1 /* hci_core.h - Bluetooth HCI core access */
2 
3 /*
4  * Copyright (c) 2021 Nordic Semiconductor ASA
5  * Copyright (c) 2015-2016 Intel Corporation
6  *
7  * SPDX-License-Identifier: Apache-2.0
8  */
9 
10 /* LL connection parameters */
11 #define LE_CONN_LATENCY		0x0000
12 #define LE_CONN_TIMEOUT		0x002a
13 
14 #if defined(CONFIG_BT_BREDR)
15 #define LMP_FEAT_PAGES_COUNT	3
16 #else
17 #define LMP_FEAT_PAGES_COUNT	1
18 #endif
19 
20 /* SCO  settings */
21 #define BT_VOICE_CVSD_16BIT     0x0060
22 
23 /* k_poll event tags */
24 enum {
25 	BT_EVENT_CMD_TX,
26 	BT_EVENT_CONN_TX_QUEUE,
27 };
28 
29 /* bt_dev flags: the flags defined here represent BT controller state */
30 enum {
31 	BT_DEV_ENABLE,
32 	BT_DEV_DISABLE,
33 	BT_DEV_READY,
34 	BT_DEV_PRESET_ID,
35 	BT_DEV_HAS_PUB_KEY,
36 	BT_DEV_PUB_KEY_BUSY,
37 
38 	BT_DEV_SCANNING,
39 	BT_DEV_EXPLICIT_SCAN,
40 	BT_DEV_ACTIVE_SCAN,
41 	BT_DEV_SCAN_FILTER_DUP,
42 	BT_DEV_SCAN_FILTERED,
43 	BT_DEV_SCAN_LIMITED,
44 	BT_DEV_INITIATING,
45 
46 	BT_DEV_RPA_VALID,
47 	BT_DEV_RPA_TIMEOUT_CHANGED,
48 
49 	BT_DEV_ID_PENDING,
50 	BT_DEV_STORE_ID,
51 
52 #if defined(CONFIG_BT_BREDR)
53 	BT_DEV_ISCAN,
54 	BT_DEV_PSCAN,
55 	BT_DEV_INQUIRY,
56 #endif /* CONFIG_BT_BREDR */
57 
58 	/* Total number of flags - must be at the end of the enum */
59 	BT_DEV_NUM_FLAGS,
60 };
61 
62 /* Flags which should not be cleared upon HCI_Reset */
63 #define BT_DEV_PERSISTENT_FLAGS (BIT(BT_DEV_ENABLE) | \
64 				 BIT(BT_DEV_PRESET_ID))
65 
66 #if defined(CONFIG_BT_EXT_ADV_LEGACY_SUPPORT)
67 /* Check the feature bit for extended or legacy advertising commands */
68 #define BT_DEV_FEAT_LE_EXT_ADV(feat) BT_FEAT_LE_EXT_ADV(feat)
69 #else
70 /* Always use extended advertising commands. */
71 #define BT_DEV_FEAT_LE_EXT_ADV(feat)  1
72 #endif
73 
74 enum {
75 	/* Advertising set has been created in the host. */
76 	BT_ADV_CREATED,
77 	/* Advertising parameters has been set in the controller.
78 	 * This implies that the advertising set has been created in the
79 	 * controller.
80 	 */
81 	BT_ADV_PARAMS_SET,
82 	/* Advertising data has been set in the controller. */
83 	BT_ADV_DATA_SET,
84 	/* Advertising random address pending to be set in the controller. */
85 	BT_ADV_RANDOM_ADDR_PENDING,
86 	/* The private random address of the advertiser is valid for this cycle
87 	 * of the RPA timeout.
88 	 */
89 	BT_ADV_RPA_VALID,
90 	/* The private random address of the advertiser is being updated. */
91 	BT_ADV_RPA_UPDATE,
92 	/* The advertiser set is limited by a timeout, or number of advertising
93 	 * events, or both.
94 	 */
95 	BT_ADV_LIMITED,
96 	/* Advertiser set is currently advertising in the controller. */
97 	BT_ADV_ENABLED,
98 	/* Advertiser should include name in advertising data */
99 	BT_ADV_INCLUDE_NAME_AD,
100 	/* Advertiser should include name in scan response data */
101 	BT_ADV_INCLUDE_NAME_SD,
102 	/* Advertiser set is connectable */
103 	BT_ADV_CONNECTABLE,
104 	/* Advertiser set is scannable */
105 	BT_ADV_SCANNABLE,
106 	/* Advertiser set is using extended advertising */
107 	BT_ADV_EXT_ADV,
108 	/* Advertiser set has disabled the use of private addresses and is using
109 	 * the identity address instead.
