tACL_CONN* p = &btm_cb.acl_cb_.acl_db[0];
478 uint16_t xx;
479 for (xx = 0; xx < MAX_L2CAP_LINKS; xx++, p++) {
480 if (p->in_use) {
481 l2c_link_hci_disc_comp(p->hci_handle, HCI_ERR_HW_FAILURE);
482 }
483 }
484 BTM_db_reset();
485 }
486
BTM_GetRole(const RawAddress & remote_bd_addr,tHCI_ROLE * p_role)487 tBTM_STATUS BTM_GetRole(const RawAddress& remote_bd_addr, tHCI_ROLE* p_role) {
488 if (p_role == nullptr) {
489 return tBTM_STATUS::BTM_ILLEGAL_VALUE;
490 }
491 *p_role = HCI_ROLE_UNKNOWN;
492
493 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bd_addr, BT_TRANSPORT_BR_EDR);
494 if (p_acl == nullptr) {
495 log::warn("Unable to find active acl");
496 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
497 }
498 *p_role = p_acl->link_role;
499 return tBTM_STATUS::BTM_SUCCESS;
500 }
501
502 /*******************************************************************************
503 *
504 * Function BTM_SwitchRoleToCentral
505 *
506 * Description This function is called to switch role between central and
507 * peripheral. If role is already set it will do nothing.
508 *
509 * Returns tBTM_STATUS::BTM_SUCCESS if already in specified role.
510 * tBTM_STATUS::BTM_CMD_STARTED if command issued to controller.
511 * tBTM_STATUS::BTM_NO_RESOURCES if couldn't allocate memory to issue
512 * command
513 * tBTM_STATUS::BTM_UNKNOWN_ADDR if no active link with bd addr specified
514 * tBTM_STATUS::BTM_MODE_UNSUPPORTED if local device does not support role
515 * switching
516 * tBTM_STATUS::BTM_BUSY if the previous command is not completed
517 *
518 ******************************************************************************/
BTM_SwitchRoleToCentral(const RawAddress & remote_bd_addr)519 tBTM_STATUS BTM_SwitchRoleToCentral(const RawAddress& remote_bd_addr) {
520 if (!bluetooth::shim::GetController()->SupportsRoleSwitch()) {
521 log::info("Local controller does not support role switching");
522 return tBTM_STATUS::BTM_MODE_UNSUPPORTED;
523 }
524
525 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bd_addr, BT_TRANSPORT_BR_EDR);
526 if (p_acl == nullptr) {
527 log::warn("Unable to find active acl");
528 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
529 }
530
531 if (p_acl->link_role == HCI_ROLE_CENTRAL) {
532 log::info("Requested role is already in effect");
533 return tBTM_STATUS::BTM_SUCCESS;
534 }
535
536 if (interop_match_addr(INTEROP_DISABLE_ROLE_SWITCH, &remote_bd_addr)) {
537 log::info("Remote device is on list preventing role switch");
538 return tBTM_STATUS::BTM_DEV_RESTRICT_LISTED;
539 }
540
541 if (get_btm_client_interface().sco.BTM_IsScoActiveByBdaddr(remote_bd_addr)) {
542 log::info("An active SCO to device prevents role switch at this time");
543 return tBTM_STATUS::BTM_NO_RESOURCES;
544 }
545
546 if (!p_acl->is_switch_role_idle()) {
547 log::info("Role switch is already progress");
548 return tBTM_STATUS::BTM_BUSY;
549 }
550
551 if (interop_match_addr(INTEROP_DYNAMIC_ROLE_SWITCH, &remote_bd_addr)) {
552 log::debug("Device restrict listed under INTEROP_DYNAMIC_ROLE_SWITCH");
553 return tBTM_STATUS::BTM_DEV_RESTRICT_LISTED;
554 }
555
556 tBTM_PM_MODE pwr_mode;
557 if (!BTM_ReadPowerMode(p_acl->remote_addr, &pwr_mode)) {
558 log::warn(
559 "Unable to find device to read current power mode prior to role "
560 "switch");
561 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
562 };
563
564 if (pwr_mode == BTM_PM_MD_PARK || pwr_mode == BTM_PM_MD_SNIFF) {
565 if (!BTM_SetLinkPolicyActiveMode(p_acl->remote_addr)) {
566 log::warn("Unable to set link policy active before attempting switch");
567 return tBTM_STATUS::BTM_WRONG_MODE;
568 }
569 p_acl->set_switch_role_changing();
570 } else {
571 /* some devices do not support switch while encryption is on */
572 if (p_acl->is_encrypted && !IsEprAvailable(*p_acl)) {
573 /* bypass turning off encryption if change link key is already doing it */
574 p_acl->set_encryption_off();
575 p_acl->set_switch_role_encryption_off();
576 } else {
577 internal_.hci_start_role_switch_to_central(*p_acl);
578 }
579 }
580
581 return tBTM_STATUS::BTM_CMD_STARTED;
582 }
583
584 /*******************************************************************************
585 *
586 * Function btm_acl_encrypt_change
587 *
588 * Description This function is when encryption of the connection is
589 * completed by the LM. Checks to see if a role switch or
590 * change of link key was active and initiates or continues
591 * process if needed.
592 *
593 * Returns void
594 *
595 ******************************************************************************/
btm_acl_encrypt_change(uint16_t handle,uint8_t,uint8_t encr_enable)596 void btm_acl_encrypt_change(uint16_t handle, uint8_t /* status */, uint8_t encr_enable) {
597 tACL_CONN* p = internal_.acl_get_connection_from_handle(handle);
598 if (p == nullptr) {
599 log::warn("Unable to find active acl");
600 return;
601 }
602
603 /* Common Criteria mode only: if we are trying to drop encryption on an
604 * encrypted connection, drop the connection */
605 if (bluetooth::os::ParameterProvider::IsCommonCriteriaMode()) {
606 if (p->is_encrypted && !encr_enable) {
607 log::error(
608 "attempting to decrypt encrypted connection, disconnecting. handle: "
609 "0x{:x}",
610 handle);
611
612 acl_disconnect_from_handle(handle, HCI_ERR_HOST_REJECT_SECURITY,
613 "stack::btu::btu_hcif::read_drop_encryption "
614 "Connection Already Encrypted");
615 return;
616 }
617 }
618
619 p->is_encrypted = encr_enable;
620
621 /* Process Role Switch if active */
622 if (p->is_switch_role_encryption_off()) {
623 /* if encryption turn off failed we still will try to switch role */
624 if (encr_enable) {
625 p->set_encryption_idle();
626 p->reset_switch_role();
627 } else {
628 p->set_encryption_switching();
629 p->set_switch_role_switching();
630 }
631 internal_.hci_start_role_switch_to_central(*p);
632 } else if (p->is_switch_role_encryption_on()) {
633 /* Finished enabling Encryption after role switch */
634 p->reset_switch_role();
635 p->set_encryption_idle();
636 NotifyAclRoleSwitchComplete(btm_cb.acl_cb_.switch_role_ref_data.remote_bd_addr,
637 btm_cb.acl_cb_.switch_role_ref_data.role,
638 btm_cb.acl_cb_.switch_role_ref_data.hci_status);
639
640 /* If a disconnect is pending, issue it now that role switch has completed
641 */
642 if (p->rs_disc_pending == BTM_SEC_DISC_PENDING) {
643 disconnect_acl(*p, HCI_ERR_PEER_USER, "stack::acl::btm_acl::encrypt after role switch");
644 }
645 p->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
646 }
647 }
648
check_link_policy(tLINK_POLICY * settings)649 static void check_link_policy(tLINK_POLICY* settings) {
650 if ((*settings & HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH) &&
651 (!bluetooth::shim::GetController()->SupportsRoleSwitch())) {
652 *settings &= (~HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
653 log::info("Role switch not supported (settings: 0x{:04x})", *settings);
654 }
655 if ((*settings & HCI_ENABLE_HOLD_MODE) &&
656 (!bluetooth::shim::GetController()->SupportsHoldMode())) {
657 *settings &= (~HCI_ENABLE_HOLD_MODE);
658 log::info("hold not supported (settings: 0x{:04x})", *settings);
659 }
660 if ((*settings & HCI_ENABLE_SNIFF_MODE) &&
661 (!bluetooth::shim::GetController()->SupportsSniffMode())) {
662 *settings &= (~HCI_ENABLE_SNIFF_MODE);
663 log::info("sniff not supported (settings: 0x{:04x})", *settings);
664 }
665 if ((*settings & HCI_ENABLE_PARK_MODE) &&
666 (!bluetooth::shim::GetController()->SupportsParkMode())) {
667 *settings &= (~HCI_ENABLE_PARK_MODE);
668 log::info("park not supported (settings: 0x{:04x})", *settings);
669 }
670 }
671
btm_set_link_policy(tACL_CONN * conn,tLINK_POLICY policy)672 void btm_set_link_policy(tACL_CONN* conn, tLINK_POLICY policy) {
673 conn->link_policy = policy;
674 check_link_policy(&conn->link_policy);
675 if ((conn->link_policy & HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH) &&
676 interop_match_addr(INTEROP_DISABLE_SNIFF, &(conn->remote_addr))) {
677 conn->link_policy &= (~HCI_ENABLE_SNIFF_MODE);
678 }
679 btsnd_hcic_write_policy_set(conn->hci_handle, static_cast<uint16_t>(conn->link_policy));
680 }
681
btm_toggle_policy_on_for(const RawAddress & peer_addr,uint16_t flag)682 static void btm_toggle_policy_on_for(const RawAddress& peer_addr, uint16_t flag) {
683 auto conn = internal_.btm_bda_to_acl(peer_addr, BT_TRANSPORT_BR_EDR);
684 if (!conn) {
685 log::warn("Unable to find active acl");
686 return;
687 }
688 btm_set_link_policy(conn, conn->link_policy | flag);
689 }
690
btm_toggle_policy_off_for(const RawAddress & peer_addr,uint16_t flag)691 static void btm_toggle_policy_off_for(const RawAddress& peer_addr, uint16_t flag) {
692 auto conn = internal_.btm_bda_to_acl(peer_addr, BT_TRANSPORT_BR_EDR);
693 if (!conn) {
694 log::warn("Unable to find active acl");
695 return;
696 }
697 btm_set_link_policy(conn, conn->link_policy & ~flag);
698 }
699
BTM_is_sniff_allowed_for(const RawAddress & peer_addr)700 bool BTM_is_sniff_allowed_for(const RawAddress& peer_addr) {
701 auto conn = internal_.btm_bda_to_acl(peer_addr, BT_TRANSPORT_BR_EDR);
702 if (!conn) {
703 log::warn("Unable to find active acl");
704 return false;
705 }
706 return conn->link_policy & HCI_ENABLE_SNIFF_MODE;
707 }
708
BTM_unblock_sniff_mode_for(const RawAddress & peer_addr)709 void BTM_unblock_sniff_mode_for(const RawAddress& peer_addr) {
710 btm_toggle_policy_on_for(peer_addr, HCI_ENABLE_SNIFF_MODE);
711 }
712
BTM_block_sniff_mode_for(const RawAddress & peer_addr)713 void BTM_block_sniff_mode_for(const RawAddress& peer_addr) {
714 btm_toggle_policy_off_for(peer_addr, HCI_ENABLE_SNIFF_MODE);
715 }
716
BTM_unblock_role_switch_for(const RawAddress & peer_addr)717 void BTM_unblock_role_switch_for(const RawAddress& peer_addr) {
718 btm_toggle_policy_on_for(peer_addr, HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
719 }
720
BTM_block_role_switch_for(const RawAddress & peer_addr)721 void BTM_block_role_switch_for(const RawAddress& peer_addr) {
722 btm_toggle_policy_off_for(peer_addr, HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
723 }
724
BTM_unblock_role_switch_and_sniff_mode_for(const RawAddress & peer_addr)725 void BTM_unblock_role_switch_and_sniff_mode_for(const RawAddress& peer_addr) {
726 btm_toggle_policy_on_for(peer_addr, HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
727 }
728
BTM_block_role_switch_and_sniff_mode_for(const RawAddress & peer_addr)729 void BTM_block_role_switch_and_sniff_mode_for(const RawAddress& peer_addr) {
730 btm_toggle_policy_off_for(peer_addr,
731 HCI_ENABLE_SNIFF_MODE | HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
732 }
733
btm_set_default_link_policy(tLINK_POLICY settings)734 void StackAclBtmAcl::btm_set_default_link_policy(tLINK_POLICY settings) {
735 check_link_policy(&settings);
736 btm_cb.acl_cb_.btm_def_link_policy = settings;
737 btsnd_hcic_write_def_policy_set(settings);
738 }
739
BTM_default_unblock_role_switch()740 void BTM_default_unblock_role_switch() {
741 internal_.btm_set_default_link_policy(btm_cb.acl_cb_.DefaultLinkPolicy() |
742 HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH);
743 }
744
745 extern void bta_gattc_continue_discovery_if_needed(const RawAddress& bd_addr, uint16_t acl_handle);
746
maybe_chain_more_commands_after_read_remote_version_complete(uint8_t,uint16_t handle)747 static void maybe_chain_more_commands_after_read_remote_version_complete(uint8_t /* status */,
748 uint16_t handle) {
749 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
750 if (p_acl_cb == nullptr) {
751 log::warn("Received remote version complete for unknown device");
752 return;
753 }
754
755 switch (p_acl_cb->transport) {
756 case BT_TRANSPORT_LE:
757 l2cble_notify_le_connection(p_acl_cb->remote_addr);
758 l2cble_use_preferred_conn_params(p_acl_cb->remote_addr);
759 bta_gattc_continue_discovery_if_needed(p_acl_cb->remote_addr, p_acl_cb->Handle());
760 break;
761 case BT_TRANSPORT_BR_EDR:
762 /**
763 * When running legacy stack continue chain of executing various
764 * read commands. Skip when gd_acl is enabled because that
765 * module handles all remote read functionality.
766 */
767 break;
768 default:
769 log::error("Unable to determine transport:{} device:{}",
770 bt_transport_text(p_acl_cb->transport), p_acl_cb->remote_addr);
771 }
772
773 // save remote versions to iot conf file
774 btm_iot_save_remote_versions(p_acl_cb);
775 }
776
btm_process_remote_version_complete(uint8_t status,uint16_t handle,uint8_t lmp_version,uint16_t manufacturer,uint16_t lmp_subversion)777 static void btm_process_remote_version_complete(uint8_t status, uint16_t handle,
778 uint8_t lmp_version, uint16_t manufacturer,
779 uint16_t lmp_subversion) {
780 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
781 if (p_acl_cb == nullptr) {
782 log::warn("Received remote version complete for unknown acl");
783 return;
784 }
785 p_acl_cb->remote_version_received = true;
786
787 if (status == HCI_SUCCESS) {
788 p_acl_cb->remote_version_info.lmp_version = lmp_version;
789 p_acl_cb->remote_version_info.manufacturer = manufacturer;
790 p_acl_cb->remote_version_info.lmp_subversion = lmp_subversion;
791 p_acl_cb->remote_version_info.valid = true;
792 BTM_update_version_info(p_acl_cb->RemoteAddress(), p_acl_cb->remote_version_info);
793
794 bluetooth::common::LogRemoteVersionInfo(handle, status, lmp_version, manufacturer,
795 lmp_subversion);
796 } else {
797 bluetooth::common::LogRemoteVersionInfo(handle, status, 0, 0, 0);
798 }
799 }
800
801 /*******************************************************************************
802 *
803 * Function btm_read_remote_version_complete
804 *
805 * Description This function is called when the command complete message
806 * is received from the HCI for the remote version info.
807 *
808 * Returns void
809 *
810 ******************************************************************************/
btm_read_remote_version_complete(tHCI_STATUS status,uint16_t handle,uint8_t lmp_version,uint16_t manufacturer,uint16_t lmp_subversion)811 void btm_read_remote_version_complete(tHCI_STATUS status, uint16_t handle, uint8_t lmp_version,
812 uint16_t manufacturer, uint16_t lmp_subversion) {
813 btm_process_remote_version_complete(status, handle, lmp_version, manufacturer, lmp_subversion);
814 maybe_chain_more_commands_after_read_remote_version_complete(status, handle);
815 }
816
817 /*******************************************************************************
818 *
819 * Function btm_process_remote_ext_features
820 *
821 * Description Local function called to process all extended features pages
822 * read from a remote device.
823 *
824 * Returns void
825 *
826 ******************************************************************************/
btm_process_remote_ext_features(tACL_CONN * p_acl_cb,uint8_t max_page_number)827 void btm_process_remote_ext_features(tACL_CONN* p_acl_cb, uint8_t max_page_number) {
828 log::assert_that(p_acl_cb != nullptr, "assert failed: p_acl_cb != nullptr");
829 if (!p_acl_cb->peer_lmp_feature_valid[max_page_number]) {
830 log::warn("Checking remote features but remote feature read is incomplete");
831 }
832
833 bool ssp_supported = HCI_SSP_HOST_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[1]);
834 bool secure_connections_supported = HCI_SC_HOST_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[1]);
835 bool role_switch_supported = HCI_SWITCH_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0]);
836 bool br_edr_supported = !HCI_BREDR_NOT_SPT_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0]);
837 bool le_supported = HCI_LE_SPT_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[0]) &&
838 HCI_LE_HOST_SUPPORTED(p_acl_cb->peer_lmp_feature_pages[1]);
839 btm_sec_set_peer_sec_caps(p_acl_cb->hci_handle, ssp_supported, secure_connections_supported,
840 role_switch_supported, br_edr_supported, le_supported);
841 }
842
843 /*******************************************************************************
844 *
845 * Function btm_read_remote_ext_features
846 *
847 * Description Local function called to send a read remote extended
848 * features
849 *
850 * Returns void
851 *
852 ******************************************************************************/
btm_read_remote_ext_features(uint16_t handle,uint8_t page_number)853 void btm_read_remote_ext_features(uint16_t handle, uint8_t page_number) {
854 btsnd_hcic_rmt_ext_features(handle, page_number);
855 }
856
857 /*******************************************************************************
858 *
859 * Function btm_read_remote_ext_features_complete
860 *
861 * Description This function is called when the remote extended features
862 * complete event is received from the HCI.
863 *
864 * Returns void
865 *
866 ******************************************************************************/
btm_read_remote_ext_features_complete_raw(uint8_t * p,uint8_t evt_len)867 void btm_read_remote_ext_features_complete_raw(uint8_t* p, uint8_t evt_len) {
868 uint8_t page_num, max_page;
869 uint16_t handle;
870
871 if (evt_len < HCI_EXT_FEATURES_SUCCESS_EVT_LEN) {
872 log::warn("Remote extended feature length too short. length={}", evt_len);
873 return;
874 }
875
876 ++p;
877 STREAM_TO_UINT16(handle, p);
878 STREAM_TO_UINT8(page_num, p);
879 STREAM_TO_UINT8(max_page, p);
880
881 if (max_page > HCI_EXT_FEATURES_PAGE_MAX) {
882 log::warn("Too many max pages read page={} unknown", max_page);
883 return;
884 }
885
886 if (page_num > HCI_EXT_FEATURES_PAGE_MAX) {
887 log::warn("Too many received pages num_page={} invalid", page_num);
888 return;
889 }
890
891 if (page_num > max_page) {
892 log::warn("num_page={}, max_page={} invalid", page_num, max_page);
893 }
894
895 btm_read_remote_ext_features_complete(handle, page_num, max_page, p);
896 }
897
btm_read_remote_ext_features_complete(uint16_t handle,uint8_t page_num,uint8_t max_page,uint8_t * features)898 void btm_read_remote_ext_features_complete(uint16_t handle, uint8_t page_num, uint8_t max_page,
899 uint8_t* features) {
900 /* Validate parameters */
901 auto* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
902 if (p_acl_cb == nullptr) {
903 log::warn("Unable to find active acl");
904 return;
905 }
906
907 /* Copy the received features page */
908 STREAM_TO_ARRAY(p_acl_cb->peer_lmp_feature_pages[page_num], features, HCI_FEATURE_BYTES_PER_PAGE);
909 p_acl_cb->peer_lmp_feature_valid[page_num] = true;
910
911 /* save remote extended features to iot conf file */
912 std::string key = IOT_CONF_KEY_RT_EXT_FEATURES "_" + std::to_string(page_num);
913
914 DEVICE_IOT_CONFIG_ADDR_SET_BIN(p_acl_cb->remote_addr, key,
915 p_acl_cb->peer_lmp_feature_pages[page_num], BD_FEATURES_LEN);
916
917 /* If there is the next remote features page and
918 * we have space to keep this page data - read this page */
919 if ((page_num < max_page) && (page_num < HCI_EXT_FEATURES_PAGE_MAX)) {
920 page_num++;
921 log::debug("BTM reads next remote extended features page ({})", page_num);
922 btm_read_remote_ext_features(handle, page_num);
923 return;
924 }
925
926 /* Reading of remote feature pages is complete */
927 log::debug("BTM reached last remote extended features page ({})", page_num);
928
929 /* Process the pages */
930 btm_process_remote_ext_features(p_acl_cb, max_page);
931
932 /* Continue with HCI connection establishment */
933 internal_.btm_establish_continue(p_acl_cb);
934 }
935
936 /*******************************************************************************
937 *
938 * Function btm_read_remote_ext_features_failed
939 *
940 * Description This function is called when the remote extended features
941 * complete event returns a failed status.
942 *
943 * Returns void
944 *
945 ******************************************************************************/
btm_read_remote_ext_features_failed(uint8_t status,uint16_t handle)946 void btm_read_remote_ext_features_failed(uint8_t status, uint16_t handle) {
947 log::warn("status 0x{:02x} for handle {}", status, handle);
948
949 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
950 if (p_acl_cb == nullptr) {
951 log::warn("Unable to find active acl");
952 return;
953 }
954
955 /* Process supported features only */
956 btm_process_remote_ext_features(p_acl_cb, 0);
957
958 /* Continue HCI connection establishment */
959 internal_.btm_establish_continue(p_acl_cb);
960 }
961
962 /*******************************************************************************
963 *
964 * Function btm_establish_continue
965 *
966 * Description This function is called when the command complete message
967 * is received from the HCI for the read local link policy
968 * request.