110 	 */
111 	BT_ADV_USE_IDENTITY,
112 	/* Advertiser has been configured to keep advertising after a connection
113 	 * has been established as long as there are connections available.
114 	 */
115 	BT_ADV_PERSIST,
116 	/* Advertiser has been temporarily disabled. */
117 	BT_ADV_PAUSED,
118 	/* Periodic Advertising has been enabled in the controller. */
119 	BT_PER_ADV_ENABLED,
120 	/* Periodic Advertising parameters has been set in the controller. */
121 	BT_PER_ADV_PARAMS_SET,
122 	/* Periodic Advertising to include AdvDataInfo (ADI) */
123 	BT_PER_ADV_INCLUDE_ADI,
124 	/* Constant Tone Extension parameters for Periodic Advertising
125 	 * has been set in the controller.
126 	 */
127 	BT_PER_ADV_CTE_PARAMS_SET,
128 	/* Constant Tone Extension for Periodic Advertising has been enabled
129 	 * in the controller.
130 	 */
131 	BT_PER_ADV_CTE_ENABLED,
132 
133 	BT_ADV_NUM_FLAGS,
134 };
135 
136 struct bt_le_ext_adv {
137 	/* ID Address used for advertising */
138 	uint8_t                 id;
139 
140 	/* Advertising handle */
141 	uint8_t                 handle;
142 
143 	/* Current local Random Address */
144 	bt_addr_le_t            random_addr;
145 
146 	/* Current target address */
147 	bt_addr_le_t            target_addr;
148 
149 	ATOMIC_DEFINE(flags, BT_ADV_NUM_FLAGS);
150 
151 #if defined(CONFIG_BT_EXT_ADV)
152 	const struct bt_le_ext_adv_cb *cb;
153 
154 	/* TX Power in use by the controller */
155 	int8_t                    tx_power;
156 #endif /* defined(CONFIG_BT_EXT_ADV) */
157 
158 	struct k_work_delayable	lim_adv_timeout_work;
159 
160 	/** The options used to set the parameters for this advertising set
161 	 * @ref bt_le_adv_param
162 	 */
163 	uint32_t options;
164 };
165 
166 enum {
167 	/** Periodic Advertising Sync has been created in the host. */
168 	BT_PER_ADV_SYNC_CREATED,
169 
170 	/** Periodic Advertising Sync is established and can be terminated */
171 	BT_PER_ADV_SYNC_SYNCED,
172 
173 	/** Periodic Advertising Sync is attempting to create sync */
174 	BT_PER_ADV_SYNC_SYNCING,
175 
176 	/** Periodic Advertising Sync is attempting to create sync using
177 	 *  Advertiser List
178 	 */
179 	BT_PER_ADV_SYNC_SYNCING_USE_LIST,
180 
181 	/** Periodic Advertising Sync established with reporting disabled */
182 	BT_PER_ADV_SYNC_RECV_DISABLED,
183 
184 	/** Constant Tone Extension for Periodic Advertising has been enabled
185 	 * in the Controller.
186 	 */
187 	BT_PER_ADV_SYNC_CTE_ENABLED,
188 
189 	BT_PER_ADV_SYNC_NUM_FLAGS,
190 };
191 
192 struct bt_le_per_adv_sync {
193 	/** Periodic Advertiser Address */
194 	bt_addr_le_t addr;
195 
196 	/** Advertiser SID */
197 	uint8_t sid;
198 
199 	/** Sync handle */
200 	uint16_t handle;
201 
202 	/** Periodic advertising interval (N * 1.25 ms) */
203 	uint16_t interval;
204 
205 	/** Periodic advertising advertiser clock accuracy (ppm) */
206 	uint16_t clock_accuracy;
207 
208 	/** Advertiser PHY */
209 	uint8_t phy;
210 
211 #if defined(CONFIG_BT_DF_CONNECTIONLESS_CTE_RX)
212 	/**
213 	 * @brief Bitfield with allowed CTE types.
214 	 *
215 	 *  Allowed values are defined by @ref bt_df_cte_type, except BT_DF_CTE_TYPE_NONE.
216 	 */
217 	uint8_t cte_types;
218 #endif /* CONFIG_BT_DF_CONNECTIONLESS_CTE_RX */
219 
220 #if CONFIG_BT_PER_ADV_SYNC_BUF_SIZE > 0
221 	/** Reassembly buffer for advertising reports */
222 	struct net_buf_simple reassembly;
223 
224 	/** Storage for the reassembly buffer */
225 	uint8_t reassembly_data[CONFIG_BT_PER_ADV_SYNC_BUF_SIZE];
226 #endif /* CONFIG_BT_PER_ADV_SYNC_BUF_SIZE > 0 */
227 
228 	/** True if the following periodic adv reports up to and
229 	 * including the next complete one should be dropped
230 	 */
231 	bool report_truncated;
232 
233 	/** Flags */
234 	ATOMIC_DEFINE(flags, BT_PER_ADV_SYNC_NUM_FLAGS);
235 
236 #if defined(CONFIG_BT_PER_ADV_SYNC_RSP)
237 	/** Number of subevents */
238 	uint8_t num_subevents;
239 
240 	/** Subevent interval (N * 1.25ms) */
241 	uint8_t subevent_interval;
242 
243 	/** Response slot delay (N * 1.25ms) */
244 	uint8_t response_slot_delay;
245 
246 	/** Response slot spacing (N * 1.25ms) */
247 	uint8_t response_slot_spacing;
248 #endif /* CONFIG_BT_PER_ADV_SYNC_RSP */
249 };
250 
251 struct bt_dev_le {
252 	/* LE features */
253 	uint8_t			features[8];
254 	/* LE states */
255 	uint64_t			states;
256 
257 #if defined(CONFIG_BT_CONN)
258 	/* Controller buffer information */
259 	uint16_t		mtu;
260 	struct k_sem		pkts;
261 	uint16_t		acl_mtu;
262 	struct k_sem		acl_pkts;
263 #endif /* CONFIG_BT_CONN */
264 #if defined(CONFIG_BT_ISO)
265 	uint16_t		iso_mtu;
266 	uint8_t			iso_limit;
267 	struct k_sem		iso_pkts;
268 #endif /* CONFIG_BT_ISO */
269 
270 #if defined(CONFIG_BT_SMP)
271 	/* Size of the the controller resolving list */
272 	uint8_t                    rl_size;
273 	/* Number of entries in the resolving list. rl_entries > rl_size
274 	 * means that host-side resolving is used.
275 	 */
276 	uint8_t                    rl_entries;
277 #endif /* CONFIG_BT_SMP */
278 };
279 
280 #if defined(CONFIG_BT_BREDR)
281 struct bt_dev_br {
282 	/* Max controller's acceptable ACL packet length */
283 	uint16_t         mtu;
284 	struct k_sem  pkts;
285 	uint16_t         esco_pkt_type;
286 };
287 #endif
288 
289 /* The theoretical max for these is 8 and 64, but there's no point
290  * in allocating the full memory if we only support a small subset.
291  * These values must be updated whenever the host implementation is
292  * extended beyond the current values.
293  */
294 #define BT_DEV_VS_FEAT_MAX  1
295 #define BT_DEV_VS_CMDS_MAX  2
296 
297 /* State tracking for the local Bluetooth controller */
298 struct bt_dev {
299 	/* Local Identity Address(es) */
300 	bt_addr_le_t            id_addr[CONFIG_BT_ID_MAX];
301 	uint8_t                    id_count;
302 
303 	struct bt_conn_le_create_param create_param;
304 
305 #if !defined(CONFIG_BT_EXT_ADV)
306 	/* Legacy advertiser */
307 	struct bt_le_ext_adv    adv;
308 #else
309 	/* Pointer to reserved advertising set */
310 	struct bt_le_ext_adv    *adv;
311 #if defined(CONFIG_BT_CONN) && (CONFIG_BT_EXT_ADV_MAX_ADV_SET > 1)
312 	/* When supporting multiple concurrent connectable advertising sets
313 	 * with multiple identities, we need to know the identity of
314 	 * the terminating advertising set to identify the connection object.
315 	 * The identity of the advertising set is determined by its
316 	 * advertising handle, which is part of the
317 	 * LE Set Advertising Set Terminated event which is always sent
318 	 * _after_ the LE Enhanced Connection complete event.
319 	 * Therefore we need cache this event until its identity is known.