969 *
970 * Returns void
971 *
972 ******************************************************************************/
btm_establish_continue(tACL_CONN * p_acl)973 void StackAclBtmAcl::btm_establish_continue(tACL_CONN* p_acl) {
974 log::assert_that(p_acl != nullptr, "assert failed: p_acl != nullptr");
975
976 if (p_acl->is_transport_br_edr()) {
977 /* For now there are a some devices that do not like sending */
978 /* commands events and data at the same time. */
979 /* Set the packet types to the default allowed by the device */
980 const uint16_t default_packet_type_mask = btm_cb.acl_cb_.DefaultPacketTypes();
981 if (!internal_.change_connection_packet_types(*p_acl, default_packet_type_mask)) {
982 log::error("Unable to change connection packet type types:{:04x} address:{}",
983 default_packet_type_mask, p_acl->RemoteAddress());
984 }
985 btm_set_link_policy(p_acl, btm_cb.acl_cb_.DefaultLinkPolicy());
986 } else if (p_acl->is_transport_ble()) {
987 btm_ble_connection_established(p_acl->remote_addr);
988 }
989 NotifyAclLinkUp(*p_acl);
990 }
991
btm_establish_continue_from_address(const RawAddress & bda,tBT_TRANSPORT transport)992 void btm_establish_continue_from_address(const RawAddress& bda, tBT_TRANSPORT transport) {
993 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bda, transport);
994 if (p_acl == nullptr) {
995 log::warn("Unable to find active acl");
996 return;
997 }
998 internal_.btm_establish_continue(p_acl);
999 }
1000
1001 /*******************************************************************************
1002 *
1003 * Function BTM_GetLinkSuperTout
1004 *
1005 * Description Read the link supervision timeout value of the connection
1006 *
1007 * Returns status of the operation
1008 *
1009 ******************************************************************************/
BTM_GetLinkSuperTout(const RawAddress & remote_bda,uint16_t * p_timeout)1010 tBTM_STATUS BTM_GetLinkSuperTout(const RawAddress& remote_bda, uint16_t* p_timeout) {
1011 log::assert_that(p_timeout != nullptr, "assert failed: p_timeout != nullptr");
1012 const tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1013 if (p_acl == nullptr) {
1014 log::warn("Unable to find active acl");
1015 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1016 }
1017 *p_timeout = p_acl->link_super_tout;
1018 return tBTM_STATUS::BTM_SUCCESS;
1019 }
1020
1021 /*******************************************************************************
1022 *
1023 * Function BTM_SetLinkSuperTout
1024 *
1025 * Description Create and send HCI "Write Link Supervision Timeout" command
1026 *
1027 * Returns status of the operation
1028 *
1029 ******************************************************************************/
BTM_SetLinkSuperTout(const RawAddress & remote_bda,uint16_t timeout)1030 tBTM_STATUS BTM_SetLinkSuperTout(const RawAddress& remote_bda, uint16_t timeout) {
1031 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1032 if (p_acl == nullptr) {
1033 log::warn("Unable to find active acl");
1034 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1035 }
1036
1037 /* Only send if current role is Central; 2.0 spec requires this */
1038 if (p_acl->link_role == HCI_ROLE_CENTRAL) {
1039 if (!bluetooth::shim::GetController()->IsSupported(
1040 bluetooth::hci::OpCode::WRITE_LINK_SUPERVISION_TIMEOUT)) {
1041 log::warn(
1042 "UNSUPPORTED by controller write link supervision timeout:{:.2f}ms "
1043 "bd_addr:{}",
1044 supervision_timeout_to_seconds(timeout), remote_bda);
1045 return tBTM_STATUS::BTM_MODE_UNSUPPORTED;
1046 }
1047 p_acl->link_super_tout = timeout;
1048 btsnd_hcic_write_link_super_tout(p_acl->hci_handle, timeout);
1049 log::debug("Set supervision timeout:{:.2f}ms bd_addr:{}",
1050 supervision_timeout_to_seconds(timeout), remote_bda);
1051 return tBTM_STATUS::BTM_CMD_STARTED;
1052 } else {
1053 log::warn(
1054 "Role is peripheral so unable to set supervision timeout:{:.2f}ms "
1055 "bd_addr:{}",
1056 supervision_timeout_to_seconds(timeout), remote_bda);
1057 return tBTM_STATUS::BTM_SUCCESS;
1058 }
1059 }
1060
BTM_IsAclConnectionUp(const RawAddress & remote_bda,tBT_TRANSPORT transport)1061 bool BTM_IsAclConnectionUp(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1062 return internal_.btm_bda_to_acl(remote_bda, transport) != nullptr;
1063 }
1064
BTM_IsAclConnectionUpAndHandleValid(const RawAddress & remote_bda,tBT_TRANSPORT transport)1065 bool BTM_IsAclConnectionUpAndHandleValid(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1066 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, transport);
1067 if (p_acl == nullptr) {
1068 return false;
1069 }
1070 return p_acl->hci_handle != HCI_INVALID_HANDLE;
1071 }
1072
1073 /*******************************************************************************
1074 *
1075 * Function BTM_GetNumAclLinks
1076 *
1077 * Description This function is called to count the number of
1078 * ACL links that are active.
1079 *
1080 * Returns uint16_t Number of active ACL links
1081 *
1082 ******************************************************************************/
BTM_GetNumAclLinks(void)1083 uint16_t BTM_GetNumAclLinks(void) {
1084 return static_cast<uint16_t>(btm_cb.acl_cb_.NumberOfActiveLinks());
1085 }
1086
1087 /*******************************************************************************
1088 *
1089 * Function btm_get_acl_disc_reason_code
1090 *
1091 * Description This function is called to get the disconnection reason code
1092 * returned by the HCI at disconnection complete event.
1093 *
1094 * Returns true if connection is up, else false.
1095 *
1096 ******************************************************************************/
btm_get_acl_disc_reason_code(void)1097 tHCI_REASON btm_get_acl_disc_reason_code(void) { return btm_cb.acl_cb_.get_disconnect_reason(); }
1098
1099 /*******************************************************************************
1100 *
1101 * Function btm_is_acl_locally_initiated
1102 *
1103 * Description This function is called to get which side initiates the
1104 * connection, at HCI connection complete event.
1105 *
1106 * Returns true if connection is locally initiated, else false.
1107 *
1108 ******************************************************************************/
btm_is_acl_locally_initiated(void)1109 bool btm_is_acl_locally_initiated(void) { return btm_cb.acl_cb_.is_locally_initiated(); }
1110
1111 /*******************************************************************************
1112 *
1113 * Function BTM_GetHCIConnHandle
1114 *
1115 * Description This function is called to get the handle for an ACL
1116 * connection to a specific remote BD Address.
1117 *
1118 * Returns the handle of the connection, or HCI_INVALID_HANDLE if none.
1119 *
1120 ******************************************************************************/
BTM_GetHCIConnHandle(const RawAddress & remote_bda,tBT_TRANSPORT transport)1121 uint16_t BTM_GetHCIConnHandle(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1122 tACL_CONN* p;
1123 p = internal_.btm_bda_to_acl(remote_bda, transport);
1124 if (p != (tACL_CONN*)NULL) {
1125 return p->hci_handle;
1126 }
1127
1128 /* If here, no BD Addr found */
1129 return HCI_INVALID_HANDLE;
1130 }
1131
1132 /*******************************************************************************
1133 *
1134 * Function BTM_IsPhy2mSupported
1135 *
1136 * Description This function is called to check PHY 2M support
1137 * from peer device
1138 * Returns True when PHY 2M supported false otherwise
1139 *
1140 ******************************************************************************/
BTM_IsPhy2mSupported(const RawAddress & remote_bda,tBT_TRANSPORT transport)1141 bool BTM_IsPhy2mSupported(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1142 tACL_CONN* p;
1143 log::verbose("BTM_IsPhy2mSupported");
1144 p = internal_.btm_bda_to_acl(remote_bda, transport);
1145 if (p == (tACL_CONN*)NULL) {
1146 log::verbose("BTM_IsPhy2mSupported: no connection");
1147 return false;
1148 }
1149
1150 if (!p->peer_le_features_valid) {
1151 log::warn("Checking remote features but remote feature read is incomplete");
1152 }
1153 return HCI_LE_2M_PHY_SUPPORTED(p->peer_le_features);
1154 }
1155
1156 /*******************************************************************************
1157 *
1158 * Function BTM_RequestPeerSCA
1159 *
1160 * Description This function is called to request sleep clock accuracy
1161 * from peer device
1162 *
1163 ******************************************************************************/
BTM_RequestPeerSCA(const RawAddress & remote_bda,tBT_TRANSPORT transport)1164 void BTM_RequestPeerSCA(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1165 tACL_CONN* p;
1166 p = internal_.btm_bda_to_acl(remote_bda, transport);
1167 if (p == (tACL_CONN*)NULL) {
1168 log::warn("Unable to find active acl");
1169 return;
1170 }
1171
1172 btsnd_hcic_req_peer_sca(p->hci_handle);
1173 }
1174
1175 /*******************************************************************************
1176 *
1177 * Function BTM_GetPeerSCA
1178 *
1179 * Description This function is called to get peer sleep clock accuracy
1180 *
1181 * Returns SCA or 0xFF if SCA was never previously requested, request
1182 * is not supported by peer device or ACL does not exist
1183 *
1184 ******************************************************************************/
BTM_GetPeerSCA(const RawAddress & remote_bda,tBT_TRANSPORT transport)1185 uint8_t BTM_GetPeerSCA(const RawAddress& remote_bda, tBT_TRANSPORT transport) {
1186 tACL_CONN* p;
1187 p = internal_.btm_bda_to_acl(remote_bda, transport);
1188 if (p != (tACL_CONN*)NULL) {
1189 return p->sca;
1190 }
1191 log::warn("Unable to find active acl");
1192
1193 /* If here, no BD Addr found */
1194 return 0xFF;
1195 }
1196
1197 /*******************************************************************************
1198 *
1199 * Function btm_rejectlist_role_change_device
1200 *
1201 * Description This function is used to rejectlist the device if the role
1202 * switch fails for maximum number of times. It also removes
1203 * the device from the black list if the role switch succeeds.
1204 *
1205 * Input Parms bd_addr - remote BD addr
1206 * hci_status - role switch status
1207 *
1208 * Returns void
1209 *
1210 *******************************************************************************/
btm_rejectlist_role_change_device(const RawAddress & bd_addr,uint8_t hci_status)1211 void btm_rejectlist_role_change_device(const RawAddress& bd_addr, uint8_t hci_status) {
1212 tACL_CONN* p = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
1213
1214 if (!p) {
1215 log::warn("Unable to find active acl");
1216 return;
1217 }
1218 if (hci_status == HCI_SUCCESS) {
1219 p->switch_role_failed_attempts = 0;
1220 return;
1221 }
1222
1223 /* check for carkits */
1224 const uint32_t cod_audio_device = (BTM_COD_SERVICE_AUDIO | BTM_COD_MAJOR_AUDIO) << 8;
1225 DEV_CLASS dev_class = btm_get_dev_class(bd_addr);
1226 if (dev_class == kDevClassEmpty) {
1227 return;
1228 }
1229 const uint32_t cod = ((dev_class[0] << 16) | (dev_class[1] << 8) | dev_class[2]) & 0xffffff;
1230 if ((hci_status != HCI_SUCCESS) && (p->is_switch_role_switching_or_in_progress()) &&
1231 ((cod & cod_audio_device) == cod_audio_device) &&
1232 (!interop_match_addr(INTEROP_DYNAMIC_ROLE_SWITCH, &bd_addr))) {
1233 p->switch_role_failed_attempts++;
1234 if (p->switch_role_failed_attempts == BTM_MAX_SW_ROLE_FAILED_ATTEMPTS) {
1235 log::warn(
1236 "Device {} rejectlisted for role switching - multiple role switch "
1237 "failed attempts: {}",
1238 bd_addr, p->switch_role_failed_attempts);
1239 interop_database_add(INTEROP_DYNAMIC_ROLE_SWITCH, &bd_addr, 3);
1240 }
1241 }
1242 }
1243
1244 /*******************************************************************************
1245 *
1246 * Function acl_cache_role
1247 *
1248 * Description This function caches the role of the device associated
1249 * with the given address. This happens if we get a role change
1250 * before connection complete. The cached role is propagated
1251 * when ACL Link is created.
1252 *
1253 * Returns void
1254 *
1255 ******************************************************************************/
1256
acl_cache_role(const RawAddress & bd_addr,tHCI_ROLE new_role,bool overwrite_cache)1257 void acl_cache_role(const RawAddress& bd_addr, tHCI_ROLE new_role, bool overwrite_cache) {
1258 if (overwrite_cache || delayed_role_change_ == nullptr) {
1259 RoleChangeView role_change;
1260 role_change.new_role = new_role;
1261 role_change.bd_addr = bd_addr;
1262 delayed_role_change_ = std::make_unique<RoleChangeView>(std::move(role_change));
1263 }
1264 }
1265
1266 /*******************************************************************************
1267 *
1268 * Function btm_acl_role_changed
1269 *
1270 * Description This function is called whan a link's central/peripheral
1271 *role change event or command status event (with error) is received. It updates
1272 *the link control block, and calls the registered callback with status and role
1273 *(if registered).
1274 *
1275 * Returns void
1276 *
1277 ******************************************************************************/
btm_acl_role_changed(tHCI_STATUS hci_status,const RawAddress & bd_addr,tHCI_ROLE new_role)1278 void StackAclBtmAcl::btm_acl_role_changed(tHCI_STATUS hci_status, const RawAddress& bd_addr,
1279 tHCI_ROLE new_role) {
1280 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
1281 if (p_acl == nullptr) {
1282 // If we get a role change before connection complete, we cache the new
1283 // role here and then propagate it when ACL Link is created.
1284 acl_cache_role(bd_addr, new_role, /*overwrite_cache=*/true);
1285 log::warn("Unable to find active acl");
1286 return;
1287 }
1288
1289 tBTM_ROLE_SWITCH_CMPL* p_switch_role = &btm_cb.acl_cb_.switch_role_ref_data;
1290 log::debug("Role change event received peer:{} hci_status:{} new_role:{}", bd_addr,
1291 hci_error_code_text(hci_status), RoleText(new_role));
1292
1293 p_switch_role->hci_status = hci_status;
1294 if (hci_status == HCI_SUCCESS) {
1295 p_switch_role->role = new_role;
1296 p_switch_role->remote_bd_addr = bd_addr;
1297
1298 /* Update cached value */
1299 p_acl->link_role = new_role;
1300
1301 /* Reload LSTO: link supervision timeout is reset in the LM after a role
1302 * switch */
1303 if (new_role == HCI_ROLE_CENTRAL) {
1304 uint16_t link_supervision_timeout =
1305 osi_property_get_int32(PROPERTY_LINK_SUPERVISION_TIMEOUT, 8000);
1306 BTM_SetLinkSuperTout(bd_addr, link_supervision_timeout);
1307 }
1308 } else {
1309 new_role = p_acl->link_role;
1310 }
1311
1312 /* Check if any SCO req is pending for role change */
1313 btm_sco_chk_pend_rolechange(p_acl->hci_handle);
1314
1315 /* if switching state is switching we need to turn encryption on */
1316 /* if idle, we did not change encryption */
1317 if (p_acl->is_switch_role_switching()) {
1318 p_acl->set_encryption_on();
1319 p_acl->set_switch_role_encryption_on();
1320 return;
1321 }
1322
1323 /* Set the switch_role_state to IDLE since the reply received from HCI */
1324 /* regardless of its result either success or failed. */
1325 if (p_acl->is_switch_role_in_progress()) {
1326 p_acl->set_encryption_idle();
1327 p_acl->reset_switch_role();
1328 }
1329
1330 BTA_dm_report_role_change(bd_addr, new_role, hci_status);
1331 btm_sec_role_changed(hci_status, bd_addr, new_role);
1332
1333 /* If a disconnect is pending, issue it now that role switch has completed */
1334 if (p_acl->rs_disc_pending == BTM_SEC_DISC_PENDING) {
1335 disconnect_acl(*p_acl, HCI_ERR_PEER_USER, "stack::acl::btm_acl::role after role switch");
1336 }
1337 p_acl->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
1338 }
1339
btm_acl_role_changed(tHCI_STATUS hci_status,const RawAddress & bd_addr,tHCI_ROLE new_role)1340 void btm_acl_role_changed(tHCI_STATUS hci_status, const RawAddress& bd_addr, tHCI_ROLE new_role) {
1341 btm_rejectlist_role_change_device(bd_addr, hci_status);
1342
1343 if (hci_status == HCI_SUCCESS) {
1344 l2c_link_role_changed(&bd_addr, new_role, hci_status);
1345 } else {
1346 l2c_link_role_changed(nullptr, HCI_ROLE_UNKNOWN, HCI_ERR_COMMAND_DISALLOWED);
1347 }
1348 internal_.btm_acl_role_changed(hci_status, bd_addr, new_role);
1349 }
1350
1351 /*******************************************************************************
1352 *
1353 * Function change_connection_packet_types
1354 *
1355 * Description This function sets the packet types used for a specific
1356 * ACL connection. It is called internally by btm_acl_created
1357 * or by an application/profile by BTM_SetPacketTypes.
1358 *
1359 * Returns status of the operation
1360 *
1361 ******************************************************************************/
change_connection_packet_types(tACL_CONN & link,const uint16_t new_packet_type_mask)1362 bool StackAclBtmAcl::change_connection_packet_types(tACL_CONN& link,
1363 const uint16_t new_packet_type_mask) {
1364 // Start with the default configured packet types
1365 const uint16_t default_packet_type_mask = btm_cb.acl_cb_.DefaultPacketTypes();
1366
1367 uint16_t packet_type_mask =
1368 default_packet_type_mask & (new_packet_type_mask & BTM_ACL_SUPPORTED_PKTS_MASK);
1369
1370 /* OR in any exception packet types if at least 2.0 version of spec */
1371 packet_type_mask |= ((new_packet_type_mask & BTM_ACL_EXCEPTION_PKTS_MASK) |
1372 (BTM_ACL_EXCEPTION_PKTS_MASK & default_packet_type_mask));
1373
1374 /* Exclude packet types not supported by the peer */
1375 if (link.peer_lmp_feature_valid[0]) {
1376 PeerPacketTypes peer_packet_types(link.peer_lmp_feature_pages[0]);
1377 packet_type_mask &= peer_packet_types.acl.supported;
1378 packet_type_mask |= peer_packet_types.acl.unsupported;
1379 } else {
1380 log::info(
1381 "Unable to include remote supported packet types as read feature "
1382 "incomplete");
1383 log::info("TIP: Maybe wait until read feature complete beforehand");
1384 }
1385
1386 if (packet_type_mask == 0) {
1387 log::warn("Unable to send controller illegal change packet mask:0x{:04x}", packet_type_mask);
1388 return false;
1389 }
1390
1391 link.pkt_types_mask = packet_type_mask;
1392 GetInterface().ChangeConnectionPacketType(link.Handle(), link.pkt_types_mask);
1393 log::debug("Started change connection packet type:0x{:04x} address:{}", link.pkt_types_mask,
1394 link.RemoteAddress());
1395 return true;
1396 }
1397
btm_set_packet_types_from_address(const RawAddress & bd_addr,uint16_t pkt_types)1398 void btm_set_packet_types_from_address(const RawAddress& bd_addr, uint16_t pkt_types) {
1399 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
1400 if (p_acl == nullptr) {
1401 log::warn("Unable to find active acl");
1402 return;
1403 }
1404
1405 if (!internal_.change_connection_packet_types(*p_acl, pkt_types)) {
1406 log::error("Unable to change connection packet type types:{:04x} address:{}", pkt_types,
1407 bd_addr);
1408 }
1409 }
1410
1411 /*******************************************************************************
1412 *
1413 * Function BTM_GetMaxPacketSize
1414 *
1415 * Returns Returns maximum packet size that can be used for current
1416 * connection, 0 if connection is not established
1417 *
1418 ******************************************************************************/
BTM_GetMaxPacketSize(const RawAddress & addr)1419 uint16_t BTM_GetMaxPacketSize(const RawAddress& addr) {
1420 tACL_CONN* p = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1421 uint16_t pkt_types = 0;
1422 uint16_t pkt_size = 0;
1423 if (p != NULL) {
1424 pkt_types = p->pkt_types_mask;
1425 } else {
1426 /* Special case for when info for the local device is requested */
1427 if (addr == bluetooth::ToRawAddress(bluetooth::shim::GetController()->GetMacAddress())) {
1428 pkt_types = btm_cb.acl_cb_.DefaultPacketTypes();
1429 }
1430 }
1431
1432 if (pkt_types) {
1433 if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_3_DH5)) {
1434 pkt_size = HCI_EDR3_DH5_PACKET_SIZE;
1435 } else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_2_DH5)) {
1436 pkt_size = HCI_EDR2_DH5_PACKET_SIZE;
1437 } else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_3_DH3)) {
1438 pkt_size = HCI_EDR3_DH3_PACKET_SIZE;
1439 } else if (pkt_types & HCI_PKT_TYPES_MASK_DH5) {
1440 pkt_size = HCI_DH5_PACKET_SIZE;
1441 } else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_2_DH3)) {
1442 pkt_size = HCI_EDR2_DH3_PACKET_SIZE;
1443 } else if (pkt_types & HCI_PKT_TYPES_MASK_DM5) {
1444 pkt_size = HCI_DM5_PACKET_SIZE;
1445 } else if (pkt_types & HCI_PKT_TYPES_MASK_DH3) {
1446 pkt_size = HCI_DH3_PACKET_SIZE;
1447 } else if (pkt_types & HCI_PKT_TYPES_MASK_DM3) {
1448 pkt_size = HCI_DM3_PACKET_SIZE;
1449 } else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_3_DH1)) {
1450 pkt_size = HCI_EDR3_DH1_PACKET_SIZE;
1451 } else if (!(pkt_types & HCI_PKT_TYPES_MASK_NO_2_DH1)) {
1452 pkt_size = HCI_EDR2_DH1_PACKET_SIZE;
1453 } else if (pkt_types & HCI_PKT_TYPES_MASK_DH1) {
1454 pkt_size = HCI_DH1_PACKET_SIZE;
1455 } else if (pkt_types & HCI_PKT_TYPES_MASK_DM1) {
1456 pkt_size = HCI_DM1_PACKET_SIZE;
1457 }
1458 }
1459
1460 return pkt_size;
1461 }
1462
1463 /*******************************************************************************
1464 *
1465 * Function BTM_IsRemoteVersionReceived
1466 *
1467 * Returns Returns true if "LE Read remote version info" was already
1468 * received on LE transport for this device.
1469 *
1470 ******************************************************************************/
BTM_IsRemoteVersionReceived(const RawAddress & addr)1471 bool BTM_IsRemoteVersionReceived(const RawAddress& addr) {
1472 const tACL_CONN* p_acl = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_LE);
1473 if (p_acl == nullptr) {
1474 return false;
1475 }
1476
1477 return p_acl->remote_version_received;
1478 }
1479
1480 /*******************************************************************************
1481 *
1482 * Function BTM_ReadRemoteVersion
1483 *
1484 * Returns If connected report peer device info
1485 *
1486 ******************************************************************************/
BTM_ReadRemoteVersion(const RawAddress & addr,uint8_t * lmp_version,uint16_t * manufacturer,uint16_t * lmp_sub_version)1487 bool BTM_ReadRemoteVersion(const RawAddress& addr, uint8_t* lmp_version, uint16_t* manufacturer,
1488 uint16_t* lmp_sub_version) {
1489 const tACL_CONN* p_acl = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1490 if (p_acl == nullptr) {
1491 p_acl = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_LE);
1492 if (p_acl == nullptr) {
1493 log::warn("Unable to find active acl");
1494 return false;
1495 }
1496 }
1497
1498 if (!p_acl->remote_version_info.valid) {
1499 log::warn("Remote version information is invalid");
1500 return false;
1501 }
1502
1503 if (lmp_version) {
1504 *lmp_version = p_acl->remote_version_info.lmp_version;
1505 }
1506
1507 if (manufacturer) {
1508 *manufacturer = p_acl->remote_version_info.manufacturer;
1509 }
1510
1511 if (lmp_sub_version) {
1512 *lmp_sub_version = p_acl->remote_version_info.lmp_subversion;
1513 }
1514
1515 return true;
1516 }
1517
1518 /*******************************************************************************
1519 *
1520 * Function BTM_ReadRemoteFeatures
1521 *
1522 * Returns pointer to the remote supported features mask (8 bytes)
1523 *
1524 ******************************************************************************/
BTM_ReadRemoteFeatures(const RawAddress & addr)1525 uint8_t* BTM_ReadRemoteFeatures(const RawAddress& addr) {
1526 tACL_CONN* p = internal_.btm_bda_to_acl(addr, BT_TRANSPORT_BR_EDR);
1527 if (p == NULL) {
1528 log::warn("Unable to find active acl");
1529 return NULL;
1530 }
1531
1532 return p->peer_lmp_feature_pages[0];
1533 }
1534
1535 /*******************************************************************************
1536 *
1537 * Function BTM_ReadRSSI
1538 *
1539 * Description This function is called to read the link policy settings.