320 	 */
321 	struct {
322 		bool valid;
323 		struct bt_hci_evt_le_enh_conn_complete evt;
324 	} cached_conn_complete[MIN(CONFIG_BT_MAX_CONN,
325 				CONFIG_BT_EXT_ADV_MAX_ADV_SET)];
326 #endif
327 #endif
328 	/* Current local Random Address */
329 	bt_addr_le_t            random_addr;
330 	uint8_t                    adv_conn_id;
331 
332 	/* Controller version & manufacturer information */
333 	uint8_t			hci_version;
334 	uint8_t			lmp_version;
335 	uint16_t			hci_revision;
336 	uint16_t			lmp_subversion;
337 	uint16_t			manufacturer;
338 
339 	/* LMP features (pages 0, 1, 2) */
340 	uint8_t			features[LMP_FEAT_PAGES_COUNT][8];
341 
342 	/* Supported commands */
343 	uint8_t			supported_commands[64];
344 
345 #if defined(CONFIG_BT_HCI_VS_EXT)
346 	/* Vendor HCI support */
347 	uint8_t                    vs_features[BT_DEV_VS_FEAT_MAX];
348 	uint8_t                    vs_commands[BT_DEV_VS_CMDS_MAX];
349 #endif
350 
351 	struct k_work           init;
352 
353 	ATOMIC_DEFINE(flags, BT_DEV_NUM_FLAGS);
354 
355 	/* LE controller specific features */
356 	struct bt_dev_le	le;
357 
358 #if defined(CONFIG_BT_BREDR)
359 	/* BR/EDR controller specific features */
360 	struct bt_dev_br	br;
361 #endif
362 
363 	/* Number of commands controller can accept */
364 	struct k_sem		ncmd_sem;
365 
366 	/* Last sent HCI command */
367 	struct net_buf		*sent_cmd;
368 
369 #if !defined(CONFIG_BT_RECV_BLOCKING)
370 	/* Queue for incoming HCI events & ACL data */
371 	sys_slist_t rx_queue;
372 #endif
373 
374 	/* Queue for outgoing HCI commands */
375 	struct k_fifo		cmd_tx_queue;
376 
377 	/* Registered HCI driver */
378 	const struct bt_hci_driver *drv;
379 
380 #if defined(CONFIG_BT_PRIVACY)
381 	/* Local Identity Resolving Key */
382 	uint8_t			irk[CONFIG_BT_ID_MAX][16];
383 
384 #if defined(CONFIG_BT_RPA_SHARING)
385 	/* Only 1 RPA per identity */
386 	bt_addr_t		rpa[CONFIG_BT_ID_MAX];
387 #endif
388 
389 	/* Work used for RPA rotation */
390 	struct k_work_delayable rpa_update;
391 
392 	/* The RPA timeout value. */
393 	uint16_t rpa_timeout;
394 #endif
395 
396 	/* Local Name */
397 #if defined(CONFIG_BT_DEVICE_NAME_DYNAMIC)
398 	char			name[CONFIG_BT_DEVICE_NAME_MAX + 1];
399 #endif
400 #if defined(CONFIG_BT_DEVICE_APPEARANCE_DYNAMIC)
401 	/* Appearance Value */
402 	uint16_t		appearance;
403 #endif
404 };
405 
406 extern struct bt_dev bt_dev;
407 #if defined(CONFIG_BT_SMP) || defined(CONFIG_BT_BREDR)
408 extern const struct bt_conn_auth_cb *bt_auth;
409 extern sys_slist_t bt_auth_info_cbs;
410 enum bt_security_err bt_security_err_get(uint8_t hci_err);
411 #endif /* CONFIG_BT_SMP || CONFIG_BT_BREDR */
412 
413 /* Data type to store state related with command to be updated
414  * when command completes successfully.
415  */
416 struct bt_hci_cmd_state_set {
417 	/* Target memory to be updated */
418 	atomic_t *target;
419 	/* Bit number to be updated in target memory */
420 	int bit;
421 	/* Value to determine if enable or disable bit */
422 	bool val;
423 };
424 
425 /* Set command state related with the command buffer */
426 void bt_hci_cmd_state_set_init(struct net_buf *buf,
427 			       struct bt_hci_cmd_state_set *state,
428 			       atomic_t *target, int bit, bool val);
429 
430 int bt_hci_disconnect(uint16_t handle, uint8_t reason);
431 
432 bool bt_le_conn_params_valid(const struct bt_le_conn_param *param);
433 int bt_le_set_data_len(struct bt_conn *conn, uint16_t tx_octets, uint16_t tx_time);
434 int bt_le_set_phy(struct bt_conn *conn, uint8_t all_phys,
435 		  uint8_t pref_tx_phy, uint8_t pref_rx_phy, uint8_t phy_opts);
436 uint8_t bt_get_phy(uint8_t hci_phy);
437 /**
438  * @brief Convert CTE type value from HCI format to @ref bt_df_cte_type format.
439  *
440  * @param hci_cte_type   CTE type in an HCI format.
441  *
442  * @return CTE type (@ref bt_df_cte_type).