1540 * The address of link policy results are returned in the
1541 * callback.
1542 * (tBTM_RSSI_RESULT)
1543 *
1544 * Returns tBTM_STATUS::BTM_CMD_STARTED if successfully initiated or error code
1545 *
1546 ******************************************************************************/
BTM_ReadRSSI(const RawAddress & remote_bda,tBTM_CMPL_CB * p_cb)1547 tBTM_STATUS BTM_ReadRSSI(const RawAddress& remote_bda, tBTM_CMPL_CB* p_cb) {
1548 tACL_CONN* p = NULL;
1549 tBT_DEVICE_TYPE dev_type;
1550 tBLE_ADDR_TYPE addr_type;
1551
1552 /* If someone already waiting on the version, do not allow another */
1553 if (btm_cb.devcb.p_rssi_cmpl_cb) {
1554 return tBTM_STATUS::BTM_BUSY;
1555 }
1556
1557 get_btm_client_interface().peer.BTM_ReadDevInfo(remote_bda, &dev_type, &addr_type);
1558
1559 if (dev_type & BT_DEVICE_TYPE_BLE) {
1560 p = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_LE);
1561 }
1562
1563 if (p == NULL && dev_type & BT_DEVICE_TYPE_BREDR) {
1564 p = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
1565 }
1566
1567 if (p) {
1568 btm_cb.devcb.p_rssi_cmpl_cb = p_cb;
1569 alarm_set_on_mloop(btm_cb.devcb.read_rssi_timer, BTM_DEV_REPLY_TIMEOUT_MS,
1570 btm_read_rssi_timeout, NULL);
1571
1572 btsnd_hcic_read_rssi(p->hci_handle);
1573 return tBTM_STATUS::BTM_CMD_STARTED;
1574 }
1575 log::warn("Unable to find active acl");
1576
1577 /* If here, no BD Addr found */
1578 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1579 }
1580
1581 /*******************************************************************************
1582 *
1583 * Function BTM_ReadFailedContactCounter
1584 *
1585 * Description This function is called to read the failed contact counter.
1586 * The result is returned in the callback.
1587 * (tBTM_FAILED_CONTACT_COUNTER_RESULT)
1588 *
1589 * Returns tBTM_STATUS::BTM_CMD_STARTED if successfully initiated or error code
1590 *
1591 ******************************************************************************/
BTM_ReadFailedContactCounter(const RawAddress & remote_bda,tBTM_CMPL_CB * p_cb)1592 tBTM_STATUS BTM_ReadFailedContactCounter(const RawAddress& remote_bda, tBTM_CMPL_CB* p_cb) {
1593 tACL_CONN* p;
1594 tBT_TRANSPORT transport = BT_TRANSPORT_BR_EDR;
1595 tBT_DEVICE_TYPE dev_type;
1596 tBLE_ADDR_TYPE addr_type;
1597
1598 /* If someone already waiting on the result, do not allow another */
1599 if (btm_cb.devcb.p_failed_contact_counter_cmpl_cb) {
1600 return tBTM_STATUS::BTM_BUSY;
1601 }
1602
1603 get_btm_client_interface().peer.BTM_ReadDevInfo(remote_bda, &dev_type, &addr_type);
1604 if (dev_type == BT_DEVICE_TYPE_BLE) {
1605 transport = BT_TRANSPORT_LE;
1606 }
1607
1608 p = internal_.btm_bda_to_acl(remote_bda, transport);
1609 if (p != (tACL_CONN*)NULL) {
1610 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = p_cb;
1611 alarm_set_on_mloop(btm_cb.devcb.read_failed_contact_counter_timer, BTM_DEV_REPLY_TIMEOUT_MS,
1612 btm_read_failed_contact_counter_timeout, NULL);
1613
1614 btsnd_hcic_read_failed_contact_counter(p->hci_handle);
1615 return tBTM_STATUS::BTM_CMD_STARTED;
1616 }
1617 log::warn("Unable to find active acl");
1618
1619 /* If here, no BD Addr found */
1620 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1621 }
1622
1623 /*******************************************************************************
1624 *
1625 * Function BTM_ReadTxPower
1626 *
1627 * Description This function is called to read the current
1628 * TX power of the connection. The tx power level results
1629 * are returned in the callback.
1630 * (tBTM_RSSI_RESULT)
1631 *
1632 * Returns tBTM_STATUS::BTM_CMD_STARTED if successfully initiated or error code
1633 *
1634 ******************************************************************************/
BTM_ReadTxPower(const RawAddress & remote_bda,tBT_TRANSPORT transport,tBTM_CMPL_CB * p_cb)1635 tBTM_STATUS BTM_ReadTxPower(const RawAddress& remote_bda, tBT_TRANSPORT transport,
1636 tBTM_CMPL_CB* p_cb) {
1637 tACL_CONN* p;
1638 #define BTM_READ_RSSI_TYPE_CUR 0x00
1639 #define BTM_READ_RSSI_TYPE_MAX 0X01
1640
1641 log::verbose("RemBdAddr: {}", remote_bda);
1642
1643 /* If someone already waiting on the version, do not allow another */
1644 if (btm_cb.devcb.p_tx_power_cmpl_cb) {
1645 return tBTM_STATUS::BTM_BUSY;
1646 }
1647
1648 p = internal_.btm_bda_to_acl(remote_bda, transport);
1649 if (p != (tACL_CONN*)NULL) {
1650 btm_cb.devcb.p_tx_power_cmpl_cb = p_cb;
1651 alarm_set_on_mloop(btm_cb.devcb.read_tx_power_timer, BTM_DEV_REPLY_TIMEOUT_MS,
1652 btm_read_tx_power_timeout, NULL);
1653
1654 if (p->transport == BT_TRANSPORT_LE) {
1655 btm_cb.devcb.read_tx_pwr_addr = remote_bda;
1656 btsnd_hcic_ble_read_adv_chnl_tx_power();
1657 } else {
1658 btsnd_hcic_read_tx_power(p->hci_handle, BTM_READ_RSSI_TYPE_CUR);
1659 }
1660
1661 return tBTM_STATUS::BTM_CMD_STARTED;
1662 }
1663
1664 log::warn("Unable to find active acl");
1665
1666 /* If here, no BD Addr found */
1667 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1668 }
1669
1670 /*******************************************************************************
1671 *
1672 * Function btm_read_tx_power_timeout
1673 *
1674 * Description Callback when reading the tx power times out.
1675 *
1676 * Returns void
1677 *
1678 ******************************************************************************/
btm_read_tx_power_timeout(void *)1679 void btm_read_tx_power_timeout(void* /* data */) {
1680 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_tx_power_cmpl_cb;
1681 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
1682 if (p_cb) {
1683 (*p_cb)((void*)NULL);
1684 }
1685 }
1686
1687 /*******************************************************************************
1688 *
1689 * Function btm_read_tx_power_complete
1690 *
1691 * Description This function is called when the command complete message
1692 * is received from the HCI for the read tx power request.
1693 *
1694 * Returns void
1695 *
1696 ******************************************************************************/
btm_read_tx_power_complete(uint8_t * p,uint16_t evt_len,bool is_ble)1697 void btm_read_tx_power_complete(uint8_t* p, uint16_t evt_len, bool is_ble) {
1698 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_tx_power_cmpl_cb;
1699 tBTM_TX_POWER_RESULT result;
1700
1701 alarm_cancel(btm_cb.devcb.read_tx_power_timer);
1702 btm_cb.devcb.p_tx_power_cmpl_cb = NULL;
1703
1704 /* If there was a registered callback, call it */
1705 if (p_cb) {
1706 if (evt_len < 1) {
1707 goto err_out;
1708 }
1709
1710 STREAM_TO_UINT8(result.hci_status, p);
1711
1712 if (result.hci_status == HCI_SUCCESS) {
1713 result.status = tBTM_STATUS::BTM_SUCCESS;
1714
1715 if (!is_ble) {
1716 uint16_t handle;
1717
1718 if (evt_len < 4) {
1719 goto err_out;
1720 }
1721
1722 STREAM_TO_UINT16(handle, p);
1723 STREAM_TO_UINT8(result.tx_power, p);
1724
1725 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1726 if (p_acl_cb != nullptr) {
1727 result.rem_bda = p_acl_cb->remote_addr;
1728 }
1729 } else {
1730 if (evt_len < 2) {
1731 goto err_out;
1732 }
1733
1734 STREAM_TO_UINT8(result.tx_power, p);
1735 result.rem_bda = btm_cb.devcb.read_tx_pwr_addr;
1736 }
1737 log::debug("Transmit power complete: tx_power:{} hci status:{}", result.tx_power,
1738 hci_error_code_text(static_cast<tHCI_STATUS>(result.hci_status)));
1739 } else {
1740 result.status = tBTM_STATUS::BTM_ERR_PROCESSING;
1741 }
1742
1743 (*p_cb)(&result);
1744 }
1745
1746 return;
1747
1748 err_out:
1749 log::error("Bogus event packet, too short");
1750 }
1751
1752 /*******************************************************************************
1753 *
1754 * Function btm_read_rssi_timeout
1755 *
1756 * Description Callback when reading the RSSI times out.
1757 *
1758 * Returns void
1759 *
1760 ******************************************************************************/
btm_read_rssi_timeout(void *)1761 void btm_read_rssi_timeout(void* /* data */) {
1762 tBTM_RSSI_RESULT result;
1763 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
1764 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
1765 result.status = tBTM_STATUS::BTM_DEVICE_TIMEOUT;
1766 if (p_cb) {
1767 (*p_cb)(&result);
1768 }
1769 }
1770
1771 /*******************************************************************************
1772 *
1773 * Function btm_read_rssi_complete
1774 *
1775 * Description This function is called when the command complete message
1776 * is received from the HCI for the read rssi request.
1777 *
1778 * Returns void
1779 *
1780 ******************************************************************************/
btm_read_rssi_complete(uint8_t * p,uint16_t evt_len)1781 void btm_read_rssi_complete(uint8_t* p, uint16_t evt_len) {
1782 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_rssi_cmpl_cb;
1783 tBTM_RSSI_RESULT result;
1784
1785 alarm_cancel(btm_cb.devcb.read_rssi_timer);
1786 btm_cb.devcb.p_rssi_cmpl_cb = NULL;
1787
1788 /* If there was a registered callback, call it */
1789 if (p_cb) {
1790 if (evt_len < 1) {
1791 goto err_out;
1792 }
1793
1794 STREAM_TO_UINT8(result.hci_status, p);
1795 result.status = tBTM_STATUS::BTM_ERR_PROCESSING;
1796
1797 if (result.hci_status == HCI_SUCCESS) {
1798 uint16_t handle;
1799
1800 if (evt_len < 4) {
1801 goto err_out;
1802 }
1803 STREAM_TO_UINT16(handle, p);
1804
1805 STREAM_TO_UINT8(result.rssi, p);
1806 log::debug("Read rrsi complete rssi:{} hci status:{}", result.rssi,
1807 hci_status_code_text(to_hci_status_code(result.hci_status)));
1808
1809 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1810 if (p_acl_cb != nullptr) {
1811 result.rem_bda = p_acl_cb->remote_addr;
1812 result.status = tBTM_STATUS::BTM_SUCCESS;
1813 }
1814 }
1815 (*p_cb)(&result);
1816 }
1817
1818 return;
1819
1820 err_out:
1821 log::error("Bogus event packet, too short");
1822 }
1823
1824 /*******************************************************************************
1825 *
1826 * Function btm_read_failed_contact_counter_timeout
1827 *
1828 * Description Callback when reading the failed contact counter times out.
1829 *
1830 * Returns void
1831 *
1832 ******************************************************************************/
btm_read_failed_contact_counter_timeout(void *)1833 void btm_read_failed_contact_counter_timeout(void* /* data */) {
1834 tBTM_FAILED_CONTACT_COUNTER_RESULT result;
1835 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_failed_contact_counter_cmpl_cb;
1836 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = NULL;
1837 result.status = tBTM_STATUS::BTM_DEVICE_TIMEOUT;
1838 if (p_cb) {
1839 (*p_cb)(&result);
1840 }
1841 }
1842
1843 /*******************************************************************************
1844 *
1845 * Function btm_read_failed_contact_counter_complete
1846 *
1847 * Description This function is called when the command complete message
1848 * is received from the HCI for the read failed contact
1849 * counter request.
1850 *
1851 * Returns void
1852 *
1853 ******************************************************************************/
btm_read_failed_contact_counter_complete(uint8_t * p)1854 void btm_read_failed_contact_counter_complete(uint8_t* p) {
1855 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_failed_contact_counter_cmpl_cb;
1856 tBTM_FAILED_CONTACT_COUNTER_RESULT result;
1857
1858 alarm_cancel(btm_cb.devcb.read_failed_contact_counter_timer);
1859 btm_cb.devcb.p_failed_contact_counter_cmpl_cb = NULL;
1860
1861 /* If there was a registered callback, call it */
1862 if (p_cb) {
1863 uint16_t handle;
1864 STREAM_TO_UINT8(result.hci_status, p);
1865
1866 if (result.hci_status == HCI_SUCCESS) {
1867 result.status = tBTM_STATUS::BTM_SUCCESS;
1868
1869 STREAM_TO_UINT16(handle, p);
1870
1871 STREAM_TO_UINT16(result.failed_contact_counter, p);
1872 log::debug("Failed contact counter complete: counter {}, hci status:{}",
1873 result.failed_contact_counter,
1874 hci_status_code_text(to_hci_status_code(result.hci_status)));
1875
1876 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1877 if (p_acl_cb != nullptr) {
1878 result.rem_bda = p_acl_cb->remote_addr;
1879 }
1880 } else {
1881 result.status = tBTM_STATUS::BTM_ERR_PROCESSING;
1882 }
1883
1884 (*p_cb)(&result);
1885 }
1886 }
1887
1888 /*******************************************************************************
1889 *
1890 * Function btm_read_automatic_flush_timeout_complete
1891 *
1892 * Description This function is called when the command complete message
1893 * is received from the HCI for the read automatic flush
1894 * timeout request.
1895 *
1896 * Returns void
1897 *
1898 ******************************************************************************/
btm_read_automatic_flush_timeout_complete(uint8_t * p)1899 void btm_read_automatic_flush_timeout_complete(uint8_t* p) {
1900 tBTM_CMPL_CB* p_cb = btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb;
1901 tBTM_AUTOMATIC_FLUSH_TIMEOUT_RESULT result;
1902
1903 alarm_cancel(btm_cb.devcb.read_automatic_flush_timeout_timer);
1904 btm_cb.devcb.p_automatic_flush_timeout_cmpl_cb = nullptr;
1905
1906 /* If there was a registered callback, call it */
1907 if (p_cb) {
1908 uint16_t handle;
1909 STREAM_TO_UINT8(result.hci_status, p);
1910 result.status = tBTM_STATUS::BTM_ERR_PROCESSING;
1911
1912 if (result.hci_status == HCI_SUCCESS) {
1913 result.status = tBTM_STATUS::BTM_SUCCESS;
1914
1915 STREAM_TO_UINT16(handle, p);
1916 STREAM_TO_UINT16(result.automatic_flush_timeout, p);
1917 log::debug("Read automatic flush timeout complete timeout:{} hci_status:{}",
1918 result.automatic_flush_timeout,
1919 hci_error_code_text(static_cast<tHCI_STATUS>(result.hci_status)));
1920
1921 tACL_CONN* p_acl_cb = internal_.acl_get_connection_from_handle(handle);
1922 if (p_acl_cb != nullptr) {
1923 result.rem_bda = p_acl_cb->remote_addr;
1924 }
1925 }
1926 (*p_cb)(&result);
1927 }
1928 }
1929
1930 /*******************************************************************************
1931 *
1932 * Function btm_remove_acl
1933 *
1934 * Description This function is called to disconnect an ACL connection
1935 *
1936 * Returns tBTM_STATUS::BTM_SUCCESS if successfully initiated, otherwise
1937 * tBTM_STATUS::BTM_UNKNOWN_ADDR.
1938 *
1939 ******************************************************************************/
btm_remove_acl(const RawAddress & bd_addr,tBT_TRANSPORT transport)1940 tBTM_STATUS btm_remove_acl(const RawAddress& bd_addr, tBT_TRANSPORT transport) {
1941 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, transport);
1942 if (p_acl == nullptr) {
1943 log::warn("Unable to find active acl");
1944 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1945 }
1946
1947 if (p_acl->Handle() == HCI_INVALID_HANDLE) {
1948 log::warn("Cannot remove unknown acl bd_addr:{} transport:{}", bd_addr,
1949 bt_transport_text(transport));
1950 return tBTM_STATUS::BTM_UNKNOWN_ADDR;
1951 }
1952
1953 if (p_acl->rs_disc_pending == BTM_SEC_RS_PENDING) {
1954 log::debug(
1955 "Delay disconnect until role switch is complete bd_addr:{} "
1956 "transport:{}",
1957 bd_addr, bt_transport_text(transport));
1958 p_acl->rs_disc_pending = BTM_SEC_DISC_PENDING;
1959 return tBTM_STATUS::BTM_SUCCESS;
1960 }
1961
1962 disconnect_acl(*p_acl, HCI_ERR_PEER_USER, "stack::acl::btm_acl::btm_remove_acl");
1963 return tBTM_STATUS::BTM_SUCCESS;
1964 }
1965
btm_cont_rswitch_from_handle(uint16_t hci_handle)1966 void btm_cont_rswitch_from_handle(uint16_t hci_handle) {
1967 tACL_CONN* p = internal_.acl_get_connection_from_handle(hci_handle);
1968 if (p == nullptr) {
1969 log::warn("Role switch received but with no active ACL");
1970 return;
1971 }
1972
1973 /* Check to see if encryption needs to be turned off if pending
1974 change of link key or role switch */
1975 if (p->is_switch_role_mode_change()) {
1976 /* Must turn off Encryption first if necessary */
1977 /* Some devices do not support switch or change of link key while encryption is on */
1978 if (p->is_encrypted && !IsEprAvailable(*p)) {
1979 p->set_encryption_off();
1980 if (p->is_switch_role_mode_change()) {
1981 p->set_switch_role_encryption_off();
1982 }
1983 } else {
1984 /* Encryption not used or EPR supported, continue with switch and/or change of link key */
1985 if (p->is_switch_role_mode_change()) {
1986 internal_.hci_start_role_switch_to_central(*p);
1987 }
1988 }
1989 }
1990 }
1991
1992 /*******************************************************************************
1993 *
1994 * Function btm_acl_notif_conn_collision
1995 *
1996 * Description Send connection collision event to upper layer if registered
1997 *
1998 *
1999 ******************************************************************************/
btm_acl_notif_conn_collision(const RawAddress & bda)2000 void btm_acl_notif_conn_collision(const RawAddress& bda) {
2001 do_in_main_thread(base::BindOnce(bta_sys_notify_collision, bda));
2002 }
2003
BTM_BLE_IS_RESOLVE_BDA(const RawAddress & x)2004 bool BTM_BLE_IS_RESOLVE_BDA(const RawAddress& x) {
2005 return ((x.address)[0] & BLE_RESOLVE_ADDR_MASK) == BLE_RESOLVE_ADDR_MSB;
2006 }
2007
acl_refresh_remote_address(const RawAddress & identity_address,tBLE_ADDR_TYPE identity_address_type,const RawAddress & bda,tBLE_RAND_ADDR_TYPE rra_type,const RawAddress & rpa)2008 bool acl_refresh_remote_address(const RawAddress& identity_address,
2009 tBLE_ADDR_TYPE identity_address_type, const RawAddress& bda,
2010 tBLE_RAND_ADDR_TYPE rra_type, const RawAddress& rpa) {
2011 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bda, BT_TRANSPORT_LE);
2012 if (p_acl == nullptr) {
2013 log::warn("Unable to find active acl");
2014 return false;
2015 }
2016
2017 if (rra_type == BTM_BLE_ADDR_PSEUDO) {
2018 /* use identity address, resolvable_private_addr is empty */
2019 if (rpa.IsEmpty()) {
2020 p_acl->active_remote_addr_type = identity_address_type;
2021 p_acl->active_remote_addr = identity_address;
2022 } else {
2023 p_acl->active_remote_addr_type = BLE_ADDR_RANDOM;
2024 p_acl->active_remote_addr = rpa;
2025 }
2026 } else {
2027 p_acl->active_remote_addr_type = static_cast<tBLE_ADDR_TYPE>(rra_type);
2028 p_acl->active_remote_addr = rpa;
2029 }
2030
2031 log::debug("active_remote_addr_type: {}", p_acl->active_remote_addr_type);
2032 return true;
2033 }
2034
acl_peer_supports_ble_connection_parameters_request(const RawAddress & remote_bda)2035 bool acl_peer_supports_ble_connection_parameters_request(const RawAddress& remote_bda) {
2036 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_LE);
2037 if (p_acl == nullptr) {
2038 log::warn("Unable to find active acl");
2039 return false;
2040 }
2041 if (!p_acl->peer_le_features_valid) {
2042 log::warn("Checking remote features but remote feature read is incomplete");
2043 }
2044 return HCI_LE_CONN_PARAM_REQ_SUPPORTED(p_acl->peer_le_features);
2045 }
2046
acl_ble_connection_parameters_request(uint16_t handle,uint16_t conn_int_min,uint16_t conn_int_max,uint16_t conn_latency,uint16_t conn_timeout,uint16_t min_ce_len,uint16_t max_ce_len)2047 void acl_ble_connection_parameters_request(uint16_t handle, uint16_t conn_int_min,
2048 uint16_t conn_int_max, uint16_t conn_latency,
2049 uint16_t conn_timeout, uint16_t min_ce_len,
2050 uint16_t max_ce_len) {
2051 bluetooth::shim::ACL_SendConnectionParameterUpdateRequest(
2052 handle, conn_int_min, conn_int_max, conn_latency, conn_timeout, min_ce_len, max_ce_len);
2053 }
2054
acl_peer_supports_sniff_subrating(const RawAddress & remote_bda)2055 bool acl_peer_supports_sniff_subrating(const RawAddress& remote_bda) {
2056 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_BR_EDR);
2057 if (p_acl == nullptr) {
2058 log::warn("Unable to find active acl");
2059 return false;
2060 }
2061 if (!p_acl->peer_lmp_feature_valid[0]) {
2062 log::warn("Checking remote features but remote feature read is incomplete");
2063 }
2064 return HCI_SNIFF_SUB_RATE_SUPPORTED(p_acl->peer_lmp_feature_pages[0]);
2065 }
2066
acl_peer_supports_ble_connection_subrating(const RawAddress & remote_bda)2067 bool acl_peer_supports_ble_connection_subrating(const RawAddress& remote_bda) {
2068 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_LE);
2069 if (p_acl == nullptr) {
2070 log::warn("Unable to find active acl");
2071 return false;
2072 }
2073 if (!p_acl->peer_le_features_valid) {
2074 log::warn("Checking remote features but remote feature read is incomplete");
2075 }
2076 return HCI_LE_CONN_SUBRATING_SUPPORT(p_acl->peer_le_features);
2077 }
2078
acl_peer_supports_ble_connection_subrating_host(const RawAddress & remote_bda)2079 bool acl_peer_supports_ble_connection_subrating_host(const RawAddress& remote_bda) {
2080 tACL_CONN* p_acl = internal_.btm_bda_to_acl(remote_bda, BT_TRANSPORT_LE);
2081 if (p_acl == nullptr) {
2082 log::warn("Unable to find active acl");
2083 return false;
2084 }
2085 if (!p_acl->peer_le_features_valid) {
2086 log::warn("Checking remote features but remote feature read is incomplete");
2087 }
2088 return HCI_LE_CONN_SUBRATING_HOST_SUPPORT(p_acl->peer_le_features);
2089 }
2090
2091 /*******************************************************************************
2092 *
2093 * Function BTM_ReadConnectionAddr
2094 *
2095 * Description This function is called to get the local LE device address
2096 * information.