443  */
444 int bt_get_df_cte_type(uint8_t hci_cte_type);
445 int bt_le_scan_update(bool fast_scan);
446 
447 int bt_le_create_conn(const struct bt_conn *conn);
448 int bt_le_create_conn_cancel(void);
449 int bt_le_create_conn_synced(const struct bt_conn *conn, const struct bt_le_ext_adv *adv,
450 			     uint8_t subevent);
451 
452 bool bt_addr_le_is_bonded(uint8_t id, const bt_addr_le_t *addr);
453 const bt_addr_le_t *bt_lookup_id_addr(uint8_t id, const bt_addr_le_t *addr);
454 
455 int bt_send(struct net_buf *buf);
456 
457 /* Don't require everyone to include keys.h */
458 struct bt_keys;
459 void bt_id_add(struct bt_keys *keys);
460 void bt_id_del(struct bt_keys *keys);
461 
462 struct bt_keys *bt_id_find_conflict(struct bt_keys *candidate);
463 
464 int bt_setup_random_id_addr(void);
465 int bt_setup_public_id_addr(void);
466 
467 void bt_finalize_init(void);
468 
469 void bt_hci_host_num_completed_packets(struct net_buf *buf);
470 
471 /* HCI event handlers */
472 void bt_hci_pin_code_req(struct net_buf *buf);
473 void bt_hci_link_key_notify(struct net_buf *buf);
474 void bt_hci_link_key_req(struct net_buf *buf);
475 void bt_hci_io_capa_resp(struct net_buf *buf);
476 void bt_hci_io_capa_req(struct net_buf *buf);
477 void bt_hci_ssp_complete(struct net_buf *buf);
478 void bt_hci_user_confirm_req(struct net_buf *buf);
479 void bt_hci_user_passkey_notify(struct net_buf *buf);
480 void bt_hci_user_passkey_req(struct net_buf *buf);
481 void bt_hci_auth_complete(struct net_buf *buf);
482 
483 /* ECC HCI event handlers */
484 void bt_hci_evt_le_pkey_complete(struct net_buf *buf);
485 void bt_hci_evt_le_dhkey_complete(struct net_buf *buf);
486 
487 /* Common HCI event handlers */
488 void bt_hci_le_enh_conn_complete(struct bt_hci_evt_le_enh_conn_complete *evt);
489 
490 /* Scan HCI event handlers */
491 void bt_hci_le_adv_report(struct net_buf *buf);
492 void bt_hci_le_scan_timeout(struct net_buf *buf);
493 void bt_hci_le_adv_ext_report(struct net_buf *buf);
494 void bt_hci_le_per_adv_sync_established(struct net_buf *buf);
495 void bt_hci_le_per_adv_sync_established_v2(struct net_buf *buf);
496 void bt_hci_le_per_adv_report(struct net_buf *buf);
497 void bt_hci_le_per_adv_report_v2(struct net_buf *buf);
498 void bt_hci_le_per_adv_sync_lost(struct net_buf *buf);
499 void bt_hci_le_biginfo_adv_report(struct net_buf *buf);
500 void bt_hci_le_df_connectionless_iq_report(struct net_buf *buf);
501 void bt_hci_le_vs_df_connectionless_iq_report(struct net_buf *buf);
502 void bt_hci_le_past_received(struct net_buf *buf);
503 void bt_hci_le_past_received_v2(struct net_buf *buf);
504 
505 /* Adv HCI event handlers */
506 void bt_hci_le_adv_set_terminated(struct net_buf *buf);
507 void bt_hci_le_scan_req_received(struct net_buf *buf);
508 
509 /* BR/EDR HCI event handlers */
510 void bt_hci_conn_req(struct net_buf *buf);
511 void bt_hci_conn_complete(struct net_buf *buf);
512 
513 
514 void bt_hci_inquiry_complete(struct net_buf *buf);
515 void bt_hci_inquiry_result_with_rssi(struct net_buf *buf);
516 void bt_hci_extended_inquiry_result(struct net_buf *buf);
517 void bt_hci_remote_name_request_complete(struct net_buf *buf);
518 
519 void bt_hci_read_remote_features_complete(struct net_buf *buf);
520 void bt_hci_read_remote_ext_features_complete(struct net_buf *buf);
521 void bt_hci_role_change(struct net_buf *buf);
522 void bt_hci_synchronous_conn_complete(struct net_buf *buf);
523 
524 void bt_hci_le_df_connection_iq_report(struct net_buf *buf);
525 void bt_hci_le_vs_df_connection_iq_report(struct net_buf *buf);
526 void bt_hci_le_df_cte_req_failed(struct net_buf *buf);
527 
528 void bt_hci_le_per_adv_subevent_data_request(struct net_buf *buf);
529 void bt_hci_le_per_adv_response_report(struct net_buf *buf);
530