2097 *
2098 * Returns void
2099 *
2100 ******************************************************************************/
BTM_ReadConnectionAddr(const RawAddress & remote_bda,RawAddress & local_conn_addr,tBLE_ADDR_TYPE * p_addr_type,bool ota_address)2101 void BTM_ReadConnectionAddr(const RawAddress& remote_bda, RawAddress& local_conn_addr,
2102 tBLE_ADDR_TYPE* p_addr_type, bool ota_address) {
2103 tBTM_SEC_DEV_REC* p_sec_rec = btm_find_dev(remote_bda);
2104 if (p_sec_rec == nullptr) {
2105 log::warn("No matching known device {} in record", remote_bda);
2106 return;
2107 }
2108
2109 bluetooth::shim::ACL_ReadConnectionAddress(p_sec_rec->ble_hci_handle, local_conn_addr,
2110 p_addr_type, ota_address);
2111 }
2112
2113 /*******************************************************************************
2114 *
2115 * Function BTM_IsBleConnection
2116 *
2117 * Description This function is called to check if the connection handle
2118 * for an LE link
2119 *
2120 * Returns true if connection is LE link, otherwise false.
2121 *
2122 ******************************************************************************/
BTM_IsBleConnection(uint16_t hci_handle)2123 bool BTM_IsBleConnection(uint16_t hci_handle) {
2124 const tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2125 if (p_acl == nullptr) {
2126 return false;
2127 }
2128 return p_acl->is_transport_ble();
2129 }
2130
acl_address_from_handle(uint16_t handle)2131 const RawAddress acl_address_from_handle(uint16_t handle) {
2132 tACL_CONN* p_acl = acl_get_connection_from_handle(handle);
2133 if (p_acl == nullptr) {
2134 return RawAddress::kEmpty;
2135 }
2136 return p_acl->remote_addr;
2137 }
2138
acl_is_switch_role_idle(const RawAddress & bd_addr,tBT_TRANSPORT transport)2139 bool acl_is_switch_role_idle(const RawAddress& bd_addr, tBT_TRANSPORT transport) {
2140 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, transport);
2141 if (p_acl == nullptr) {
2142 log::warn("Unable to find active acl");
2143 return false;
2144 }
2145 return p_acl->is_switch_role_idle();
2146 }
2147
2148 /*******************************************************************************
2149 *
2150 * Function BTM_ReadRemoteConnectionAddr
2151 *
2152 * Description This function is read the LE remote device address used in
2153 * connection establishment
2154 *
2155 * Parameters pseudo_addr: pseudo random address available
2156 * conn_addr:connection address used
2157 * p_addr_type : BD Address type, Public or Random of the address
2158 * used
2159 * ota_address: When use if remote used RPA in OTA it will be
2160 *returned.
2161 *
2162 * Returns bool, true if connection to remote device exists, else false
2163 *
2164 ******************************************************************************/
BTM_ReadRemoteConnectionAddr(const RawAddress & pseudo_addr,RawAddress & conn_addr,tBLE_ADDR_TYPE * p_addr_type,bool ota_address)2165 bool BTM_ReadRemoteConnectionAddr(const RawAddress& pseudo_addr, RawAddress& conn_addr,
2166 tBLE_ADDR_TYPE* p_addr_type, bool ota_address) {
2167 tBTM_SEC_DEV_REC* p_sec_rec = btm_find_dev(pseudo_addr);
2168 if (p_sec_rec == nullptr) {
2169 log::warn("No matching known device {} in record", pseudo_addr);
2170 return false;
2171 }
2172
2173 bluetooth::shim::ACL_ReadPeerConnectionAddress(p_sec_rec->ble_hci_handle, conn_addr, p_addr_type,
2174 ota_address);
2175 return true;
2176 }
2177
acl_link_role_from_handle(uint16_t handle)2178 uint8_t acl_link_role_from_handle(uint16_t handle) {
2179 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2180 if (p_acl == nullptr) {
2181 return HCI_ROLE_UNKNOWN;
2182 }
2183 return p_acl->link_role;
2184 }
2185
acl_peer_supports_ble_packet_extension(uint16_t hci_handle)2186 bool acl_peer_supports_ble_packet_extension(uint16_t hci_handle) {
2187 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2188 if (p_acl == nullptr) {
2189 return false;
2190 }
2191 if (!p_acl->peer_le_features_valid) {
2192 log::warn("Checking remote features but remote feature read is incomplete");
2193 }
2194 return HCI_LE_DATA_LEN_EXT_SUPPORTED(p_acl->peer_le_features);
2195 }
2196
acl_peer_supports_ble_2m_phy(uint16_t hci_handle)2197 bool acl_peer_supports_ble_2m_phy(uint16_t hci_handle) {
2198 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2199 if (p_acl == nullptr) {
2200 return false;
2201 }
2202 if (!p_acl->peer_le_features_valid) {
2203 log::warn("Checking remote features but remote feature read is incomplete");
2204 }
2205 return HCI_LE_2M_PHY_SUPPORTED(p_acl->peer_le_features);
2206 }
2207
acl_peer_supports_ble_coded_phy(uint16_t hci_handle)2208 bool acl_peer_supports_ble_coded_phy(uint16_t hci_handle) {
2209 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2210 if (p_acl == nullptr) {
2211 return false;
2212 }
2213 if (!p_acl->peer_le_features_valid) {
2214 log::warn("Checking remote features but remote feature read is incomplete");
2215 return false;
2216 }
2217 return HCI_LE_CODED_PHY_SUPPORTED(p_acl->peer_le_features);
2218 }
2219
acl_set_disconnect_reason(tHCI_STATUS acl_disc_reason)2220 void acl_set_disconnect_reason(tHCI_STATUS acl_disc_reason) {
2221 btm_cb.acl_cb_.set_disconnect_reason(acl_disc_reason);
2222 }
2223
acl_set_locally_initiated(bool locally_initiated)2224 void acl_set_locally_initiated(bool locally_initiated) {
2225 btm_cb.acl_cb_.set_locally_initiated(locally_initiated);
2226 }
2227
acl_is_role_switch_allowed()2228 bool acl_is_role_switch_allowed() {
2229 return btm_cb.acl_cb_.DefaultLinkPolicy() & HCI_ENABLE_CENTRAL_PERIPHERAL_SWITCH;
2230 }
2231
acl_get_supported_packet_types()2232 uint16_t acl_get_supported_packet_types() { return btm_cb.acl_cb_.DefaultPacketTypes(); }
2233
acl_set_peer_le_features_from_handle(uint16_t hci_handle,const uint8_t * p)2234 bool acl_set_peer_le_features_from_handle(uint16_t hci_handle, const uint8_t* p) {
2235 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(hci_handle);
2236 if (p_acl == nullptr) {
2237 return false;
2238 }
2239 STREAM_TO_ARRAY(p_acl->peer_le_features, p, BD_FEATURES_LEN);
2240 p_acl->peer_le_features_valid = true;
2241 log::debug("Completed le feature read request");
2242
2243 /* save LE remote supported features to iot conf file */
2244 std::string key = IOT_CONF_KEY_RT_SUPP_FEATURES "_" + std::to_string(0);
2245
2246 DEVICE_IOT_CONFIG_ADDR_SET_BIN(p_acl->remote_addr, key, p_acl->peer_le_features, BD_FEATURES_LEN);
2247 return true;
2248 }
2249
on_acl_br_edr_connected(const RawAddress & bda,uint16_t handle,uint8_t enc_mode,bool locally_initiated)2250 void on_acl_br_edr_connected(const RawAddress& bda, uint16_t handle, uint8_t enc_mode,
2251 bool locally_initiated) {
2252 power_telemetry::GetInstance().LogLinkDetails(handle, bda, true, true);
2253 if (delayed_role_change_ != nullptr && delayed_role_change_->bd_addr == bda) {
2254 btm_sec_connected(bda, handle, HCI_SUCCESS, enc_mode, delayed_role_change_->new_role);
2255 } else {
2256 btm_sec_connected(bda, handle, HCI_SUCCESS, enc_mode);
2257 }
2258 delayed_role_change_ = nullptr;
2259 l2c_link_hci_conn_comp(HCI_SUCCESS, handle, bda);
2260 uint16_t link_supervision_timeout =
2261 osi_property_get_int32(PROPERTY_LINK_SUPERVISION_TIMEOUT, 8000);
2262 BTM_SetLinkSuperTout(bda, link_supervision_timeout);
2263
2264 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2265 if (p_acl == nullptr) {
2266 log::warn("Unable to find active acl");
2267 return;
2268 }
2269
2270 acl_set_locally_initiated(locally_initiated);
2271
2272 /*
2273 * The legacy code path informs the upper layer via the BTA
2274 * layer after all relevant read_remote_ commands are complete.
2275 * The GD code path has ownership of the read_remote_ commands
2276 * and thus may inform the upper layers about the connection.
2277 */
2278 NotifyAclLinkUp(*p_acl);
2279 }
2280
on_acl_br_edr_failed(const RawAddress & bda,tHCI_STATUS status,bool locally_initiated)2281 void on_acl_br_edr_failed(const RawAddress& bda, tHCI_STATUS status, bool locally_initiated) {
2282 log::assert_that(status != HCI_SUCCESS, "Successful connection entering failing code path");
2283 if (delayed_role_change_ != nullptr && delayed_role_change_->bd_addr == bda) {
2284 btm_sec_connected(bda, HCI_INVALID_HANDLE, status, false, delayed_role_change_->new_role);
2285 } else {
2286 btm_sec_connected(bda, HCI_INVALID_HANDLE, status, false);
2287 }
2288 delayed_role_change_ = nullptr;
2289 l2c_link_hci_conn_comp(status, HCI_INVALID_HANDLE, bda);
2290
2291 acl_set_locally_initiated(locally_initiated);
2292 btm_acl_create_failed(bda, BT_TRANSPORT_BR_EDR, status);
2293 }
2294
btm_acl_connected(const RawAddress & bda,uint16_t handle,tHCI_STATUS status,uint8_t enc_mode)2295 void btm_acl_connected(const RawAddress& bda, uint16_t handle, tHCI_STATUS status,
2296 uint8_t enc_mode) {
2297 switch (status) {
2298 case HCI_SUCCESS:
2299 power_telemetry::GetInstance().LogLinkDetails(handle, bda, true, true);
2300 return on_acl_br_edr_connected(bda, handle, enc_mode, true /* locally_initiated */);
2301 default:
2302 return on_acl_br_edr_failed(bda, status, /* locally_initiated */ true);
2303 }
2304 }
2305
btm_acl_disconnected(tHCI_STATUS status,uint16_t handle,tHCI_REASON reason)2306 void btm_acl_disconnected(tHCI_STATUS status, uint16_t handle, tHCI_REASON reason) {
2307 if (status != HCI_SUCCESS) {
2308 log::warn("Received disconnect with error:{}", hci_error_code_text(status));
2309 }
2310 power_telemetry::GetInstance().LogLinkDetails(handle, RawAddress::kEmpty, false, true);
2311 /* There can be a case when we rejected PIN code authentication */
2312 /* otherwise save a new reason */
2313 if (btm_get_acl_disc_reason_code() != HCI_ERR_HOST_REJECT_SECURITY) {
2314 acl_set_disconnect_reason(static_cast<tHCI_STATUS>(reason));
2315 }
2316
2317 /* Let L2CAP know about it */
2318 l2c_link_hci_disc_comp(handle, reason);
2319
2320 /* Notify security manager */
2321 btm_sec_disconnected(handle, reason, "stack::acl::btm_acl::btm_acl_disconnected");
2322 }
2323
btm_connection_request(const RawAddress & bda,const bluetooth::hci::ClassOfDevice & cod)2324 void btm_connection_request(const RawAddress& bda, const bluetooth::hci::ClassOfDevice& cod) {
2325 // Copy Cod information
2326 DEV_CLASS dc;
2327
2328 /* Some device may request a connection before we are done with the HCI_Reset
2329 * sequence */
2330 if (bluetooth::shim::GetController() == nullptr) {
2331 log::verbose("Security Manager: connect request when device not ready");
2332 btsnd_hcic_reject_conn(bda, HCI_ERR_HOST_REJECT_DEVICE);
2333 return;
2334 }
2335
2336 dc[0] = cod.cod[2], dc[1] = cod.cod[1], dc[2] = cod.cod[0];
2337
2338 btm_sec_conn_req(bda, dc);
2339 }
2340
acl_disconnect_from_handle(uint16_t handle,tHCI_STATUS reason,std::string comment)2341 void acl_disconnect_from_handle(uint16_t handle, tHCI_STATUS reason, std::string comment) {
2342 acl_disconnect_after_role_switch(handle, reason, comment);
2343 }
2344
2345 // BLUETOOTH CORE SPECIFICATION Version 5.4 | Vol 4, Part E
2346 // 7.1.6 Disconnect command
2347 // Only a subset of reasons are valid and will be accepted
2348 // by the controller
is_disconnect_reason_valid(const tHCI_REASON & reason)2349 static bool is_disconnect_reason_valid(const tHCI_REASON& reason) {
2350 switch (reason) {
2351 case HCI_ERR_AUTH_FAILURE:
2352 case HCI_ERR_PEER_USER:
2353 case HCI_ERR_REMOTE_LOW_RESOURCE:
2354 case HCI_ERR_REMOTE_POWER_OFF:
2355 case HCI_ERR_UNSUPPORTED_REM_FEATURE:
2356 case HCI_ERR_PAIRING_WITH_UNIT_KEY_NOT_SUPPORTED:
2357 case HCI_ERR_UNACCEPT_CONN_INTERVAL:
2358 return true;
2359 default:
2360 break;
2361 }
2362 return false;
2363 }
2364
acl_disconnect_after_role_switch(uint16_t conn_handle,tHCI_STATUS reason,std::string comment)2365 void acl_disconnect_after_role_switch(uint16_t conn_handle, tHCI_STATUS reason,
2366 std::string comment) {
2367 if (!is_disconnect_reason_valid(reason)) {
2368 log::warn(
2369 "Controller will not accept invalid reason parameter:{} instead "
2370 "sending:{}",
2371 hci_error_code_text(reason), hci_error_code_text(HCI_ERR_PEER_USER));
2372 reason = HCI_ERR_PEER_USER;
2373 }
2374
2375 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(conn_handle);
2376 if (p_acl == nullptr) {
2377 log::error("Sending disconnect for unknown acl:{} PLEASE FIX", conn_handle);
2378 GetInterface().Disconnect(conn_handle, reason);
2379 return;
2380 }
2381
2382 /* If a role switch is in progress, delay the HCI Disconnect to avoid
2383 * controller problem */
2384 if (p_acl->rs_disc_pending == BTM_SEC_RS_PENDING) {
2385 log::debug(
2386 "Role switch in progress - Set DISC Pending flag in "
2387 "btm_sec_send_hci_disconnect to delay disconnect");
2388 p_acl->rs_disc_pending = BTM_SEC_DISC_PENDING;
2389 } else {
2390 log::debug("Sending acl disconnect reason:{} [{}]", hci_error_code_text(reason), reason);
2391 disconnect_acl(*p_acl, reason, comment);
2392 }
2393 }
2394
acl_send_data_packet_br_edr(const RawAddress & bd_addr,BT_HDR * p_buf)2395 void acl_send_data_packet_br_edr(const RawAddress& bd_addr, BT_HDR* p_buf) {
2396 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
2397 if (p_acl == nullptr) {
2398 log::warn("Acl br_edr data write for unknown device:{}", bd_addr);
2399 osi_free(p_buf);
2400 return;
2401 }
2402 power_telemetry::GetInstance().LogTxAclPktData(p_buf->len);
2403 return bluetooth::shim::ACL_WriteData(p_acl->hci_handle, p_buf);
2404 }
2405
acl_send_data_packet_ble(const RawAddress & bd_addr,BT_HDR * p_buf)2406 void acl_send_data_packet_ble(const RawAddress& bd_addr, BT_HDR* p_buf) {
2407 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_LE);
2408 if (p_acl == nullptr) {
2409 log::warn("Acl le data write for unknown device:{}", bd_addr);
2410 osi_free(p_buf);
2411 return;
2412 }
2413 power_telemetry::GetInstance().LogTxAclPktData(p_buf->len);
2414 return bluetooth::shim::ACL_WriteData(p_acl->hci_handle, p_buf);
2415 }
2416
acl_write_automatic_flush_timeout(const RawAddress & bd_addr,uint16_t flush_timeout_in_ticks)2417 void acl_write_automatic_flush_timeout(const RawAddress& bd_addr, uint16_t flush_timeout_in_ticks) {
2418 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, BT_TRANSPORT_BR_EDR);
2419 if (p_acl == nullptr) {
2420 log::warn("Unable to find active acl");
2421 return;
2422 }
2423 if (p_acl->flush_timeout_in_ticks == flush_timeout_in_ticks) {
2424 log::info("Ignoring since cached value is same as requested flush_timeout:{}",
2425 flush_timeout_in_ticks);
2426 return;
2427 }
2428 flush_timeout_in_ticks &= HCI_MAX_AUTOMATIC_FLUSH_TIMEOUT;
2429 p_acl->flush_timeout_in_ticks = flush_timeout_in_ticks;
2430 btsnd_hcic_write_auto_flush_tout(p_acl->hci_handle, flush_timeout_in_ticks);
2431 }
2432
acl_rcv_acl_data(BT_HDR * p_msg)2433 void acl_rcv_acl_data(BT_HDR* p_msg) {
2434 acl_header_t acl_header{
2435 .handle = HCI_INVALID_HANDLE,
2436 .hci_len = 0,
2437 };
2438 const uint8_t* p = (uint8_t*)(p_msg + 1) + p_msg->offset;
2439
2440 STREAM_TO_UINT16(acl_header.handle, p);
2441 acl_header.handle = HCID_GET_HANDLE(acl_header.handle);
2442
2443 power_telemetry::GetInstance().LogRxAclPktData(p_msg->len);
2444 STREAM_TO_UINT16(acl_header.hci_len, p);
2445 if (acl_header.hci_len < L2CAP_PKT_OVERHEAD ||
2446 acl_header.hci_len != p_msg->len - sizeof(acl_header)) {
2447 log::warn("Received mismatched hci header length:{} data_len:{}", acl_header.hci_len,
2448 p_msg->len - sizeof(acl_header));
2449 osi_free(p_msg);
2450 return;
2451 }
2452 l2c_rcv_acl_data(p_msg);
2453 }
2454
acl_packets_completed(uint16_t handle,uint16_t credits)2455 void acl_packets_completed(uint16_t handle, uint16_t credits) {
2456 l2c_packets_completed(handle, credits);
2457 bluetooth::hci::IsoManager::GetInstance()->HandleNumComplDataPkts(handle, credits);
2458 }
2459
acl_process_supported_features(uint16_t handle,uint64_t features)2460 void acl_process_supported_features(uint16_t handle, uint64_t features) {
2461 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2462 if (p_acl == nullptr) {
2463 log::warn("Unable to find active acl");
2464 return;
2465 }
2466 const uint8_t current_page_number = 0;
2467
2468 memcpy(p_acl->peer_lmp_feature_pages[current_page_number], (uint8_t*)&features, sizeof(uint64_t));
2469 p_acl->peer_lmp_feature_valid[current_page_number] = true;
2470
2471 log::debug(
2472 "Copied supported feature pages handle:{} current_page_number:{} "
2473 "features:{}",
2474 handle, current_page_number,
2475 bd_features_text(p_acl->peer_lmp_feature_pages[current_page_number]));
2476
2477 if ((HCI_LMP_EXTENDED_SUPPORTED(p_acl->peer_lmp_feature_pages[0])) &&
2478 (bluetooth::shim::GetController()->IsSupported(
2479 bluetooth::hci::OpCode::READ_REMOTE_EXTENDED_FEATURES))) {
2480 log::debug("Waiting for remote extended feature response to arrive");
2481 } else {
2482 log::debug("No more remote features outstanding so notify upper layer");
2483 NotifyAclFeaturesReadComplete(*p_acl, current_page_number);
2484 }
2485 }
2486
acl_process_extended_features(uint16_t handle,uint8_t current_page_number,uint8_t max_page_number,uint64_t features)2487 void acl_process_extended_features(uint16_t handle, uint8_t current_page_number,
2488 uint8_t max_page_number, uint64_t features) {
2489 if (current_page_number > HCI_EXT_FEATURES_PAGE_MAX) {
2490 log::warn("Unable to process current_page_number:{}", current_page_number);
2491 return;
2492 }
2493 tACL_CONN* p_acl = internal_.acl_get_connection_from_handle(handle);
2494 if (p_acl == nullptr) {
2495 log::warn("Unable to find active acl");
2496 return;
2497 }
2498 memcpy(p_acl->peer_lmp_feature_pages[current_page_number], (uint8_t*)&features, sizeof(uint64_t));
2499 p_acl->peer_lmp_feature_valid[current_page_number] = true;
2500
2501 log::debug(
2502 "Copied extended feature pages handle:{} current_page_number:{} "
2503 "max_page_number:{} features:{}",
2504 handle, current_page_number, max_page_number,
2505 bd_features_text(p_acl->peer_lmp_feature_pages[current_page_number]));
2506
2507 if (max_page_number == 0 || max_page_number == current_page_number) {
2508 NotifyAclFeaturesReadComplete(*p_acl, max_page_number);
2509 }
2510 }
2511
ACL_RegisterClient(struct acl_client_callback_s *)2512 void ACL_RegisterClient(struct acl_client_callback_s* /* callbacks */) {
2513 log::debug("UNIMPLEMENTED");
2514 }
2515
ACL_UnregisterClient(struct acl_client_callback_s *)2516 void ACL_UnregisterClient(struct acl_client_callback_s* /* callbacks */) {
2517 log::debug("UNIMPLEMENTED");
2518 }
2519
btm_acl_for_bda(const RawAddress & bd_addr,tBT_TRANSPORT transport)2520 tACL_CONN* btm_acl_for_bda(const RawAddress& bd_addr, tBT_TRANSPORT transport) {
2521 tACL_CONN* p_acl = internal_.btm_bda_to_acl(bd_addr, transport);
2522 if (p_acl == nullptr) {
2523 log::warn("Unable to find active acl");
2524 return nullptr;
2525 }
2526 return p_acl;
2527 }
2528
2529 /*******************************************************************************
2530 *
2531 * Function btm_acl_flush
2532 *
2533 * Description This function is called by L2CAP to flush an ACL link.
2534 *
2535 * Returns void
2536 *
2537 ******************************************************************************/
btm_acl_flush(uint16_t handle)2538 void btm_acl_flush(uint16_t handle) { bluetooth::shim::ACL_Flush(handle); }
2539